nvlnews.com Open in urlscan Pro
35.209.139.20 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nvlnews.com/
Submission: On March 13 via api (March 13th 2023, 10:38:00 am UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 15 domains to perform 115 HTTP transactions. The main IP is 35.209.139.20, located in Council Bluffs, United States and belongs to GOOGLE-2, US. The main domain is nvlnews.com.
TLS certificate: Issued by R3 on February 6th 2023. Valid for: 3 months.

This is the only time nvlnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	35.209.139.20 35.209.139.20	19527 (GOOGLE-2) (GOOGLE-2)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
24	2606:4700::68... 2606:4700::6810:8516	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:c800:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	34.250.206.183 34.250.206.183	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
115	20

21 35.209.139.20 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 20.139.209.35.bc.googleusercontent.com

nvlnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:c800:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.206.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-206-183.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	242 KB
24	demand.supply live.demand.supply — Cisco Umbrella Rank: 35555 api.demand.supply — Cisco Umbrella Rank: 79634	38 KB
21	nvlnews.com nvlnews.com	359 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	308 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	gstatic.com www.gstatic.com	16 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8720	818 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	97 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1250 bcp.crwdcntrl.net — Cisco Umbrella Rank: 910	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 896 id5-sync.com — Cisco Umbrella Rank: 408	17 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2765	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
115	15

	Domain	Requested by
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net nvlnews.com eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com tpc.googlesyndication.com
21	live.demand.supply	nvlnews.com live.demand.supply client
21	nvlnews.com	nvlnews.com
11	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net nvlnews.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com nvlnews.com www.googletagservices.com
3	www.google.com	1 redirects tpc.googlesyndication.com eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
3	www.gstatic.com	nvlnews.com eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
3	eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	api.demand.supply	live.demand.supply
2	googleads.g.doubleclick.net	eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
2	www.googletagservices.com	nvlnews.com securepubads.g.doubleclick.net eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
2	fonts.googleapis.com	eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com nvlnews.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	www.googletagmanager.com	nvlnews.com
115	22

This site contains links to these domains. Also see Links.

Domain
sulvo.com

Subject Issuer	Validity	Valid
*.nvlnews.com R3	`2023-02-06` - `2023-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.id5-sync.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://nvlnews.com/
Frame ID: E3B479AD90A3CEEE483C0A1F9AC04542
Requests: 75 HTTP requests in this frame

Frame: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 230B84124402F352D344F663C4D3BF0C
Requests: 1 HTTP requests in this frame

Frame: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B42D3428FC02AD41E393BE4FEE08B4E9
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 16D1C0FBDD75CDD93A503E891494EDED
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E75165835BF6858932284EA5DE76DAFE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31C784CC69BBE3547A6E544C14A48400
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8fsWb5_-E7qdvI7anit9f8APDeXYwZiIJ1B_EKUPeOKbIsgqaZlVv0qopmuTVyF7LojaryvwyAa3kCtnrMplFRFhzpzEmB38nr9-MGuv2lwbOCpCrfcc_lc_4G19SOYAmJBs6YdetjILzsQU9kVYRDiVqlBuSlYby5Cjj_N6NoHvqhOAGHvQMpUPQAdeSvu2dN7AHbMyVpmLmv8hlzsMxKD3hg2bSd_F3OToLhsJ-Lv283LTLkSapJKgnosKN1BzuXEL4hNtUyxEzVlIwNccoUylOCtMjq8VUuafLzjkY1uj27eFgHZc_1B1jfxYnu_fpNX8WC5IZX_VAmYCLq2pGQ7eCK1nnaeK_ge_bZj43gEKM2sruCL1KR0R6JVBVGXlZOck&sai=AMfl-YTP9ii9jRxAsmlaeBF3rFap1fV5KOuCvOIWwanotCNQHL591FaVm0eiXX5Ht2TKX9Junkdni9LXzB4fRyXM_f9YkyEALeRbsfdwedmSzNgNyCuGUNWaKUUzhwmRV6lBxuKm7GFDSjwjVKshsNI&sig=Cg0ArKJSzHdY3rS18EwKEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: EDECA0A3C5212D3E74972430DA069123
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js
Frame ID: E8092DC1ADFC94121B2C204F56834079
Requests: 1 HTTP requests in this frame

