urlscan.io logo urlscan.io
SecurityTrails logo

geotvnews.com Open in urlscan Pro
2a06:98c1:3121::c  Public Scan

Go To Rescan Add Verdict Report
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-mini...
Submission: On August 28 via manual from SG — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 140 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is geotvnews.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 10th 2021. Valid for: a year.
This is the only time geotvnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
54 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
3 3.33.218.136 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 192.0.66.184 2635 (AUTOMATTIC)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 142.250.186.66 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638:1::4 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2620:100:a001::4 19750 (AS-CRITEO)
2 178.250.2.148 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 178.250.0.139 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
140 24
54    2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)
geotvnews.com
3    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.nl
adservice.google.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
www.googletagservices.com
adservice.google.nl
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    3.33.218.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: a34bf39343adbcc6d.awsglobalaccelerator.com
hindi.indiaaheadnews.com
2    2600:9000:223f:6600:1a:c2e0:e40:21 (United States)

ASN16509 (AMAZON-02, US)
d3pc1xvrcw35tl.cloudfront.net
2    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
www.sangbadpratidin.in
2    192.0.66.184 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
globalnews.ca
2    2606:4700:3035::ac43:a242 (United States)

ASN13335 (CLOUDFLARENET, US)
www.deadlinenews.co.uk
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
partner.googleadservices.com
7    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
4    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
54 geotvnews.com
geotvnews.com
328 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
pix.eu.criteo.net — Cisco Umbrella Rank: 7955
csm.eu.criteo.net — Cisco Umbrella Rank: 8150
72 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
285 KB
6 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13652
ads.eu.criteo.com — Cisco Umbrella Rank: 7878
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10157
81 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
33 KB
6 gstatic.com
fonts.gstatic.com
122 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
3 indiaaheadnews.com
hindi.indiaaheadnews.com
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 3094
20 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
3 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
10 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
87 KB
2 google.nl
adservice.google.nl — Cisco Umbrella Rank: 14414
660 B
2 deadlinenews.co.uk
www.deadlinenews.co.uk
284 KB
2 globalnews.ca
globalnews.ca — Cisco Umbrella Rank: 89393
172 KB
2 sangbadpratidin.in
www.sangbadpratidin.in
62 KB
2 cloudfront.net
d3pc1xvrcw35tl.cloudfront.net
551 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
104 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
647 B
140 19
Domain Requested by
54 geotvnews.com geotvnews.com
12 static.criteo.net ads.eu.criteo.com
12 pagead2.googlesyndication.com geotvnews.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
geotvnews.com
6 fonts.gstatic.com fonts.googleapis.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 pix.eu.criteo.net ads.eu.criteo.com
3 hindi.indiaaheadnews.com geotvnews.com
3 fonts.googleapis.com geotvnews.com
cdnjs.cloudflare.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
geotvnews.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.nl pagead2.googlesyndication.com
2 www.deadlinenews.co.uk
2 globalnews.ca
2 www.sangbadpratidin.in
2 d3pc1xvrcw35tl.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com geotvnews.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
140 26

This site contains links to these domains. Also see Links.

Domain
demo.tagdiv.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-10 -
2022-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.indiaaheadnews.com
AlphaSSL CA - SHA256 - G2		 2021-08-31 -
2022-10-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
globalnews.ca
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-03 -
2022-11-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-21 -
2022-11-23		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Frame ID: EE2CFDCC39747FCCEA60028318CCC0B5
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: D7459E8EDF017303EDDDFDB7F43D47F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&adk=1812271804&adf=3025194257&lmt=1661710047&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047513&bpp=2&bdt=952&idt=311&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8097845874171&frm=20&pv=2&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=326
Frame ID: BC33D509BFA259D65090455F9B285725
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Frame ID: FB5FF0CF34FDF877E49CB17110830126
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Frame ID: 0DA5ED3FF4C085CCD00D2333228F7182
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EFE91A1BC8308FEAD3C4F3E83DB6DF5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE4202C2301BD6A30174956135F9543B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: 98C474ECF80744073D79112B84CADEF6
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Frame ID: DAABB054A11869E764AD1AC6ABC39201
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found | GTN News

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

140
Requests

100 %
HTTPS

74 %
IPv6

19
Domains

26
Subdomains

24
IPs

3
Countries

4474 kB
Transfer

6766 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

140 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/ 		45 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a3930b9204ec738c05a965fd431880635f5b8dcc6ca38476490aabe973df84

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
741efc526a86b82b-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 28 Aug 2022 18:07:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://geotvnews.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLznv0zWG5lCmQqx1GSbDBl%2F4kZ3IMfsMapuPRgF%2FTVGyDV2Cd1eZb8caQ%2BESK5wPwSZD0wK%2BkNh%2B1zUqDWfoctA3UyZPHJYX9fSdC59TNY5nlkl9WyuzRiuD2DD70nu%2B%2BGZIt2sWNAHeHEo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
MISS
breeze_2d4a5d41aa0edddd4a25f68240e5e0ac.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_2d4a5d41aa0edddd4a25f68240e5e0ac.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb20d76ed76ce0dfbfa441d734837111328680445ecbce81c908aadf400b51a4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
998612
cf-polished
origSize=88933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Aug 2022 03:22:45 GMT
server
cloudflare
etag
W/"62fc5f05-15b65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvfAq46%2Beib%2BPY0A5T83533Pq4Q6xQqDDbDVOQPaTKlXu7FtVrRIzQzAWtRcVoZ8aQsFLJbTjTfAgkcTcOsGpWdSvQTZOIApMtnmeBJCSbptxncdTvuoFUMa%2FnunSWWbW%2FZIkDAMyLXfLzoK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2feeb82b-AMS
cf-bgj
minify
breeze_373e2ced73d8b0296fce93b55df01b0b.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_373e2ced73d8b0296fce93b55df01b0b.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26c4efb42c7abd7813fb6de3c1666aba67f29f40f4d3bf16f75da4d0161a1082

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
896907
cf-polished
origSize=7853
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 03:23:27 GMT
server
cloudflare
etag
W/"62fdb0af-1ead"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qq2djQAuam0%2F1bwrworoUY%2BiRYJ6Fzihhhd5r%2Fa6HDZtkWAWymgViSFncgLmZpL7a7l6n6nISnzU45k1NtPRr016oDcRe9Dd6NpH46rRGn05XV7RSUVl0CXK%2Fk07lsD8dFeXqd20MHmeT0qd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ff1b82b-AMS
cf-bgj
minify
breeze_79fbdd5b889248e6b63949f94a17f7e6.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_79fbdd5b889248e6b63949f94a17f7e6.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0ae1399f45efb489e3320d008fba2cc60921e5f400c88167ba76eece1f3d5f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1695426
cf-polished
origSize=35066
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 08 Aug 2022 03:22:25 GMT
server
cloudflare
etag
W/"62f08171-88fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvC7sAaq3cQ3%2FC%2Fad992QH3IITSlPgwCP24Zuvl8UuYpM1nzwlwoyxWEjk%2FABvW4y1R7nRtvqog3AAlFnzkjkxqG8a2xEGI9ZeTpEE5z4QgDHp%2FxlrxZ1DEXWN3WiZ8Vr38%2Fk2kIQkYmBcia"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ff3b82b-AMS
cf-bgj
minify
breeze_f3ac790d9f3b6de4b3369c1195d22d58.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		103 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_f3ac790d9f3b6de4b3369c1195d22d58.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d6f8269115f0afafef24c1e706b11684e2da91c8b143dc495d6d0270e215f6e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
cf-polished
origSize=106334
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-19f5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D22VEPA8w%2B5TtCQdc7MpQp%2Bz%2FvEA34xaPW3BHpAf5xpOHkcOr%2B%2FBjGbZHN3q9toZPe%2FGEI2rZz8RlhZkrOP%2BvOJkcX%2BJRNxLTYHmzF6WILw8wQ3z98mTIpv3AV%2FQzVMLd1W%2BTjqyKO30cGd%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ff5b82b-AMS
cf-bgj
minify
breeze_ab2dddde0c5012a79423f51073c6eaae.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		125 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_ab2dddde0c5012a79423f51073c6eaae.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fe7186aad5f8c825ff9b0f71122894e333dacd6d995d71fc0ccf57f76976d45

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331068
cf-polished
origSize=128707
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 03:23:07 GMT
server
cloudflare
etag
W/"6305999b-1f6c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IqinAY%2F4Bi%2BJjBmVfVXO85K%2B%2FtNjhAJDnTrvDppieGi5T5JuYFutsFxLQXeG0SoO4mBuBDqgD7V0jTTe7NqAhvdvvCGFLEGFY%2BeZB6EirFE2OA2bOvJqTtneUyquZR%2FIU8q47t6%2BHcgHoVjy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ff6b82b-AMS
cf-bgj
minify
breeze_e4ed8c69499db88e807d5a1049dd3f94.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		514 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_e4ed8c69499db88e807d5a1049dd3f94.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd6b63392bdb95ab364135fd0644fff6d18b786a92d2d3b4e6277f8fc17a2ef8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90162
cf-polished
origSize=526879
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 27 Aug 2022 03:22:54 GMT
server
cloudflare
etag
W/"63098e0e-80a1f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giEbrzNwz8hMq0qkvv7Oux7MHkuKwebozYAf5%2BANdB7Fde4T3LEwf7ejluxhzAqZ%2BABMHmrz7U1CdZQ%2FQ8sHFDWYZCpTqmpco5IMAhrAmREtE95IB7UXmGho5sWSuYIL8yPKWH%2BHzPF%2Blioj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ff9b82b-AMS
cf-bgj
minify
breeze_9a630eddb130096078e5db631c303a40.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		2 KB
682 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_9a630eddb130096078e5db631c303a40.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe4e898d4aa53e3e2ae6cea069c18cea2c75da45b2ebc6d375e92013ab3a947

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
998612
cf-polished
origSize=1984
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Aug 2022 03:22:45 GMT
server
cloudflare
etag
W/"62fc5f05-7c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWwvdGGWss0Ypy8bmC81OXz%2BXXZ7PjvIZpQxUOeoufbP5W9zPyjI2Y6AmUZqPi0Zdk%2FkzMr%2Bk487mC65CUrzFJr2M55aPL199DdxVWCDAzU8N7XU4yQ6qVZGqroktKGyvQgLvlRCGwUdzYZx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ffbb82b-AMS
cf-bgj
minify
breeze_5c008ab496f610597ced02202090b92d.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		332 B
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_5c008ab496f610597ced02202090b92d.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca577b92bf1e208af3779d8e4410ee2884e87d3d366c590590f50fbe543061fc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1685200
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Aug 2022 03:21:39 GMT
server
cloudflare
etag
W/"62f1d2c3-14c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKMTwcEMl75TBk8tJWSussMhHfO6Ybpgwhl0GSDkYj84anr3sp515H89hUil8wB5D5Tz8Sx5qvBx8yns8IH30T5ToL%2FtXHasGd5xdcN58rNPW9Ee%2F1ANRvdny7d42oXZ9DTwfRRPn0HAgJPQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2ffdb82b-AMS
cf-bgj
minify
breeze_196ce3a18a7ea8d44859b0f871c58ea5.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		286 B
495 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_196ce3a18a7ea8d44859b0f871c58ea5.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
877d75d9a49ef28540c98df6aaa20a33fcc68495af7a7b688f5b5ea2cf6c5e52

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331068
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 03:23:07 GMT
server
cloudflare
etag
W/"6305999b-11e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KIT%2F8SDsUoyRgQh6%2FXcZ%2BEESFzeQGyfLmsnXeB95vfW42b0e4lzk6B%2FQdQDTVPHw1L%2FTEWhT3kDDqTmLBJiq7Fk9C4LzmDT6DQ28CctCzcvNJ0Xun936d1heAOOquwJctckOHJKd31%2BKHai"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f2800b82b-AMS
cf-bgj
minify
breeze_2d7795f40048f9457a659a3c12c07f35.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		369 B
486 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_2d7795f40048f9457a659a3c12c07f35.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaf68dc67124065f1c8931e60403c41c0964f8c80a5f018e94853a182e88a9a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
331068
cf-polished
origSize=371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 24 Aug 2022 03:23:07 GMT
server
cloudflare
etag
W/"6305999b-173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5MIIAgVzqfPzBACrbl7SsXQs%2BJHQ75y%2Ff14J2qKI9xJCzik5cw6IjhGOj%2BDCl7Oqif1j4OvOLkfPnaro5A9yDO0jLmddRw9aBe0%2BEaQRmry6U0HmURb%2FD5IjN1erSEHXtJwtL%2BUiuVucV%2FL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4812b82b-AMS
cf-bgj
minify
breeze_22836af935b1f1a8c8cf74e09770e396.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		1014 B
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_22836af935b1f1a8c8cf74e09770e396.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85007e6b3bc15a5847c52b15106cb9b2dd923d308e223dfa0196175f1421a144

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
cf-polished
origSize=1015
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-3f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4f50BouOWB9cgclPOTcZK0z8y2G9Okd4p3ySTF5XMyPX3riQQXzLcz1ZlxMYhF7p%2BWfxSOFlw8DONsGgj1L6XDxdMF1kT7Fm0hEM7lOIiOVagjFXQ9l6MB47zGhgQAoJpQjb3bLxX6RO7lg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4815b82b-AMS
cf-bgj
minify
breeze_2ab4220c35210f0d06d99270824dbb74.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		369 B
508 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_2ab4220c35210f0d06d99270824dbb74.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339c9b2622a37cb0e0f3845dfb3872b621331db4e7dfc5942ec9393b0b195d18

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
996280
cf-polished
origSize=371
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Aug 2022 03:22:45 GMT
server
cloudflare
etag
W/"62fc5f05-173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMzZyrNwQRrRo6E0pp4tZOIoaue4m8g3%2FBf6IJnsubuYsTOQFVV315vhQDt0naPStS0AKSLX9Q7OdG1px9VAw3dmDtzup%2FV4eIotGdn4pbfgm7cXShYTZQ8Fka8tLdzCFuF2CyKOzsGTfs0y"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4816b82b-AMS
cf-bgj
minify
breeze_f3f63468fa58c00a794b8dac7ed23648.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		2 KB
865 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_f3f63468fa58c00a794b8dac7ed23648.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f80c76d8970d4ca33de7ac22df96a203d430b21ff3441d9524fe99dcbf0373

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-7f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fFYksCD3Yr%2BoMAB9k7YZKFtvKt7eGiMvpetilQ%2Bjdn%2F8uEthVnWorcJ8PiqYOHu8MN%2FzRMF6pUPdNsntFTafQ9S%2BI3XD4XpoZ9ClMXCeWl4HzDw7aUD81LHZiV9fObNZMHiZU6lB1bVYFRB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4817b82b-AMS
cf-bgj
minify
breeze_153a9aee3260a4ccbb754df4bd01a87a.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		377 B
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_153a9aee3260a4ccbb754df4bd01a87a.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40502156d4e8e60e71fc98fbeeb7edfaebd0cf2de08f6e50b6bc062410dec8f6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
410925
cf-polished
origSize=379
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Aug 2022 03:22:45 GMT
server
cloudflare
etag
W/"63044805-17b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExGOfoSyEW7PmuC0pb6p0M%2FkeS%2FGWMP%2BoGmr%2Bo21v%2BrHsAg9oyE9P1bZR9MUD%2FyuY29ZFcIyOC3xMgu5ZlElBOuNpaV3sXsBbPbNvbIHS3ssWvpNVfL0lkek2086HuwQgfsmFuvQLaIQWPwv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4819b82b-AMS
cf-bgj
minify
breeze_b1e07bb79da578dc4b8834a8a85ef534.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		853 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_b1e07bb79da578dc4b8834a8a85ef534.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9343aed18d1b167da2675e94c0401c353547fb88a95a0a572eef55d21e24b24

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
cf-polished
origSize=854
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-356"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSYaPdj9vjFeDCspn%2FKv5Gbilb2drCBmZrXs3HXvTUKn924hcHwP8mTrG3eTA68XV7jeKXLjddYde3ylXsbf44u0Crd41u8ECdnV3YQmNyfUWgbqq%2BetmVsP5KrQSk2PZFlnPQ9Kn8%2F%2B8bZp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f481bb82b-AMS
cf-bgj
minify
breeze_b1590527f7411394dc9a1d1c5985739e.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		328 B
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_b1590527f7411394dc9a1d1c5985739e.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb6d0a9d399c4af82ddf2d08f08f418a6b04387b10ef35b6f1e9e76f7603145

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqU5E%2BEgiFEwVJ8p1VCcsqRLXfsYb9tHr6J6gC0i38tjNXiME8l4hfy9yXo%2BC%2F4XqorMN5LW%2FpYdYiR2PQNRLTAQe%2F5NTxOdRQlbV3bLucdCOh%2FOnMxoP9l4pslYbJxvBTZ653vHLKAABKC2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f481cb82b-AMS
cf-bgj
minify
breeze_cab714b918f44539b0e241b10e817be1.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		959 B
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_cab714b918f44539b0e241b10e817be1.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b185d0499db22c8d0d824e46b740da5e2ae2540f285313009c8960cb8ab83630

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
896907
cf-polished
origSize=965
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 18 Aug 2022 03:23:27 GMT
server
cloudflare
etag
W/"62fdb0af-3c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxN0q4vkCfCRw3qmL8c%2BjEtXFEXRo2NnHBInAguvpVFmAB9i1txURqjNmrgNzUs9qCMSUjj4DhaqGTllezSXvQF6t9iub%2Ff0ICR04yxjrnYVVEce%2BFmlb7Mr0r2ONE%2FiIq3CguGEUSCJ4ABn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f481db82b-AMS
cf-bgj
minify
breeze_8b8d9a12b186d18d8f485f3efff6bdad.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		395 B
649 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_8b8d9a12b186d18d8f485f3efff6bdad.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cafc583149b03892c3aacfa66ccf103e11784ebe6f3d5105cbc00456d107a58a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
cf-polished
origSize=398
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-18e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FmlxzeGJMr4VPLnz2zHiSAZ5KSdmNe6ibedXMp43hJxS5Q5jav25v51jSqwWer3QejnuHKy5Z6nx8SKGgZsg1j1XDZccV0SFYVnoL5Kbyp71jlCH%2BxD6o5xARleptwRpbqmRZrWZdasMLaj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f481fb82b-AMS
cf-bgj
minify
breeze_659799f3c89463ce10d1b95f511dd95e.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		552 B
545 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_659799f3c89463ce10d1b95f511dd95e.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e3f7aa47cf554ee62c4fc2067f7b9c16ed3b6db007f4bfa76f64fd5c5be621

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2181466
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 03 Aug 2022 03:22:27 GMT
server
cloudflare
etag
W/"62e9e9f3-228"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Do2ZiRp%2Fw8GxlmPjgxoztIHymJ2Zg1NHyX6cBPelVUs5DZ4fspJqQoHeDwrhbBicsCn7OL1rMvA2NcVNBhK1hUBXd%2B26%2FcXZ9bhWGRalAXHCWrnHRvUO4EWUANZE%2Fp9iqNMcV%2BSh1DMOoc7h"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4820b82b-AMS
cf-bgj
minify
breeze_28715fe1a41fe2c257c9c44ec4b15f6f.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		382 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_28715fe1a41fe2c257c9c44ec4b15f6f.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03684c9bdbc877b00c3c335894c0516bbb9fec3eebd7d643434729042c8bc00

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
998612
cf-polished
origSize=385
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Aug 2022 03:22:45 GMT
server
cloudflare
etag
W/"62fc5f05-181"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqtZeFL3Nlabv31KQ98m7lVUrxh%2FqpI%2BxqdMXcRfHK6%2BJ2ybPSm3fP4YtXDF4QxyponpsD6GJo8IhAhatV1hAHPIJI0XmVEVRswy0cCDFV85cofSTgbtUA4rJYu7Kbn1ZTSgSempqexZ6bXK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f4821b82b-AMS
cf-bgj
minify
breeze_03ce0b9bc75de4ee07632e4bbcc3b1b5.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_03ce0b9bc75de4ee07632e4bbcc3b1b5.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0316490e4924e0552dc342e46eaa0bfcc2b4029499137a156ac3f37d7130b2d4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
996280
cf-polished
origSize=7498
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 17 Aug 2022 03:22:45 GMT
server
cloudflare
etag
W/"62fc5f05-1d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8hL6bruI8GfZG%2BeFdkNmJcAIsRM4rcUHiZwpGyjekAqpX9zONvfdkv2%2FRDh6QNaXkon%2FO05PnJ8xnniiMYL5SpmZKc13QfmSmE9SnXPMNMT%2BsCQdmJlBDSC%2Fgn9L3jGEeJT%2BPF8f9A6T4Oc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f582ab82b-AMS
cf-bgj
minify
breeze_ed0bf4eb537b0619b5c0d3e1e9e63708.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_ed0bf4eb537b0619b5c0d3e1e9e63708.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17bb13a97d410c29c5b7787a9b15b138951d2a88b5e7d2102624a06502895800

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90162
cf-polished
origSize=12608
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 27 Aug 2022 03:22:54 GMT
server
cloudflare
etag
W/"63098e0e-3140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCxHn2Ve4SENv9PND1bc3Hy9LhTzaRHN4TyTuSWMw83PmIxBX7OUkCSbJ96S6WMcMK1VaT7QUJcsrtLrxFwZEkpzZVb9aOaISV8zi0Cl5lzygZjhrC2p9k3CeI9DkL0wBuOAVpTRC579Cpzi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
741efc8f582db82b-AMS
cf-bgj
minify
breeze_438b42ad61bbd08ad01c62e540272f45.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		292 B
424 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_438b42ad61bbd08ad01c62e540272f45.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f1ad60115ae0b866331e99523b53cf7e5e77d9cb0146c48f8ab17527ccbeec0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-124"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZCC%2Ffd17mEvHRQTj7hRH4gi929JLlvFQ1dXjISDmXN5wPNeuwEn3lJmzcihVARnMi8wkbMk2QmE4URfxxPFFmEYgE7McGzZt81KSrLkeblbcWt%2B5wJ4o5vXjkxP15P6lk4OpbIujCgsu3Vd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f582fb82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_a055e158eae58ee39345f3e33d0191a3.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		793 B
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_a055e158eae58ee39345f3e33d0191a3.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9a8108fc47321bbfcb304fd83900891a8c005b77e13f82949f56d0419eb6dc8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-319"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4k1BFvTvvK1KpJaIcAIev5ght8v8HahgKHhdxwdokGAIrRhnTnPHqRkcihqMaJcd5l4Gz4CxW1FUVLgWQOO5TttNVsA4Lts0gCH6aY8ESkfSS5KGlgVUNKYCNO10dbM2yTNwj3C4%2BHov7eJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f5831b82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_93eee9fba6131168df8ba1f7cc0b2c85.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		294 B
424 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_93eee9fba6131168df8ba1f7cc0b2c85.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4467b01f7ca736935f7076c037b2b16f592a7410b3c66d6b0cb06ee80400fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-126"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTAmZ84biYhWhGOgZCex14ZLKKb6oi4A8xPeN6VoeP8q86IWb3nEbdwUBfV%2FuqTa6qII8UptSS7Qcof9W3oeVjwla8bLAZPzpSGtKGcKys8ridiVMkzhA2EiufkGUUiMQSniLr8dJ2eF8VX6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f5833b82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_bd3dc6cb355665ae8444f1c02662af2e.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		410 B
459 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_bd3dc6cb355665ae8444f1c02662af2e.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c778af4da6524c8275053d31e9912cce832952ecfdab66d1e0765d9bedf4a500