Frame: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DC0D122E8EE947528C29003267A2F20C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html
Frame ID: DF88DD57A4B0B8EB0AABC333A8911E3B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E595E4CF033EF1213CFD16C916B26F62
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

nvl news – is a Professional news Platform

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

115
Requests

98 %
HTTPS

79 %
IPv6

15
Domains

22
Subdomains

20
IPs

4
Countries

1162 kB
Transfer

3078 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sulvo.com/?utm_source=https://nvlnews.com/&utm_adtype=sticky_display&utm_medium=sulvo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

115 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nvlnews.com/ 179 KB
42 KB 674ms
233ms Document
text/html 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 66a8ebc15b8b7b37168771875c392dac1720799e21fc11e91582920f94879081

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 13 Mar 2023 10:37:53 GMT
host-header: 8441280b0c35cbc1147f8ba998a563a7
link: <https://nvlnews.com/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-httpd-modphp: 1
x-proxy-cache: HIT
x-ua-compatible: IE=edge

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 143ms
55ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-252600292-1

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea9c275f2cbd426d5df5bb043d6421ca8839526bd005ec4af7a9511d8a21060b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44808
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Mar 2023 10:37:53 GMT

GET
H2 200 style.min.css
nvlnews.com/wp-includes/css/dist/block-library/ 93 KB
11 KB 128ms
123ms Stylesheet
text/css 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:13 GMT
server: nginx
etag: W/"63e38bc1-172a9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 classic-themes.min.css
nvlnews.com/wp-includes/css/ 217 B
381 B 134ms
130ms Stylesheet
text/css 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:13 GMT
server: nginx
etag: W/"63e38bc1-d9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 styles.css
nvlnews.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 140ms
136ms Stylesheet
text/css 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:11 GMT
server: nginx
etag: W/"63e38bbf-af3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 widget-areas.min.css
nvlnews.com/wp-content/themes/generatepress/assets/css/components/ 3 KB
861 B 145ms
142ms Stylesheet
text/css 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.2.4
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:12 GMT
server: nginx
etag: W/"63e38bc0-d1e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 main.min.css
nvlnews.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 150ms
147ms Stylesheet
text/css 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.2.4
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:12 GMT
server: nginx
etag: W/"63e38bc0-4c6e"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 featured-images.min.css
nvlnews.com/wp-content/plugins/gp-premium/blog/functions/css/ 3 KB
658 B 154ms
152ms Stylesheet
text/css 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/plugins/gp-premium/blog/functions/css/featured-images.min.css?ver=2.2.2
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:11 GMT
server: nginx
etag: W/"63e38bbf-cdd"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 up.js Show response
live.demand.supply/ 5 KB
3 KB 143ms
85ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b413fc7b51831d67408bd470a4f6f3fe89acab64a87f8d5a01fb918481707ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GT248QQVTFKTV8V951NQJ04H
date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 733
cf-polished: origSize=4391
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"80cb6d37c081c52264f3bc093c1c886c-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 7a73a4eaaa2a39bc-FRA
link: <https://live.demand.supply/impl.v16.5.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/bnZsbmV3cy5jb20v>; rel=preload; as=script
timing-allow-origin: *

GET
H2 200 cropped-Noir-et-Orange-Jeu-Logo-2.png
nvlnews.com/wp-content/uploads/2022/12/ 22 KB
22 KB 199ms
198ms Image
image/png 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/cropped-Noir-et-Orange-Jeu-Logo-2.png
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 481c4b63180785679ecc1b932f54e3ea60d742890b40a68f52fedaf297aab7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:11 GMT
server: nginx
etag: "63e38bbf-57e6"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 22502
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 1672501703_Where-2022s-news-was-mostly-good-The-best-science-stories.jpeg
nvlnews.com/wp-content/uploads/2022/12/ 36 KB
36 KB 205ms
204ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/1672501703_Where-2022s-news-was-mostly-good-The-best-science-stories.jpeg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f90dfee702fa581e6e25554d858a91fbaff26dfe2aef3b533be169ff5042a136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:10 GMT
server: nginx
etag: "63e38bbe-8fdc"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 36828
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 index.js Show response
nvlnews.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 123ms
121ms Script
application/javascript 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:11 GMT
server: nginx
etag: W/"63e38bbf-2945"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 index.js Show response
nvlnews.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 128ms
127ms Script
application/javascript 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:11 GMT
server: nginx
etag: W/"63e38bbf-31d9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 menu.min.js Show response
nvlnews.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 134ms
132ms Script
application/javascript 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.2.4
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:12 GMT
server: nginx
etag: W/"63e38bc0-1b1c"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 navigation-search.min.js Show response
nvlnews.com/wp-content/themes/generatepress/assets/js/ 2 KB
919 B 138ms
137ms Script
application/javascript 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.2.4
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:12 GMT
server: nginx
etag: W/"63e38bc0-858"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 wp-emoji-release.min.js Show response
nvlnews.com/wp-includes/js/ 18 KB
5 KB 238ms
237ms Script
application/javascript 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlnews.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
last-modified: Wed, 08 Feb 2023 11:47:13 GMT
server: nginx
etag: W/"63e38bc1-48b9"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 impl.v16.5.0.js Show response
live.demand.supply/ 73 KB
23 KB 28ms
27ms Script
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v16.5.0.js
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01bd376cf54a9fc49dab79cb65210386282cdf45a9100666e2914748d51472f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSTTF7TCPWH61KA4YMCJKNQT
date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
cf-cache-status: HIT
age: 1692707
cf-polished: origSize=74953
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"06747e1b2b2d2a8f0204a78806842584-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7a73a4eb3abc39bc-FRA

GET
H2 200 bnZsbmV3cy5jb20v Show response
live.demand.supply/p4/v16-2-0/ 915 B
603 B 467ms
465ms Script
text/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v16-2-0/bnZsbmV3cy5jb20v
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd8dc646e2ab3ec2cfc523c408d8bcb67a70369c36a884e5835969c988fc714e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7a73a4eb3abe39bc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
495 B 129ms
118ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=146&cs=c&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:53 GMT
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
cf-polished: origSize=2
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4eb48a03684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7fb02509ed2c1354bcd444787b64b3f15fac65a96cf871ae9647857d80880b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27411
x-xss-protection: 0
server: sffe
etag: "1509 / 897 of 1000 / last-modified: 1678696819"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Mar 2023 10:37:53 GMT

GET
H3 200 ds.2.html Show response
live.demand.supply/ 413 B
635 B 124ms
113ms XHR
text/html 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GTMZQZM91ZXAPWZZFBPBQ9TG
date: Mon, 13 Mar 2023 10:37:53 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
cf-ray: 7a73a4eb48a33684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1672447176_Keep-an-eye-on-the-sky-for-celestial-events-in.jpg
nvlnews.com/wp-content/uploads/2022/12/ 50 KB
50 KB 125ms
123ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/1672447176_Keep-an-eye-on-the-sky-for-celestial-events-in.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3fb9fbdd68d79585260165b6ffb1d82cbd85bd2b0d28abbd5120816eb35cfcf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:10 GMT
server: nginx
etag: "63e38bbe-c8b5"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 51381
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 What-do-your-favorite-James-Webb-images-say-about-you.jpg
nvlnews.com/wp-content/uploads/2022/12/ 105 KB
105 KB 174ms
171ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/What-do-your-favorite-James-Webb-images-say-about-you.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b3ebae3df048a20f9d6005147f5bdd3d31ba307cf1dff8434b6b76126699e457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:09 GMT
server: nginx
etag: "63e38bbd-1a266"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 107110
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 Sun-water-was-found-on-the-moon.jpg
nvlnews.com/wp-content/uploads/2022/12/ 22 KB
22 KB 180ms
178ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/Sun-water-was-found-on-the-moon.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3edcb6e07b47699afea1d210cf5416950de9f6cca3e61d098262d4e4e68e100b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:11 GMT
server: nginx
etag: "63e38bbf-56ba"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 22202
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 1672447176_Keep-an-eye-on-the-sky-for-celestial-events-in-300x169.jpg
nvlnews.com/wp-content/uploads/2022/12/ 6 KB
6 KB 180ms
178ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/1672447176_Keep-an-eye-on-the-sky-for-celestial-events-in-300x169.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7f52555fd2a2cfc6e447cbc3e2d4ef115687394356e319f13f3b37f8bf793c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:10 GMT
server: nginx
etag: "63e38bbe-1770"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 6000
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 What-do-your-favorite-James-Webb-images-say-about-you-300x300.jpg
nvlnews.com/wp-content/uploads/2022/12/ 23 KB
23 KB 180ms
178ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/What-do-your-favorite-James-Webb-images-say-about-you-300x300.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5b02499a236eb0666d0b8ccc593cb9a74554520e48ff619aa05836b9afdefd4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:10 GMT
server: nginx
etag: "63e38bbe-5b12"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 23314
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 Sun-water-was-found-on-the-moon-300x122.jpg
nvlnews.com/wp-content/uploads/2022/12/ 4 KB
4 KB 180ms
179ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/Sun-water-was-found-on-the-moon-300x122.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 224df0334d8a05194c2394d4bfadb3924b372bafd38104ec75b95f5d9998f818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:10 GMT
server: nginx
etag: "63e38bbe-10c0"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 4288
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H2 200 See-the-best-photos-of-the-International-Space-Station-from-300x169.jpg
nvlnews.com/wp-content/uploads/2022/12/ 15 KB
15 KB 181ms
179ms Image
image/jpeg 35.209.139.20
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlnews.com/wp-content/uploads/2022/12/See-the-best-photos-of-the-International-Space-Station-from-300x169.jpg
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.209.139.20 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 20.139.209.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bbfaefe85b3ca60217ad2ce44f35673f03ae35f34d55de24dd49888245c2ff53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
last-modified: Wed, 08 Feb 2023 11:47:10 GMT
server: nginx
etag: "63e38bbe-3b88"
x-proxy-cache-info: DT:1
content-type: image/jpeg
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 15240
expires: Tue, 12 Mar 2024 10:37:53 GMT