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-19a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUQBlfqIzGaPRVzxUG5N%2F1LNy3fbGuNxAIrzCuE5FIUL2BwrMyqjAEBFP4Ed3FQl8Wtc4scizt3GOqCmRFn1SXPJtH8z2dTDHeeD62BYkPgHn%2BnttEfzOH8PW01wB9Qqdfe%2BNZKLoIo%2B6lxU"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f5834b82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_1d1870f3f7b58c081f8d2e0d495100df.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		324 B
453 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_1d1870f3f7b58c081f8d2e0d495100df.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7250b917b51e125655010efea1755789864accb21e0b3e9445581c16121974

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeKCTGwzt5kow2HC4oFih1%2B6EoF%2Bn9LmuRMtbD3gyr%2BsXfkvXSU7kinalojX5BjCDEuM8ee6B1LlUXGrZNXe1sIzJ3JW70Am7jZSKC8faKaxPFZrMCy6EmoBKYRdVT47gawXZGntrmewBkeL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f5835b82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_92810bba9c80fb99ab68b75ec8e07912.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_92810bba9c80fb99ab68b75ec8e07912.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd54007cd9304aa8f307247d1a37108572f265fa5b921301fcc185356103721

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-fe2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk9SxxyLuJf9nhJRVwY4vYfi0wlSiBgWAMnFWTS6p9qQBksbX%2BqOvm43gisRZYxQI4cWQr2lwGtQ3N8jpVUeN5KOyaOf3DwDinQQrPuDPqIgOMrf%2F7DHpAv4TJEvnsb8S9tSHe1NbvUgldWd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f5837b82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_b27b8407f1e8e2a00b46137e1558a3b3.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		272 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_b27b8407f1e8e2a00b46137e1558a3b3.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77698f53b5f088fd67498fd663082177781b461e5d555be01568dfa8e1b59f0a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-110"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfjhWIdy%2F4zB0HS5T6%2Bpzg%2BCo4Z8qOlyX%2Fd1604F1ksVgSyI3EMtfva%2BXQZCdO2eDIKtTPqh24OoTsbA47S5Zw1aJ3pCfZpqC9OpKbpyk1mgLIskPz7wIaZJLabVfdonAJuWnrSFDEKvsqxa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f5839b82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_7b0afb36d9d4fd697eba940c821743f1.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		491 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_7b0afb36d9d4fd697eba940c821743f1.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed9c8f1904f79f2d1ae8ed15b1022f0e15ee630058d8e228afab796db68cf10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-1eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mF4rBspuZrJ%2FR37rWGVvGIJ%2FiJiNdPv1%2BsRoMFP5R51t4tiTCeTRJrJk%2FvH4aUtP%2BpVCE97D9PiOx2eTO9ctq2NNupe0b3wJgzh9euwvOFAvGhhcBp%2BwQaM4DQl2pI0cfvJB2j8uaSGftXYS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f583ab82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_75e18f51344e2d7713b9ef3949cddade.css
geotvnews.com/wp-content/cache/breeze-minification/css/ 		521 B
512 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_75e18f51344e2d7713b9ef3949cddade.css
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c23db81c2c62a15a07e869b7cb5cdf527cc1196739a8de83870498ba11e86c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:25:09 GMT
server
cloudflare
etag
W/"630ae015-209"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40WH9Crpe5q53bfzQb7OY0HAGQDZGrXXmChcLyeRGcMyXo%2BCoWGHZ%2BCkjAClGzUPRxAlMOJ9pqc%2BvXsIG%2B2ePfWGLdQpg4czzcRcvvghNXiMDB4dSOtHFtRlCvqKt2ptYugSOFGcflF2DqaY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f583cb82b-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CRoboto%3A400&display=swap&ver=11.3.1
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c943b419d090488721aca8e822663c98d7cb6cc483dae5636914088f059d8907
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Aug 2022 18:07:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 28 Aug 2022 18:07:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Aug 2022 18:07:26 GMT
rocket-loader.min.js
geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 23 Aug 2022 11:02:51 GMT
server
cloudflare
etag
W/"6304b3db-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXA6EPgXFj6MbYTVAmrf%2F140z2Q%2FXRDjU4eCyTwVDSYAXPJfX2GYTeTXZzUTTO1b64Czfwl3qp7tdoiqSOrXz3DU84GxegkYsMkpzD3HuMHj2F%2B3oKg4efJs9Dn9In%2B5ThfqLx5RLTq6Rw7M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc8f583eb82b-AMS
vary
Accept-Encoding
expires
Tue, 30 Aug 2022 18:07:26 GMT
breeze_0bf9a8e5051fead43a5ced725a6ae193.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_0bf9a8e5051fead43a5ced725a6ae193.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da6149d780945d21193ac85dab5afd9771f3345e92d240ddaa6b082ab0674ab2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 03:23:15 GMT
server
cloudflare
etag
W/"630adfa3-2220"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QK8x1NnV2O%2F6vscBHn8dI%2BiPGL1RGch2SZ4Gc7fOxNx5u4A1J%2Bq%2BqxxD%2BUGky%2FBTibI0fpKdzqFZ6W%2FtkuK6%2BYOVYJKV71%2BNiks%2BDVL82qANUL7EAL%2Fybf47a%2FGOiE%2BP2XaBaHgaLDMrwMYQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc9218be0c11-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_982e63b9df5bc589c984194d03326c52.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_982e63b9df5bc589c984194d03326c52.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e1bdbf5a428b83750056eff8ba311ec6240e25a8b4f58a9143e97d8f54451de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37359
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-9b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUYx6O46OQLJt%2F%2FJLS9o3pbL%2BEhR6Q0rdCqLz9eOi8cqRVgbvquRhOEaE%2Fj1gi7J6p3YsGvYYRgy%2BRNJkMPlHll3QvzuU6D71w8Cqp8hNn2%2FJs6vkLtYpnFUZYQ%2BJq36m%2FcMDv37sWjdR6ed"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238db0c11-AMS
cf-bgj
minify
breeze_9f20ec3fc15652a5df5aeae4d30a1826.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		216 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_9f20ec3fc15652a5df5aeae4d30a1826.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8d1cabf2ccaeac00ec10b9e98e8fcc67321e304cafa11346f186676f627d1dc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21549
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 12:00:31 GMT
server
cloudflare
etag
W/"630b58df-d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulu0Ae9gWXztdYFf69zW8mRWYODdsPFeNBctNcu643mF8i5iwHFF1NhNsEhcLpEj4%2FKHAcr2rtMw2hZ9FgDXfPhnBTG6bcMKyHmJzybyuyHialLoUoncmUWvHewslzkwFjeiBiwGPEAukFlE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238de0c11-AMS
cf-bgj
minify
breeze_bbbb2bcdad7e957368b477160506ca0b.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_bbbb2bcdad7e957368b477160506ca0b.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db03e49e2773f8bdc3b683543eda6cd178c19d05140c243868e169ceeba0e4f3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37359
cf-polished
origSize=37584
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-92d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMT3BtW5%2BEO%2Bl%2F%2FjjOsUfjKYIhpOuRmQ1fd%2FbdBWX4pfqTsc%2B%2F46O8t7nBwhHPwY8D%2FPjg%2BuIStfTMwv5sCCfIUDfTYsI8IS62B35Q6c4qaOPH9gZb38C%2FhBeOuSofkgfCo05C2blw50IwyK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238e20c11-AMS
cf-bgj
minify
breeze_5600d76c03adc941105ddc309bf0d704.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		257 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_5600d76c03adc941105ddc309bf0d704.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c4361d8ea42a314724fbc26c521d4f3f6999c6a4dc3732336ec6434fee3451

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
cf-polished
origSize=263708
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-4061c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n89DPRiGrqYcy2MfPTTm8kJheYEg8%2Fgf4R6%2FT7EQB1OM4C9N25ZbwvQa6%2FEK%2Bep6RDY4BouaIwWXkPCD6q6gax9xRGZu7QU9hSXpgwrsOd4tJQ2UZwAHQjRSl9H2PqIgBNTX9o2DIquz8wcq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238e30c11-AMS
cf-bgj
minify
breeze_1f3a53741c1556ccb17f2bca0060003a.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_1f3a53741c1556ccb17f2bca0060003a.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a9764e668b317f469b0b5b8c584af3a01cb38a356915e00e2cc60ce500ac72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
cf-polished
origSize=5282
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-14a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5N9%2FJm9EO5k5FhBLnVY87o33rfGJoZYN0KMwFL6T4CacgwetkiAcwwbNa%2FmOSWkPy3clB1tKxj9HKzXVu64M1Obr6FPZccPN5ElPtKaJWQUQSlG2VCkd4QvHRwSDUays5tNRti0cH%2BpaPel"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238e60c11-AMS
cf-bgj
minify
breeze_860e90238275aa10ee09683cfb8abb77.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_860e90238275aa10ee09683cfb8abb77.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
074914a68efc16afe0e812394824c3a2050d602db987cecaeff32c019c22d8db

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
cf-polished
origSize=18912
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-49e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYxTNIhpm5wkIi2PC2G7SagON2%2FAt6ibB7w9Q1zMoqG9nKSHeedL7M%2Bh8b%2FPZ4X2aW8c%2F60veoWBRTDk62a7xKS5Mzr5TkKx0BXWJqoPdnRZXtjewwe5sY3mM6hFh5jRAR9ULoYiBGeKdY62"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238e80c11-AMS
cf-bgj
minify
breeze_9d727d0ea6f8d188ce2483fbd0be2227.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_9d727d0ea6f8d188ce2483fbd0be2227.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb5da9ae75616524e70e3069e9c4360914caa2016870ca2ecb036b204a2f3e62