GET
H3 200 nvlnews.com_fluid_lb+sq_test2 Show response
live.demand.supply/cp/ 21 B
383 B 161ms
160ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/nvlnews.com_fluid_lb+sq_test2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7a73a4eb99023684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21

GET
H3 200 nvlnews.com_fluid_lb+sq_test2 Show response
live.demand.supply/cp/ 21 B
385 B 154ms
154ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/nvlnews.com_fluid_lb+sq_test2?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7a73a4eb99053684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21

GET
H3 200 nvlnews.com_fluid_sq_sdfd4 Show response
live.demand.supply/cp/ 21 B
381 B 148ms
148ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/nvlnews.com_fluid_sq_sdfd4?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7a73a4eb99073684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
492 B 162ms
162ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGV2S4GPAZK1R901TGMP3
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
cf-polished: origSize=2
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4eb990c3684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-252600292-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 13 Mar 2023 09:19:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4700
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 13 Mar 2023 11:19:33 GMT

GET
H2 200 pubads_impl_2023030701.js Show response
securepubads.g.doubleclick.net/gpt/ 394 KB
133 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 05:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136160
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Mar 2024 05:04:00 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 403 B
246 B 151ms
71ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d134ce313453d9425594a60293b93a6201ee254bd6e6b79aad10bc1ebbf151f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221
x-xss-protection: 0
expires: Mon, 13 Mar 2023 10:37:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
203 B 47ms
47ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=530793019&t=pageview&_s=1&dl=https%3A%2F%2Fnvlnews.com%2F&ul=en-us&de=UTF-8&dt=nvl%20news%20%E2%80%93%20is%20a%20Professional%20news%20Platform&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=911262449&gjid=352127866&cid=1769547456.1678703874&tid=UA-252600292-1&_gid=238062039.1678703874&_r=1&gtm=457e3360&z=758416372