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 18:07:26 GMT
server
cloudflare
etag
W/"630baede-1b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYJAls9XsRorM8hlQYrXVgn4LOfE9%2Bmjq4w9S1nCGKtTBHkYOBkQ4lJQ8rmKBtOem6oB7EFpfe2sm%2BI13XdED%2FpvTCBMcuBU09ZnHO%2FG0Opk0cNji8sK0nTKmYvD0C8IX97W1DiP88lY58q%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc9238eb0c11-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_96aa70e645da775a1d7db42d88d9c946.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		45 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_96aa70e645da775a1d7db42d88d9c946.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoZwrstTt%2FkfjnOVou9j6aXX%2BB9nJc9sjG2mGra1gUkc88Fe5iP5xutb5Bn6e7KxXhcIlYm59vC1yTQytYyZeQGxH56741b3RBFLatJw1kgB0b1JVx1fPWTQhkDXafQOMjWprgqZztoIv6KS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238ec0c11-AMS
cf-bgj
minify
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		167 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2297571418107277
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6499de4244d00eeb771a107c832081afca7b513bb76471232543d6a6f2f766d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geotvnews.com/
Origin
https://geotvnews.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57752
x-xss-protection
0
server
cafe
etag
3039171051957257234
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 18:07:27 GMT
breeze_2208c6ff84de87661659da2f7d89b105.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_2208c6ff84de87661659da2f7d89b105.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3365f26146eee80dc2b94e01298b0344989185c07d0a8cae18603b35cdd62d3e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 12:00:31 GMT
server
cloudflare
etag
W/"630b58df-f04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBVR3arOkRN2nXduDL9fc8TNRfeEKG5LJ6KQBI34IuGdLHBFw2vo4D0PETaOkV4V9rFAI8aCIxwKlUAJlaNQAUsxyDoA5XulK09uVyDpR3z0e%2Fl4P4musYljXYT72VCWsD5g10lOOwvTWgan"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238ee0c11-AMS
cf-bgj
minify
breeze_398c3b2e3484e4f24f00fd79335aaa3f.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		181 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_398c3b2e3484e4f24f00fd79335aaa3f.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57cf8787460745d0d35f43374dcd3e83c2d01ab5b78d8d5ec46318fc17022f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 12:02:15 GMT
server
cloudflare
etag
W/"630b5947-b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcK3cFrLefDqhuEaOl7bfxFMlBJYNp%2FtH1EO1y3BzCM6a9h8xnjU7isNyL5cxA3nyTQqTBCys1optPW3c9vRHbbOEn9xxPqLWD9iDk0BUGxBViSC8BefAw3xKGWXyIc0lYH2Joih0b5siXnF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc9238ef0c11-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_84d2bde61cf3604a8834dc8daf66e540.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		181 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_84d2bde61cf3604a8834dc8daf66e540.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0769ea8d4d3493abb797a3ce9c17e454e0fd9c3dc14299cc4190aed37b62c310

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21548
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 12:00:31 GMT
server
cloudflare
etag
W/"630b58df-b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fr0L3RBMNmDHdw9bvygg0bgqLz9TFrxjTjTxwAHQzdhBUieL6fHp1xtU2PXuTTqWTPAXopt3DCXapB95RykWV9TFKn31g6tBqGERj8aG%2FVZhpp2y7pgwO3N2etJQhhOKHSf4IoTYd126w3N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238f00c11-AMS
cf-bgj
minify
breeze_a215b97370e9a17ec201d7120cc6fbf2.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		196 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_a215b97370e9a17ec201d7120cc6fbf2.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfa4b4d1782e2d080e59b5c9e97ba42d99d2aa12f46c520556cef6cc382d7326

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 28 Aug 2022 12:02:15 GMT
server
cloudflare
etag
W/"630b5947-c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bd%2BTymAsnk0kvf1yRKWHHN6lOQldlXUIVO8j%2B4gWVos3AJyIohYywi7rnc3rpQS5FRfcC9I0Z4EAj4McXdoobngXZKHwrrZDnUBtHjjr%2FHPN0N3aSTXAMVQsTRaQNvsWUHJCV4X9Ovm9GZMZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc9238f10c11-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
breeze_f0173abcb34eb2167763923cc660b0f8.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		273 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_f0173abcb34eb2167763923cc660b0f8.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec298fcbd8a8e810cedbaf873a10f3c15f06adc36dbc53f3aacf09820911f54f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-111"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zndNHm8V150qor5lG5eDGX0HFeDNc5MgNF0Vk0O0wbMqfUR4VMZOYeC3QPwdsguHjRSRYI1gfQPbVJOPC8EwFqGEkovhOuv4redu7swW2oc3sayojmsH3WG4MQn9f4d3Ggm5YHqn9jvTyUyx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238f20c11-AMS
cf-bgj
minify
breeze_9560e3c2969f8925944be2485b2997a3.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_9560e3c2969f8925944be2485b2997a3.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b387cd72d1c80a0c7aaf5a7e7e9f10acdb76857ebef49fc0ac0b14174fa1636

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37359
cf-polished
origSize=11226
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-2bda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtK6yUU2TOWXXVe0xs04XI70ifcHpoiV0ygiaP8o340wot%2FD%2BaMapCJy6Y1L9icMXquZp1KhKV6NffJY5tT3jqPf0BETpGzCS58%2BwAMqr4TKzlPlgh1NIig%2BCqJFg0OpOZh1FJDKjQlvzgpI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238f30c11-AMS
cf-bgj
minify
breeze_be81511d4fc54f405d272af7ad07cae2.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_be81511d4fc54f405d272af7ad07cae2.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d910ce193acd5e673d7a94ce23371b223bb0eea8bcb4d1705bf7770ca15e38

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
cf-polished
origSize=89522
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-15db2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjsYAZUfSm%2FeGzfycSR%2B3nMMCUNW06D736JpYS2wZg7wNR5nOXZhBuypyK86pDnk5DFiXILh1w9BUtgkXcpJq042yO0XLIvgeExMunZ4nM90xae80aTVuzXMRObXFDUfleYfq2n4guvGhjvg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238f50c11-AMS
cf-bgj
minify
breeze_1243734d976c9247d8def4d0de1fde19.js
geotvnews.com/wp-content/cache/breeze-minification/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_1243734d976c9247d8def4d0de1fde19.js
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd07b14501e929142dcf53430b7a798e1b1bfe97af1fa3404fdf56cce4e0e502

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37358
cf-polished
origSize=2153
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 28 Aug 2022 03:22:52 GMT
server
cloudflare
etag
W/"630adf8c-869"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFFt%2FzAogh7I9QJhCIMje86DA0pP28SEBYZYU8qvJWFTh9t6emelEpEOEeGbF1LlZZfc6BBgcObm3LfqLwQS0eCVjE%2FWCOJZmZu3IBSjl4om0bfSfJUrZ7ly4kLc9xI76zHbcbCxbvfbofBL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
741efc9238f60c11-AMS
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		107 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-212483097-1
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
734b039aed38e0f69f759ae47d2649df7fb99b970a604c613334e661329de369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42040
x-xss-protection
0
expires
Sun, 28 Aug 2022 18:07:27 GMT
cropped-gtn-300x300.jpg
geotvnews.com/wp-content/uploads/2021/11/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geotvnews.com/wp-content/uploads/2021/11/cropped-gtn-300x300.jpg
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_9a630eddb130096078e5db631c303a40.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4845601adffad8b8d9d4af240e28ee6127caddbc1de1cb3af747f085e0b5de5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_9a630eddb130096078e5db631c303a40.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37359
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13848
last-modified
Sat, 23 Apr 2022 06:40:48 GMT
server
cloudflare
etag
"62639f70-3618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6hWwAAbMB749M7yLmnxv80H%2BBiNWLca4unCsrOVe92SfQ7eJoU6D37qTekqNtKQCtb7J6mZ2p0%2BpHI18SQ8IbHsR4dxfUZb%2BbDfFPewl5W68TqKvp%2BGX7A1rnOQwhaDjq9UUNRTZoiGmiW2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
741efc9259460c11-AMS
newspaper.woff
geotvnews.com/wp-content/themes/Newspaper/images/icons/ 		24 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_f3ac790d9f3b6de4b3369c1195d22d58.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd

Request headers

Referer
https://geotvnews.com/wp-content/cache/breeze-minification/css/breeze_f3ac790d9f3b6de4b3369c1195d22d58.css
Origin
https://geotvnews.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 23 Apr 2022 06:41:06 GMT
server
cloudflare
age
37359
etag
W/"62639f82-6120"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ0vLNJPamZxTOMlEcf9bsFTKYibO35LOpFtflFLj1eLDjiJCfVwGSu9o%2BXttavnUdCyl%2BfKJ0XeSWMdl70dkWYYvafpJAg0mbpWN5EnxtP7rejXPP0YSa0oujzKiMw7%2BLM%2FaKgDlQXibjOG"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc9259590c11-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CRoboto%3A400&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://geotvnews.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:50:24 GMT
x-content-type-options
nosniff
age
515823
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 18:50:24 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CRoboto%3A400&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://geotvnews.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 12:56:05 GMT
x-content-type-options
nosniff
age
537082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 12:56:05 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CRoboto%3A400&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://geotvnews.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
514772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 19:07:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C300%7CRoboto%3A400%2C500%2C700%2C300%7CRoboto%3A400&display=swap&ver=11.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://geotvnews.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 16:44:52 GMT
x-content-type-options
nosniff
age
523355
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 16:44:52 GMT
wp-emoji-release.min.js
geotvnews.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geotvnews.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_1243734d976c9247d8def4d0de1fde19.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 03:07:14 GMT
server
cloudflare
age
37357
etag
W/"628d9d62-48b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7BfhZNEms0UG3g%2By%2FBP1QevIN5F8IlnqDpyVxoWO0Dw68hATVtC6kUy9GdKq8JmziLcHTwq1oi4QQkCTT95TOkNU7s37IoFEKTtcGNzSuFSDASSF6edjRNyYqV7mK61Xaq8usznLv7toHYE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
741efc93ab9e0c11-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212483097-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4725
date
Sun, 28 Aug 2022 16:48:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 28 Aug 2022 18:48:42 GMT
js
www.googletagmanager.com/gtag/ 		170 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5Y2RFZKE0T&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-212483097-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
883321bdad5d0f9efd585cba7800d466f2e3d90a77e41671d6b1929867cf8e45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64062
x-xss-protection
0
expires
Sun, 28 Aug 2022 18:07:27 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1561105294&t=pageview&_s=1&dl=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20GTN%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAAC~&jid=1369078553&gjid=885497200&cid=407710660.1661710047&tid=UA-212483097-1&_gid=39638152.1661710047&_r=1&gtm=2ou8o0&did=dZTNiMT&gdid=dZTNiMT&z=1367711093
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://geotvnews.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geotvnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/ 		342 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2297571418107277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7a9c2add467c3494ce5fd393e01e709d167bf021d9abe9a73d22e8f4cbfe57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123332
x-xss-protection
0
server
cafe
etag
8024463943383933360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 18:07:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame D745 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2297571418107277
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geotvnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
85443
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 18:23:24 GMT
etag
8616628553774171045
expires
Sat, 10 Sep 2022 18:23:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5Y2RFZKE0T&gtm=2oe8o0&_p=1561105294&gdid=dZTNiMT&cid=407710660.1661710047&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661710047&sct=1&seg=0&dl=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&dt=Page%20not%20found%20%7C%20GTN%20News&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5Y2RFZKE0T&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://geotvnews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
K-L-Rahul.jpg
hindi.indiaaheadnews.com/wp-content/uploads/2022/08/ 		752 KB
753 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hindi.indiaaheadnews.com/wp-content/uploads/2022/08/K-L-Rahul.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.218.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a34bf39343adbcc6d.awsglobalaccelerator.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
467f09b1312b4083fa2f4c008c84533ae5babd4a9fb33b1a4e1b14511ade33f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
last-modified
Sun, 28 Aug 2022 17:44:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"630ba987-bbe89"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
769673
expires
Thu, 31 Dec 2037 23:55:55 GMT
catsgnpe_202208874430.jpg
d3pc1xvrcw35tl.cloudfront.net/images/1200x900/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3pc1xvrcw35tl.cloudfront.net/images/1200x900/catsgnpe_202208874430.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6600:1a:c2e0:e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.0 /
Resource Hash
e9554d8e468e2c895735c601c057c9efb559db3dfab4e532231c2ddc50ca2bb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 16:33:01 GMT
content-encoding
gzip
last-modified
Sun, 28 Aug 2022 14:26:48 GMT
server
nginx/1.10.0
age
5666
etag
W/"630b7b28-44fe2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000, private
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
BFU26aN1TtheH3J-3NsUG9WV4KF8-oJEAkTJ8XH8QxqSVfvgdR3h7A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
Ayushmann-Khurrana.jpg
www.sangbadpratidin.in/wp-content/uploads/2022/08/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sangbadpratidin.in/wp-content/uploads/2022/08/Ayushmann-Khurrana.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d137ed0726e3c80cb91d9c1e18f2c0abbe5ac78644eefa0704ca669108fb5470

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9381
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31301
pragma
public
last-modified
Sun, 28 Aug 2022 14:54:05 GMT
server
cloudflare
etag
"630b818d-7a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjuBzYF9K1IND2WF6P9D2HebHdtqqG9GFoKhwzrBPPtwZm01S3kDVQwvv28vQ5czj%2BAeFgbjCR72WM2%2FJn2ryNYsCGIiQxyNywER18Hd0GEBfD2wvQiI6JynZUxUB9onbwzXQY94jsD2I1ASK08A5M%2BmDz4P"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
741efc968cd0b89d-AMS
expires
Tue, 27 Sep 2022 15:31:06 GMT
Danielle-Ballantyne-Murder-Scene.jpg
globalnews.ca/wp-content/uploads/2022/08/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalnews.ca/wp-content/uploads/2022/08/Danielle-Ballantyne-Murder-Scene.jpg?quality=85&strip=all&w=720&h=379&crop=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8f5b21add6d1ec44370c673b9c17be05fae0b7ec4f36fbd253066abb39cc9709
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
x-rq
ams8 109 196 443
last-modified
Sun, 28 Aug 2022 18:07:27 GMT
server
nginx
etag
"1b1e6761b4587000"
vary
Accept
x-cache
MISS
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=86400
accept-ranges
bytes
content-length
87650
expires
Mon, 28 Aug 2023 18:07:27 GMT
PierreNoveille081Crop2-scaled-e1658503352448.jpg
www.deadlinenews.co.uk/wp-content/uploads/2022/07/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deadlinenews.co.uk/wp-content/uploads/2022/07/PierreNoveille081Crop2-scaled-e1658503352448.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b4c73ca73fbb94e71aafff984335027c466cb9ed06dc37506eb94405a14505

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
x-rocket-nginx-reason
File not cached
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
x-rocket-nginx-serving-static
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
144255
accept-ranges
bytes
last-modified
Fri, 22 Jul 2022 15:22:32 GMT
server
cloudflare
etag
"62dac0b8-2337f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWAtMD7i3hw30XBGln1AKM%2F9jaKmPZ1WJxxHMa34rN7OJCGyHamnLtprwkJvt7ztrX2ugonQd7fovlu2zYjv0GSi4k5tsjANV%2FmfeUFlJa%2FjpgNgwPnTWRKJF9z4nfV%2Bmem6lHTaFVsZKfIXJY6uQY%2BQw4Fk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-rocket-nginx-file
/www/deadlinenews.co.uk/www/wp-content/cache/wp-rocket/www.deadlinenews.co.uk//wp-content/uploads/2022/07/PierreNoveille081Crop2-scaled-e1658503352448.jpg//index-https.html
cf-ray
741efc96df659290-FRA
expires
Tue, 27 Sep 2022 07:54:08 GMT
cookie.js
partner.googleadservices.com/gampad/ 		217 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=geotvnews.com&callback=_gfp_s_&client=ca-pub-2297571418107277
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1eea394fcb325c66111e24a90a5b50e1bd36162997de9376793cee8a903d34d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.nl/adsid/ 		107 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=geotvnews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=geotvnews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC33 		56 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&adk=1812271804&adf=3025194257&lmt=1661710047&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047513&bpp=2&bdt=952&idt=311&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8097845874171&frm=20&pv=2&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=326
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a5daabbd33ca885d3f05bdbddd2e7c4eea592cd07309b01745126e54614d422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geotvnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
14418
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:07:28 GMT
expires
Sun, 28 Aug 2022 18:07:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a34bf0f85efc5a75b29b9f20767fff9f943f815f2e7a567ba9bc310bfe924efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 18:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11157
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FB5F 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79cc4eb717bae008a44dad34b147360fe698abd4bc7ec5db46766f107af7be01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geotvnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9892
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:07:28 GMT
expires
Sun, 28 Aug 2022 18:07:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Ayushmann-Khurrana.jpg
www.sangbadpratidin.in/wp-content/uploads/2022/08/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sangbadpratidin.in/wp-content/uploads/2022/08/Ayushmann-Khurrana.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d137ed0726e3c80cb91d9c1e18f2c0abbe5ac78644eefa0704ca669108fb5470

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8710
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31301
pragma
public
last-modified
Sun, 28 Aug 2022 14:54:05 GMT
server
cloudflare
etag
"630b818d-7a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SvI7q4IGayrLMN0N%2FJFKSSBKBXTDvxVArW8UAyLcirKFn1RsYvxttGmnF2718K0YNebntDMxQVjgWflcLM2hxq4BNG3oXvc8UgBLZ8pWm7v57biTnapaU06xi%2Bf2O8Xwfm2usyQg6rsLrx%2BIyVFP8MNznon"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
741efc977be7b939-AMS
expires
Tue, 27 Sep 2022 15:42:17 GMT
Danielle-Ballantyne-Murder-Scene.jpg
globalnews.ca/wp-content/uploads/2022/08/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalnews.ca/wp-content/uploads/2022/08/Danielle-Ballantyne-Murder-Scene.jpg?quality=85&strip=all&w=720&h=379&crop=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.184 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8f5b21add6d1ec44370c673b9c17be05fae0b7ec4f36fbd253066abb39cc9709
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
x-rq
ams8 109 196 443
last-modified
Sun, 28 Aug 2022 18:07:27 GMT
server
nginx
etag
"1b1e6761b4587000"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=86400
accept-ranges
bytes
content-length
87650
expires
Mon, 28 Aug 2023 18:07:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 18:07:28 GMT
catsgnpe_202208874430.jpg
d3pc1xvrcw35tl.cloudfront.net/images/1200x900/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3pc1xvrcw35tl.cloudfront.net/images/1200x900/catsgnpe_202208874430.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6600:1a:c2e0:e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.0 /
Resource Hash
e9554d8e468e2c895735c601c057c9efb559db3dfab4e532231c2ddc50ca2bb7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 16:33:01 GMT
content-encoding
gzip
last-modified
Sun, 28 Aug 2022 14:26:48 GMT
server
nginx/1.10.0
age
5667
etag
W/"630b7b28-44fe2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
cache-control
max-age=315360000, private
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
A0ureoSJa63429yDohhpxAz-9qa80Uv-wBe1VWFKVcsMrsXg0a_cEg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
PierreNoveille081Crop2-scaled-e1658503352448.jpg
www.deadlinenews.co.uk/wp-content/uploads/2022/07/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.deadlinenews.co.uk/wp-content/uploads/2022/07/PierreNoveille081Crop2-scaled-e1658503352448.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:a242 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b4c73ca73fbb94e71aafff984335027c466cb9ed06dc37506eb94405a14505