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://nvlnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 10:37:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nvlnews.com_fluid_sq_sdfd4 Show response
api.demand.supply/v16-2-0/a/ 303 B
693 B 194ms
145ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/nvlnews.com_fluid_sq_sdfd4?&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42bc0545d3cf61017a1b07083431efa85064652e5b91dd5f29bc3e3d3027ba70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"12f-gd/wXCoiee+hvC6pWB/EXAp2FeE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7a73a4ecfef1bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nvlnews.com_fluid_lb+sq_test2 Show response
api.demand.supply/v16-2-0/a/ 313 B
501 B 204ms
158ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/nvlnews.com_fluid_lb+sq_test2?&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae3b4616f7ebed4f76436b19df6ffb05d23b32bbc968889b31c3d11ab996421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"139-a6O2Mc74pRQ0wy72wzwU3g9+QZo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7a73a4ecfef3bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 nvlnews.com_fluid_lb+sq_test2 Show response
api.demand.supply/v16-2-0/a/ 313 B
477 B 213ms
194ms XHR
application/json 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v16-2-0/a/nvlnews.com_fluid_lb+sq_test2?&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ae3b4616f7ebed4f76436b19df6ffb05d23b32bbc968889b31c3d11ab996421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 0
etag: W/"139-a6O2Mc74pRQ0wy72wzwU3g9+QZo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 7a73a4ecfef5bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 156ms
53ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 145ms
47ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 451 KB
38 KB 336ms
336ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741798977102059&correlator=1332017098177264&eid=31072887%2C31072890%2C31072986%2C31073001%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=44890869%3A22867537641%2Cca-pub-3831894559014614-tag%2C00e802b5-a6b6-4317-bd4a-81affd154e65&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=820x280&ifi=1&adks=404464874&sfv=1-0-40&prev_scp=ti%3D490c5f92-d3df-4e82-aa11-afb3a370abe9%26pof%3D1%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678703874238&lmt=1678703874&dlt=1678703873631&idt=468&adxs=200&adys=401&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnvlnews.com%2F&frm=20&vis=1&psz=820x296&msz=820x296&fws=0&ohw=0&ga_vid=1769547456.1678703874&ga_sid=1678703874&ga_hid=530793019&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37a651075a321e216cc982003871bf1a969a4874b706d12571dbe095b01479e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39022
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nvlnews.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 230B 6 KB
3 KB 185ms
45ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nvlnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:37:54 GMT
expires: Tue, 12 Mar 2024 10:37:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
492 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=nvlnews.com_fluid_lb%2Bsq_test2&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGV2S4GPAZK1R901TGMP3
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4ee1c9c3684-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 885 B
495 B 329ms
328ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741798977102059&correlator=3006586808299592&eid=31072887%2C31072890%2C31072986%2C31073001%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=44890869%3A22867537641%2Cca-pub-3831894559014614-tag%2Cd83a3d07-e778-4f49-bf6c-1cb13b7407ef&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=2&adks=962319243&sfv=1-0-40&prev_scp=ti%3D490c5f92-d3df-4e82-aa11-afb3a370abe9%26pof%3D1%26rfi%3D30%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678703874257&lmt=1678703874&dlt=1678703873631&idt=468&adxs=288&adys=116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnvlnews.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1769547456.1678703874&ga_sid=1678703874&ga_hid=530793019&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc3df2caa8149b0ec7ee14a9150d05dcec3059a5a234979ede33412a4ab0ef4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 nvlnews.com_auto_728x90_sticky_display_bottom Show response
live.demand.supply/cp/ 29 B
392 B 160ms
160ms XHR
text/plain 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/nvlnews.com_auto_728x90_sticky_display_bottom?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 869184548a0c4fa823795d09dbf8d3e5f7b607d4a30a01b7e73445f106f7ee54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 7a73a4ee2cb33684-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 146 KB
43 KB 450ms
450ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741798977102059&correlator=3543195333401100&eid=31072887%2C31072890%2C31072986%2C31073001%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=44890869%3A22867537641%2Cca-pub-3831894559014614-tag%2Ca338a7cc-c251-4820-b6dd-df894f95e190&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&adks=3138319728&sfv=1-0-40&ists=1&fas=8&prev_scp=ti%3D490c5f92-d3df-4e82-aa11-afb3a370abe9%26pof%3D0%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678703874266&lmt=1678703874&dlt=1678703873631&idt=468&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnvlnews.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1769547456.1678703874&ga_sid=1678703874&ga_hid=530793019&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c77bda7a3fd4822e727762a64a89f095827ec66d2c3d4f44c02420a4868fe091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44293
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2023030701.js Show response
securepubads.g.doubleclick.net/gpt/ 33 KB
12 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023030701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0608692433a30f00e2f46a6bdaf8963100faa4e0b96657cf7dbb59afc14bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 01:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12347
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 09:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 10 Mar 2024 01:07:56 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
493 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=da&r=nvlnews.com_fluid_lb%2Bsq_test2&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGV2S4GPAZK1R901TGMP3
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4ee3cc43684-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 885 B
492 B 273ms
272ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741798977102059&correlator=3015004056939450&eid=31072887%2C31072890%2C31072986%2C31073001%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=44890869%3A22867537641%2Cca-pub-3831894559014614-tag%2Cd83a3d07-e778-4f49-bf6c-1cb13b7407ef&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x280&ifi=4&adks=1917268726&sfv=1-0-40&prev_scp=ti%3D490c5f92-d3df-4e82-aa11-afb3a370abe9%26pof%3D0%26bid%3D0.01%26bid-p%3Dgoogle%26rfi%3D30%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678703874275&lmt=1678703874&dlt=1678703873631&idt=468&adxs=288&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnvlnews.com%2F&frm=20&vis=1&psz=1600x116&msz=1600x116&fws=0&ohw=0&ga_vid=1769547456.1678703874&ga_sid=1678703874&ga_hid=530793019&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a843bed68507bf5d8c676e20389f166a1746fe63dee2ed642536212a48829f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 462
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
493 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=nvlnews.com_auto_728x90_sticky_display_bottom&pdc=0.6779654502868652&ucv=null&e=tcp&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4ef2df63684-FRA