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
x-rocket-nginx-reason
File not cached
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
x-rocket-nginx-serving-static
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
144255
accept-ranges
bytes
last-modified
Fri, 22 Jul 2022 15:22:32 GMT
server
cloudflare
etag
"62dac0b8-2337f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BSEwsMrn7n7ZRHe8PjX6BODzlx3L86jJ4fRyiz1F57iSHzW8KMBvTN%2FMJovWfvuzCek54EUIaTsJZtcQe2VrTi84Ablpasf4mlQeQegyq%2FozF4rHe6DJXrOO%2FETLNv2RfOwDXyDFR%2F3of0ZfeC9UnA3yOE6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
x-rocket-nginx-file
/www/deadlinenews.co.uk/www/wp-content/cache/wp-rocket/www.deadlinenews.co.uk//wp-content/uploads/2022/07/PierreNoveille081Crop2-scaled-e1658503352448.jpg//index-https.html
cf-ray
741efc988d41bc03-FRA
expires
Tue, 27 Sep 2022 07:54:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame FB5F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 18:02:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame FB5F 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:02:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 18:02:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB5F 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 18:07:28 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/reactive_library_fy2021.js?bust=31069152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
354390e0052cedd10e66aa43af81d8fb3a0379ac775dd6586fb5a72ec29dcadf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54512
x-xss-protection
0
server
cafe
etag
7415487058663194777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 28 Aug 2022 18:07:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-2297571418107277&eid=44759875%2C44759926%2C44759842%2C31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-2297571418107277&warn=12%2C13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220824_115019&sat=1661627845195&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.184&alldns=0.184&allp=52&fd=(0%2C17%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1519&abl=false&rr=n&su=geotvnews.com&pvc=4263114681739553&r=0.1&eid=44759875%2C44759926%2C44759842%2C31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame FB5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyLaD364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS8Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2HKp5URX-6M-2RPXBFp9G-Nmj4QrgpDcr7Jsj36jpo58mW6nllKqABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI5NzU3MTQxODEwNzI3NxgA&sigh=S7EIvETs6A8&uach_m=[UACH]&cid=CAQSGwCsnQUx5BwZ8GADdFB2dwN4BwbBkYDIT7f8sBgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 28 Aug 2022 18:07:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 28 Aug 2022 18:07:28 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame FB5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kIDhCbz6ROwFmAKdg2ICAgAAAO6S2FPm-u7JEN-uC2O_rTzz4v76UMMM6QASAAA&wp=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
server
Kestrel
server-processing-duration-in-ticks
340308
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0DA5 		115 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b492d0965ce7215a6d35fb6d3c6823f35a9c78d3a2d0d21115cca597ad33bd0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:07:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rIoiJdSGMLkJJmGAqNSmkeL2nMJ1zZ0NscFKIzJSAS7C7iEsDZ5NBKGG334sLLTjftVpvjyRjOUrFq9oRrubxLNczNXsgwG34dq_3oPJE5Hu1jK9EhhoEiQgpQKgu4aUn8Rd4vxVsMozpfNb4uyKjlNcm9iYvG-8GIrxG7m1Ihr7AN3F7gefepaw4jByfx5yEx9M1FUjL1hCWm0BG4quDaNIWjpeEr0lMlO318K4f09S89ymmvsIg7lT_peowoygP-blWw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
75999070
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EFE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geotvnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
2346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 17:28:22 GMT
expires
Mon, 28 Aug 2023 17:28:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FE42 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
daaa0258df5e8b486b4d511f570ec2739511bb227d91494088d23a6950219438
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MzxSmCEGMcIlBmrOvmqwLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://geotvnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-MzxSmCEGMcIlBmrOvmqwLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:07:28 GMT
expires
Sun, 28 Aug 2022 18:07:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame FB5F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94868f41deed9a5e4ab6553644a2c0f4742f9d3d6270626a11e0660347fcc4a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-2297571418107277&eid=44759875%2C44759926%2C44759842%2C31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.nl/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=geotvnews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=geotvnews.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame 98C4 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2297571418107277&plah=geotvnews.com&bust=31069152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://geotvnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
75464
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Aug 2022 21:09:44 GMT
etag
8616628553774171045
expires
Sat, 10 Sep 2022 21:09:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame FE42 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=4263114681739553&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
adview
googleads.g.doubleclick.net/pagead/ Frame 98C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPvto364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBL0CT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0SyXGxNLafByXpTjav3-dI7M5HYuwUJ6-n7nhiVxMezid_O3IW8WABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjI5NzU3MTQxODEwNzI3NxgA&sigh=D5mhNWcUDY0&uach_m=[UACH]&cid=CAQSGwCsnQUxh2IfNdVvWUnKuP3xpWdTIu06-G-hJBgB
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 28 Aug 2022 18:07:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 98C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kIDhCbz6RO0HfJ2DYgICAAAAeS9M4tAmOWEQ364LY-j0EvPjKqIcI2BiABIAAA&wp=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
server
Kestrel
server-processing-duration-in-ticks
322978
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DAAB 		107 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e6579044f5624e6ddcd411783adff71f3032a86e9db0a398e5e221b22430ea31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 28 Aug 2022 18:07:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=57UiEtSGMLkJJmGAsH9I-CFrJjwg_Lq3BKH1dMLhV-7xhb7dF1tGvtTlawF65Ln4EQ5uo_fe0GtuepXheu25QJE031eCljkMjzKOjRjrpXY8YXtkaycB1WMEBOVyKv2mm07gfOLybqrouD1qb_cl4EZFPsQhZWeu6PVA_KZOKMIzktxmYXLfVvaalFvlR9__ALhcfo2q-xZSeUKcKjOK8giQ0cL_K8PcHUIaHFlzs68GWob4RtFRoLYQbLAmDLpAsZIc3A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
84276773
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 98C4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:02:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 18:02:58 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 98C4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 17:51:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
972
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Sep 2022 17:51:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 98C4 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44079
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661341966742178"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 28 Aug 2022 18:07:28 GMT
BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
pagead2.googlesyndication.com/bg/ Frame 1EFE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 26 Aug 2022 20:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
164493
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14190
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 26 Aug 2023 20:25:55 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0DA5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 0DA5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0DA5 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 23 Aug 2023 18:07:28 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0DA5 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 23 Aug 2023 18:07:28 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0DA5 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HYFDkTb6uavtcgcQLU3ADtW-LOG0exRQMgJhIlUgXFY17lRVsC3QBtPsznO38q1L0af-AuP9yMucmp9UfzkdmozFd3qEH5ZUoKJzIGlE-0dm8P7xn6yGpx6haCR7e1e1Uk9HdMds3r7jch0q1olRO7Lrf5rSS-JEm4_xUWwq6uq_0qtnSVv78uyvYw-Chxc4Gqu4MfWa2inMLOrQyWbaAZstZPC0dulWxAEpFg4FwNCSQA71HRunpEuRuvLjPPcMwyURXjmX0W7DNc9Ewz9baLxHBzpIwdX2SkcZj0iZO0LP239RqbgC33m1FGYCbDOt22XhxbR1Cj6grQdlrCVfu15nDooFWoj3XKrlUU4DgcrIcJNsxEL3rU28YfkzFFA0NBX0WfXVroMNNIgwqFTd-lExhZfJ4KAkpcGz2pj_BpA-ZghL
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:27 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3278272
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0DA5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
340300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ReJrECvXAXP6yBbK%2BWwPOGus4%2Blm28NWbDDlZiuADankJhutmHHBQ5LLLVSC04vbknkjuIPYM8RZ1PsZfVn9xBrJdnjWtg1lN1UFySrPzFCITTHUcGnztYoZ%2BuAqNYQhoZ3QdF1%2Fb1rt7wv2pMcdesL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
741efc9aca6fb924-AMS
expires
Fri, 18 Aug 2023 18:07:28 GMT
truncated
/ Frame 98C4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c0b7aaddcf065ebe08213a37a61d5a4c460e3b60da5bb6b75bcf3045acc1c0d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
image/png
animejs.js
static.criteo.net/animejs/ Frame 0DA5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
img
pix.eu.criteo.net/img/ Frame 0DA5 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=52920&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=196&s=PLbi8KMxw2VwPweMG6HGBwDR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
49ae1cb8c4f139beb5d828ee2823aa505b9fd5ca7455766659a2832bd8f5da1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28472705
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13048
expires
Mon, 24 Jul 2023 07:12:34 GMT
img
pix.eu.criteo.net/img/ Frame 0DA5 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-fast-dissolve-tablets-5-mg-200-fast-dissolve-tablets-4192.jpg&v=3&w=800&s=3oglo8F5WV04vNy2-xHkZYKn&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
d6143553685875a2ae05c0a6fbf6f5bfd19a182675df84e3eaf63996419ee01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29958862
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
12860
expires
Thu, 10 Aug 2023 12:01:51 GMT
all
csm.eu.criteo.net/ Frame 0DA5 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rIoiJdSGMLkJJmGAqNSmkeL2nMJ1zZ0NscFKIzJSAS7C7iEsDZ5NBKGG334sLLTjftVpvjyRjOUrFq9oRrubxLNczNXsgwG34dq_3oPJE5Hu1jK9EhhoEiQgpQKgu4aUn8Rd4vxVsMozpfNb4uyKjlNcm9iYvG-8GIrxG7m1Ihr7AN3F7gefepaw4jByfx5yEx9M1FUjL1hCWm0BG4quDaNIWjpeEr0lMlO318K4f09S89ymmvsIg7lT_peowoygP-blWw&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 28 Aug 2022 18:07:27 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy.svg
static.criteo.net/flash/icon/ Frame 0DA5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DAAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame DAAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DAAB 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 23 Aug 2023 18:07:28 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame DAAB 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 23 Aug 2023 18:07:28 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame DAAB 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=AxefCfRjA49zFR0GvEzlxpPplZ5hPYD8b0C6uOLfCgoUY6jHT1ZFzZpAQRoaZyojp53WVUWz5fU71tuZlFVsQykQx5FTR7gPg9dy9Btuum11FPshsExktyoLq2GaOX5a6lO2bh88BQYHnL_HzFXsP_zapniHNrgav_wKzlgOansblGrDM__ti84Yt-Gb0XG4F3243pz2a6n7U8dzhCsmrVlbMVYcB87j8Mhl-mIQV6fMsGf3n5FoSe84yuy17Z0ZpchGaWvWeTZ--9NoC-f2fe68dbmkUTPOlr7FMZFDnI_MHn2z5OtFT682FOC05kGi-z_CEKaYfe1LHmVXojHvlII5bqIWrr6qt-UQGg8l1T_hbLDboCmPHbEdeVgHxrEUAwq8HV2XArKJYzveId_W3CJ1pZnR-WvGvKKAcKTLBhzKOf7e
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:28 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3082917
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DAAB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
340300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvcJtUvX4uSeZIdlyRbLSDVHQhs7qIJt4VKNJOY82ecZEVRQNW9Xo78KUahf1AETKLM%2BzHRfSN7YhYRkZnSVy9Drq6PW4oSeimV3HviggeaQvTQdufZa9OyAgBc9zAaKsBW%2F%2FQ0UtGq4e0PoB2PSyQkk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
741efc9b3b1ab960-AMS
expires
Fri, 18 Aug 2023 18:07:28 GMT
animejs.js
static.criteo.net/animejs/ Frame DAAB 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
img
pix.eu.criteo.net/img/ Frame DAAB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=52920&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=196&s=6zvad8tmukhWgWaw-L6jwi8N
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
49ae1cb8c4f139beb5d828ee2823aa505b9fd5ca7455766659a2832bd8f5da1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:27 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28472705
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13048
expires
Mon, 24 Jul 2023 07:12:34 GMT
img
pix.eu.criteo.net/img/ Frame DAAB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-10-mg-120-tablets-4231.jpg&v=3&w=800&s=nUCuHb_r8A4_deQe9m4QzbgB&b=1200
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
5b9e1ca0eadda5d58109104a334e910c3b06ac36c0159afd502e04ce948df47a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29943230
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
10308
expires
Thu, 10 Aug 2023 07:41:19 GMT
all
csm.eu.criteo.net/ Frame DAAB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=57UiEtSGMLkJJmGAsH9I-CFrJjwg_Lq3BKH1dMLhV-7xhb7dF1tGvtTlawF65Ln4EQ5uo_fe0GtuepXheu25QJE031eCljkMjzKOjRjrpXY8YXtkaycB1WMEBOVyKv2mm07gfOLybqrouD1qb_cl4EZFPsQhZWeu6PVA_KZOKMIzktxmYXLfVvaalFvlR9__ALhcfo2q-xZSeUKcKjOK8giQ0cL_K8PcHUIaHFlzs68GWob4RtFRoLYQbLAmDLpAsZIc3A&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 28 Aug 2022 18:07:28 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
privacy.svg
static.criteo.net/flash/icon/ Frame DAAB 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 23 Aug 2023 18:07:28 GMT
css
fonts.googleapis.com/ Frame 0DA5 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Aug 2022 16:42:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 28 Aug 2022 18:07:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Aug 2022 18:07:28 GMT
generate_204
tpc.googlesyndication.com/ Frame 1EFE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OrfDvA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame DAAB 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 28 Aug 2022 17:53:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 28 Aug 2022 18:07:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 28 Aug 2022 18:07:28 GMT
K-L-Rahul.jpg
hindi.indiaaheadnews.com/wp-content/uploads/2022/08/ 		752 KB
753 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hindi.indiaaheadnews.com/wp-content/uploads/2022/08/K-L-Rahul.jpg
Requested by
Host: geotvnews.com
URL: https://geotvnews.com/wp-content/cache/breeze-minification/js/breeze_be81511d4fc54f405d272af7ad07cae2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.218.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a34bf39343adbcc6d.awsglobalaccelerator.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
467f09b1312b4083fa2f4c008c84533ae5babd4a9fb33b1a4e1b14511ade33f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:28 GMT
last-modified
Sun, 28 Aug 2022 17:44:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"630ba987-bbe89"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
769673
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DA5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
514773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 19:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DAAB 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 19:07:55 GMT
x-content-type-options
nosniff
age
514773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 19:07:55 GMT
K-L-Rahul.jpg
hindi.indiaaheadnews.com/wp-content/uploads/2022/08/ 		752 KB
753 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hindi.indiaaheadnews.com/wp-content/uploads/2022/08/K-L-Rahul.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.218.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a34bf39343adbcc6d.awsglobalaccelerator.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
467f09b1312b4083fa2f4c008c84533ae5babd4a9fb33b1a4e1b14511ade33f5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:29 GMT
last-modified
Sun, 28 Aug 2022 17:44:39 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"630ba987-bbe89"
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
content-length
769673
expires
Thu, 31 Dec 2037 23:55:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=4263114681739553&bg=!ZmWlZSHNAAYUOm8VNDo7ACkAdvg8WnXlIqqzltDGLxPym63Z1v6QqM09qjRB2pP00tjCYOzmxbMl3AIAAACKUgAAAANoAQcKAFS_CHhQ7t_Yg5_hL9IfMKdYDjOVrYEVukmiEtp0k0jCbqzJVZeNLjOAxgb5KU0v3BDHM-UNWNNqZjUwfTePfuiU5TWMqsAjTQygSPjES2eib6Y_3T2ZAtn96SstOvovmXyIu4XPl0nDHZz_BsgdqpqBe6rntWzW-UpfOMq1bYerw-vSxc6-XvcuE-B0zqg8E-kIDeLKQ8j_SF2CfquIuzAaFcQcKCy9s5v5VRRJHxG7-04vfaQQD9yAc1LjFoj6FFDtz08HtSVfskSP-sicag8HXdF4IrPROq1_YX4DrziEyOvyBjlWaxsIWHhBdnMzen7966sDwKzIjtYbJJzTMc02jrvSsPCUVn0y-8i1if6NIhmo_-j_-IvPBm2zRaoRb-WZUh8hSj-dIxb7ZKyuXyp8Qxbb051ycddg44nNEH9cnux3xo6y01ebabnkhaSy_ETxvcgUIO5vvzJgsNtEaJ1OPOIYFo_TvfeHRTTjikrgEuLqjpoV_z1aVCATy2ExDdsiSuZNBCJj26p8PlPT6iKbKn8CyPxqd47GsxDXH09iboIIaYd07XYcS3obAdZ_4Vng7aUwTtzPWYZmxlguUOAEgcv4FXxyqnYrz-IFhkOoxIFjTuJfO_ygXRF1iYOoUet5juAFe-4T53X9-JXR47FfH6Gujfe88jn8R_5IQkOfDWRwuXVsfXyaQG62xnyNlFt_ZAZf-gA89GbPcL_M3Jesgg-cJuuw4IYvIAtOUa3l35SHUbfUdYiAjJ40rs7qkeFv2GsQvTbZvqruU1G7Y1x3c76rT_ITahVFo3typdKHviTlJHliM08w-YrD2xff6t6Ni-cqgDboS9ckRHouMm1gj_gkhCMqz-vS9bepWWGVuPvmkIKZbVFHLSXM57BcEPJrddDUMesf8n5M-jWsvisaZb_kdBvDe9HQVUhckcOV2vOiuMQzAQu2uMWrhkXoSjzp6yaV3QeTOPQ0V0tNUsScTnV2R1t8Xgs4dyxUYYYUTq4Q4sDfqpVPVNeCva8RBCa0nfhJP9KKL598_3PcuCPiR7L1iSc0TNr-oItKji_Ot-2gkDMfXiIY8I-BOjNvZKY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame FB5F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaSJ0XSjy4I0XG38NknLDHQp082AlrpYAcrJysUeLhb3InOKXJeuV8TyZU3quKljEpssuA4Sx_siDFhZK-sJWuDJH5&sig=Cg0ArKJSzPhKCZ37tJqMEAE&id=lidar2&mcvt=1000&p=0,0,280,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1874142133&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661710047852&rpt=409&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 0DA5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=rIoiJdSGMLkJJmGAqNSmkeL2nMJ1zZ0NscFKIzJSAS7C7iEsDZ5NBKGG334sLLTjftVpvjyRjOUrFq9oRrubxLNczNXsgwG34dq_3oPJE5Hu1jK9EhhoEiQgpQKgu4aUn8Rd4vxVsMozpfNb4uyKjlNcm9iYvG-8GIrxG7m1Ihr7AN3F7gefepaw4jByfx5yEx9M1FUjL1hCWm0BG4quDaNIWjpeEr0lMlO318K4f09S89ymmvsIg7lT_peowoygP-blWw&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOrPsKGdIHAABGtVccScLyGC4ZPJNgSA&u=%7C6HabIDhkcu7vU0XCMmoJokadUaxmvBC4mhKny0Tfrqk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jCP7mK61106khXAv8pR5LPjqYORkA2YvvFEImTb-l6qpcYu4bfTPHUOOctkK-f44qrPw69UvE402kjJGm0hiRzhuCSKegRVifyVPPEQG26X-7hjoZ2oFwhRD4PJjg0v0fRBRL7BFhHrlpB1XsaGE7EZtV04_leJzG13H0uQVc-SHKBq1ZlfKFhafbApatvgcV25j6a7BBccgm9teQj-Xl0pPNRPTQMTxNSJudQnyhVKrOUR11Ad1dNymtJO4F--ONxh82fy0ViYauTXHfbPaH70tPrhRpkyWKptkw8jOIWOLXc8V5D4TnBJ24viccsqr8ph8Xiunl0x9nl7-tHRcT1y-gvvs1jPXCyc3syVsAQkw9SvuMZLiKa79KOyi901KmARnWuMtRZkABgclm-JJzukh-QxCKPf9uumjs4fGVKafHZPL6jO3SL7U9XcsJEDQt3paBHB7FFrhG_uvgNFUeUJePS-yk-SpjWUXQqWLFTdzAtJtgsHBCK5qXx4JN1V84T9bEPrJeH8fdXJnaFAsVUVdVJLTSX3EoA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6WY4364LY_vZOoekZ7WNgagEyZ7SsVzNhuPWkwHAjbcBEAEgAGCRhKCFjBiCARdjYS1wdWItMjI5NzU3MTQxODEwNzI3N6AB1bbS6gPIAQmpAlSpVcL8t7A-qAMBqgS_Ak_QsibZ7c_oN_YRZ3Rha6cfRDjRnpYKFG_j6vwBDqnt7YRxjI0xc04nCj4VfqChTTG6gRGTq0FCnaiCYqsoG1Q7ZXH1P1vATfkgJpLgq4gmBKOhx6rHEY38LMUXMa0W7woMHJjVcdVwZ1htt8lmQvcatPOTwq_5P5y4aPVgHFAELkm5pGUGD2fMaTErxR-1-7N0lv0VYFKoJqxhBnNLNZsdND6gb44xsI45X0ne0LLEjwdczwaMxDDbxrwyTh2F42gbboUI2KUFcRf1g6E4io767fp9CmTQe2peQ4Jj2xvBjWGgsI9tY1I__Eogfp18durMQGX8Zdb3kv3S9pYCMWrPyXb1gQtemIh1-9sfxcpWkSgTOCQ2XqhYw5JxdNwJ2OFixqLgANC367zqii-pWFMeeVpWvbM-3gNhhxXMTaOABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SzY8tdlVhV-RlQUXemO20FEAB_A%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 28 Aug 2022 18:07:28 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame 98C4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFDlz77PP_fQk4pMdAB-AVPBusFmAs0gNUvjjiFpr8_U4CQHTAIRvjqr1ghhUVf2O08_zuu_zCycQUVj99RuX1g_3r&sig=Cg0ArKJSzK9H670I4zfgEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=82,763,1000,1117,1222&tos=82,681,237,117,105&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661710048276&rpt=164&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 28 Aug 2022 18:07:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame DAAB 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=57UiEtSGMLkJJmGAsH9I-CFrJjwg_Lq3BKH1dMLhV-7xhb7dF1tGvtTlawF65Ln4EQ5uo_fe0GtuepXheu25QJE031eCljkMjzKOjRjrpXY8YXtkaycB1WMEBOVyKv2mm07gfOLybqrouD1qb_cl4EZFPsQhZWeu6PVA_KZOKMIzktxmYXLfVvaalFvlR9__ALhcfo2q-xZSeUKcKjOK8giQ0cL_K8PcHUIaHFlzs68GWob4RtFRoLYQbLAmDLpAsZIc3A&sds=2&rev=82533&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ywuu3wAOdz4Hg4mKAAP6ihHFdOeC-k2r74QSwg&u=%7C6HabIDhkcu5Bl57qa4CE8HF1r34pja3o0RRHujxSoBk%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA92YyC5frr4NN0157R58m4jF-BQmoWhZfV5kbItFyPl2CLtT5RaykcR4BGdWbhRk5Mad23dxiMxn6U8AZXC7w_CWxa9TAGDki13HVsJ6tGVzlmoPAkj968ksgEuA_9A07Z2hVZwj4anXou0Ng7atF_Ow5WWER3hXWwAB5rGC720p8YdfJdJGtJXqappcxguA5VzOLmGeGY89uB6gX7c8HOi3BFqJINeu-0m1tKpF8N5FIbx-1fZgPI8FVwlSuz18Sp_6esC8gmNRiTSU1rKAbgozlW6PClRZkz_dfuuVLyR91_aUndWUU8IqEiubdyQ_v3OhI6wDJiaNtKRlOTmHGJ-Z1AOCgyoNT9V0yTwVeNsTURQnmVpcjFYBGe0tZ4lKhYrWOSfAayySO5ljoCzcWYESgEzizJxd80-TJxDSOucyPlffk5p3w_KHXPA978YLGx_U-mPe7YyFFTcwbBYdHqNSZYwJpadujfYcPc3N9ZE9mAmQAxfe_SI24gBL8iXlU06RgOPdHYBOvLjFBoVHjLj8llzF1uvQrcOtvOS8AUklTl8ux2DXQKng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5R_w364LY77uOYqTjuwPivWPsAfJntKxXMWMi-CaAcCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi0yMjk3NTcxNDE4MTA3Mjc3oAHVttLqA8gBCakCVKlVwvy3sD6oAwGqBMACT9BGT7udDbrKrYQ2MAd-PXiOwkOjhjCUzeS7vD2xxpDqW6OKm-HK8WuVujgXycVVYW6_6t-1NLFA4j59f5ubUGkqaQKZ7vLRHdDBwwfcqBcrCkFGTn_XLVHY7KvGb9ijCxpNF5wTiq1GOM2UNDhgXNWTDBdK4sYCOYLUCHSCSATRvqfl6wrAJ7sGs6khspCk_id1y-Qhtea-ul9M_Ot3kbI2VjERRU49SZ65pL7nJlUqKwssk-08V2nYXKzO7wd9HgiWkcXQU1Fd2oAa75hdlrydlzZCiiJs1I1pJY2DBjZcRsE39I1jk_Y1AJ3MBj37Bm5sNqN5Q8lAHSc68lqf46z6ZUu40mZcQZ6kFM12BpeY11A9iJi0CSfnVlVV4A8oOSx5b0I727otFz26foY8K3HcL67zZRSFeUdMSHrat5SABvGWoJ30qOfpNKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0sRtBqd3nDXvfqahvzReJtEBjv2w%26client%3Dca-pub-2297571418107277%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 28 Aug 2022 18:07:29 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
/
geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3725f0837f6f79cc39659a58e791cd564fd3da1c713a45e0090d5d83d79ac99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 18:07:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5nqxVEkjde9cNtUzQdQWnjszqSE0AtYYia2jstRY6psSLr8Z8TlsG%2Fhv%2BdYX6OJPjLE018RnMj2D8fJgsqVyyw7icizRq9QJsbF0I%2Fx%2FYMIKtWrkvG7CgMaWnDSTdbdVOFemWmaN6WMeK8K"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
741efca8ec8c0c11-AMS
link
<https://geotvnews.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR object| google_tag_manager object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData object| tdb_globals object| tdwGlobal object| tdaGlobal object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| tds_general_modal_image string| tdc_is_installed string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError string| tdBlockNonce object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter number| google_lpabyc string| google_user_agent_client_hint object| block_tdi_63 function| _ object| tdbAutoload object| tdAnalytics object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box number| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| td_comments_form_validation object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdStickyRow object| tdScrollToClass object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdHeader object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdShowVideo object| tdAnimationStack function| td_compute_parallax_background function| td_compute_backstretch_item object| td_backstretch_items object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing function| tdModalImage object| tdAjaxVideoModal object| tdfAjaxFlickr object| tdConfirm function| $f function| onYouTubeIframeAPIReady undefined| eventHub object| tdbMenu object| tdbMenuItemPullDown object| tdbSearch object| tdcPostSettings function| tdbGetMobileTemplates object| fifuImageVars object| observer function| disableClick function| disableLink function| fifu_fix_gallery_height boolean| __cfRLUnblockHandlers function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| google_llp object| googletag

6 Cookies

Domain/Path Name / Value
.geotvnews.com/ Name: _gid
Value: GA1.2.39638152.1661710047
.geotvnews.com/ Name: _gat_gtag_UA_212483097_1
Value: 1
.geotvnews.com/ Name: _ga_5Y2RFZKE0T
Value: GS1.1.1661710047.1.0.1661710047.0.0.0
.geotvnews.com/ Name: _ga
Value: GA1.1.407710660.1661710047
.geotvnews.com/ Name: __gads
Value: ID=a61610d27d24b925-22c840d308ce00d0:T=1661710047:RT=1661710047:S=ALNI_Maved4-wOANVIa__eAC7xiTnspyng
.doubleclick.net/ Name: IDE
Value: AHWqTUmzU-3kOrffwwl41MGylHBYNJ7oCdrzDlvTWoFJAufvM4B69ovZlQZ1CLx7Pgc

3 Console Messages

Source Level URL
Text
network error URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2297571418107277&output=html&h=280&slotname=5833166321&adk=1874142133&adf=332242137&pi=t.ma~as.5833166321&w=748&fwrn=4&fwrnh=100&lmt=1661710047&rafmt=1&psa=0&format=748x280&url=https%3A%2F%2Fgeotvnews.com%2Frussian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661710047526&bpp=2&bdt=965&idt=320&shv=r20220822&mjsv=m202208240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8097845874171&frm=20&pv=1&ga_vid=407710660.1661710047&ga_sid=1661710048&ga_hid=1561105294&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=586&ady=49&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31069152&oid=2&pvsid=4263114681739553&tmod=1521519928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=TrdUFmCM9f&p=https%3A//geotvnews.com&dtd=325
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://geotvnews.com/russian-buyer-of-canadian-oil-company-accused-of-paying-kickbacks-to-former-ukrainian-prime-minister-gtn-news/
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.nl
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
d3pc1xvrcw35tl.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geotvnews.com
globalnews.ca
googleads.g.doubleclick.net
hindi.indiaaheadnews.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
region1.google-analytics.com
rtb.fr.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.deadlinenews.co.uk
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.sangbadpratidin.in
142.250.186.66
178.250.0.139
178.250.2.148
178.250.2.150
192.0.66.184
2001:4860:4802:32::36
2001:4860:4802:36::178
2600:9000:223f:6600:1a:c2e0:e40:21
2606:4700:3035::ac43:a242
2606:4700::6811:190e
2620:100:a001::4
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::200a
2a02:2638:1::4
2a02:2638::2
2a06:98c1:3120::c
2a06:98c1:3121::c
3.33.218.136
0316490e4924e0552dc342e46eaa0bfcc2b4029499137a156ac3f37d7130b2d4
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
074914a68efc16afe0e812394824c3a2050d602db987cecaeff32c019c22d8db
0769ea8d4d3493abb797a3ce9c17e454e0fd9c3dc14299cc4190aed37b62c310
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0fe7186aad5f8c825ff9b0f71122894e333dacd6d995d71fc0ccf57f76976d45
17bb13a97d410c29c5b7787a9b15b138951d2a88b5e7d2102624a06502895800
1c0b7aaddcf065ebe08213a37a61d5a4c460e3b60da5bb6b75bcf3045acc1c0d
1eea394fcb325c66111e24a90a5b50e1bd36162997de9376793cee8a903d34d5
1f1ad60115ae0b866331e99523b53cf7e5e77d9cb0146c48f8ab17527ccbeec0
21e3f7aa47cf554ee62c4fc2067f7b9c16ed3b6db007f4bfa76f64fd5c5be621
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
26c4efb42c7abd7813fb6de3c1666aba67f29f40f4d3bf16f75da4d0161a1082
27a9764e668b317f469b0b5b8c584af3a01cb38a356915e00e2cc60ce500ac72
27f80c76d8970d4ca33de7ac22df96a203d430b21ff3441d9524fe99dcbf0373
3365f26146eee80dc2b94e01298b0344989185c07d0a8cae18603b35cdd62d3e
339c9b2622a37cb0e0f3845dfb3872b621331db4e7dfc5942ec9393b0b195d18
354390e0052cedd10e66aa43af81d8fb3a0379ac775dd6586fb5a72ec29dcadf
3a5daabbd33ca885d3f05bdbddd2e7c4eea592cd07309b01745126e54614d422
3e4467b01f7ca736935f7076c037b2b16f592a7410b3c66d6b0cb06ee80400fe
40502156d4e8e60e71fc98fbeeb7edfaebd0cf2de08f6e50b6bc062410dec8f6
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
467f09b1312b4083fa2f4c008c84533ae5babd4a9fb33b1a4e1b14511ade33f5
4845601adffad8b8d9d4af240e28ee6127caddbc1de1cb3af747f085e0b5de5c
49ae1cb8c4f139beb5d828ee2823aa505b9fd5ca7455766659a2832bd8f5da1d
4c23db81c2c62a15a07e869b7cb5cdf527cc1196739a8de83870498ba11e86c7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed9c8f1904f79f2d1ae8ed15b1022f0e15ee630058d8e228afab796db68cf10
54d910ce193acd5e673d7a94ce23371b223bb0eea8bcb4d1705bf7770ca15e38
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b387cd72d1c80a0c7aaf5a7e7e9f10acdb76857ebef49fc0ac0b14174fa1636
5b9e1ca0eadda5d58109104a334e910c3b06ac36c0159afd502e04ce948df47a
5fe4e898d4aa53e3e2ae6cea069c18cea2c75da45b2ebc6d375e92013ab3a947
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6499de4244d00eeb771a107c832081afca7b513bb76471232543d6a6f2f766d5
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
734b039aed38e0f69f759ae47d2649df7fb99b970a604c613334e661329de369
77698f53b5f088fd67498fd663082177781b461e5d555be01568dfa8e1b59f0a
79cc4eb717bae008a44dad34b147360fe698abd4bc7ec5db46766f107af7be01
85007e6b3bc15a5847c52b15106cb9b2dd923d308e223dfa0196175f1421a144
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
877d75d9a49ef28540c98df6aaa20a33fcc68495af7a7b688f5b5ea2cf6c5e52
883321bdad5d0f9efd585cba7800d466f2e3d90a77e41671d6b1929867cf8e45
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bd54007cd9304aa8f307247d1a37108572f265fa5b921301fcc185356103721
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5b21add6d1ec44370c673b9c17be05fae0b7ec4f36fbd253066abb39cc9709
94868f41deed9a5e4ab6553644a2c0f4742f9d3d6270626a11e0660347fcc4a5
9d6f8269115f0afafef24c1e706b11684e2da91c8b143dc495d6d0270e215f6e
9e1bdbf5a428b83750056eff8ba311ec6240e25a8b4f58a9143e97d8f54451de
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a34bf0f85efc5a75b29b9f20767fff9f943f815f2e7a567ba9bc310bfe924efd
a3b4c73ca73fbb94e71aafff984335027c466cb9ed06dc37506eb94405a14505
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57cf8787460745d0d35f43374dcd3e83c2d01ab5b78d8d5ec46318fc17022f5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aaf68dc67124065f1c8931e60403c41c0964f8c80a5f018e94853a182e88a9a0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b185d0499db22c8d0d824e46b740da5e2ae2540f285313009c8960cb8ab83630
b492d0965ce7215a6d35fb6d3c6823f35a9c78d3a2d0d21115cca597ad33bd0c
b7a9c2add467c3494ce5fd393e01e709d167bf021d9abe9a73d22e8f4cbfe57b
bb20d76ed76ce0dfbfa441d734837111328680445ecbce81c908aadf400b51a4
bd6b63392bdb95ab364135fd0644fff6d18b786a92d2d3b4e6277f8fc17a2ef8
bfa4b4d1782e2d080e59b5c9e97ba42d99d2aa12f46c520556cef6cc382d7326
c03684c9bdbc877b00c3c335894c0516bbb9fec3eebd7d643434729042c8bc00
c3725f0837f6f79cc39659a58e791cd564fd3da1c713a45e0090d5d83d79ac99
c778af4da6524c8275053d31e9912cce832952ecfdab66d1e0765d9bedf4a500
c943b419d090488721aca8e822663c98d7cb6cc483dae5636914088f059d8907
c9a3930b9204ec738c05a965fd431880635f5b8dcc6ca38476490aabe973df84
c9a8108fc47321bbfcb304fd83900891a8c005b77e13f82949f56d0419eb6dc8
ca577b92bf1e208af3779d8e4410ee2884e87d3d366c590590f50fbe543061fc
cafc583149b03892c3aacfa66ccf103e11784ebe6f3d5105cbc00456d107a58a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce7250b917b51e125655010efea1755789864accb21e0b3e9445581c16121974
ceb6d0a9d399c4af82ddf2d08f08f418a6b04387b10ef35b6f1e9e76f7603145
d0ae1399f45efb489e3320d008fba2cc60921e5f400c88167ba76eece1f3d5f9
d137ed0726e3c80cb91d9c1e18f2c0abbe5ac78644eefa0704ca669108fb5470
d6143553685875a2ae05c0a6fbf6f5bfd19a182675df84e3eaf63996419ee01e
d8d1cabf2ccaeac00ec10b9e98e8fcc67321e304cafa11346f186676f627d1dc
d9343aed18d1b167da2675e94c0401c353547fb88a95a0a572eef55d21e24b24
da6149d780945d21193ac85dab5afd9771f3345e92d240ddaa6b082ab0674ab2
daaa0258df5e8b486b4d511f570ec2739511bb227d91494088d23a6950219438
db03e49e2773f8bdc3b683543eda6cd178c19d05140c243868e169ceeba0e4f3
dd07b14501e929142dcf53430b7a798e1b1bfe97af1fa3404fdf56cce4e0e502
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c4361d8ea42a314724fbc26c521d4f3f6999c6a4dc3732336ec6434fee3451
e6579044f5624e6ddcd411783adff71f3032a86e9db0a398e5e221b22430ea31
e9554d8e468e2c895735c601c057c9efb559db3dfab4e532231c2ddc50ca2bb7
ea9ad8f6ace011a694d664482cc6ca0acc2dd86a8d6b684154327ec84c0c95fd
eb5da9ae75616524e70e3069e9c4360914caa2016870ca2ecb036b204a2f3e62
ec298fcbd8a8e810cedbaf873a10f3c15f06adc36dbc53f3aacf09820911f54f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615