GET
H3 200 sdb.css
live.demand.supply/css/ 4 KB
2 KB 32ms
31ms Stylesheet
text/css 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/css/sdb.css
Requested by: Host: client
URL: about:client
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GNVRAWWEVV0FNCNA1W6NSR50
date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 888943
etag: W/"1d4502a12de3cc5a1f0e398c3e53f4ab-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 7a73a4ef2ffb3810-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

HEAD
H3 200 e.js Show response
live.demand.supply/x/ 0
490 B 20ms
19ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=bb&r=nvlnews.com_auto_728x90_sticky_display_bottom&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGV2S4GPAZK1R901TGMP3
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 0
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4ef2df93684-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 57ms
42ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 55ms
46ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 467ms
463ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741798977102059&correlator=2624314517398325&eid=31072887%2C31072890%2C31072986%2C31073001%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=44890869%3A22867537641%2Cca-pub-3831894559014614-tag%2C7ecef686-f387-4480-8dca-2560b316ec71&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=2251200655&sfv=1-0-40&prev_scp=ti%3D490c5f92-d3df-4e82-aa11-afb3a370abe9%26pof%3D0%26bid%3D0.42%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D87&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1678703874437&lmt=1678703874&dlt=1678703873631&idt=468&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnvlnews.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1769547456.1678703874&ga_sid=1678703874&ga_hid=530793019&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c687beb7584e658ecf345b226d14b8f11bd98619389f7b999b1481646e54ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10358
x-xss-protection: 0
google-lineitem-id: 5562803508
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138332681208
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 176ms
81ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023030701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

649b6e34f79b04c8aedd855071ec1434a04cce409a423db1e29aa36945d5e133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11223
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 78ms
78ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=nvlnews.com_fluid_lb%2Bsq_test2&e=nai&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4efff543684-FRA

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=nvlnews.com_fluid_lb%2Bsq_test2&e=nai&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4f03fa53684-FRA

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 53ms
20ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7419
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230037-FRA, cache-yyz4557-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RTMjGBI1%2FB4ZP7zKyWbKojzS7Zo1lOWXnAb1ddGdE0R3C3wzof%2FU6gX4ga2a3ohMzYfa58dmgeOeT%2BwsMJoaDaiBNM5KAyxgqbfN27kcSiODoQ6EHwucXYC73ML8EeyNEilnwd6LrjZZ2paRuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a73a4f0bbb8bbf2-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 71ms
22ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 11:21:55 GMT
server: cloudflare
x-amz-request-id: 64NJAKFZQARTDDVR
age: 3159
etag: W/"b988c8d91b8a22dcd50f129d3a9d67f1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7a73a4f0ccc65c56-FRA
x-amz-id-2: Xu6LzLUtZ3SHgnRLHrPbl5Q0Gztl/fd4Y1cGSwI2f/yx4xHBvWPJFjxmp2QjQw26JFupq/MUKlg=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 44ms
7ms Script
text/javascript 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46dde6dd5afd36e719cfe8c4146eb9608243dfca499da8b5387c02dae3ba2382

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 00:52:11 GMT
content-encoding: gzip
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2023 18:15:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 35144
x-amz-server-side-encryption: AES256
etag: W/"6efe327d19f3ed2460254f4c8a1faf92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: ikuj8BUGOmJVFwXMLo4qLZ0arphppP1s0Ev2yCvfNn7DoGhD42VDkQ==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 35ms
8ms Script
text/javascript 2600:9000:2250:c800:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:c800:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 13 Mar 2023 01:16:29 GMT
Via: 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 33686
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: iDcqic5Cvq8efsjMfemz8MiHVBp2_nneNdANvuvbozmbK9GgF_em8w==

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
497 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=nvlnews.com_fluid_sq_sdfd4&sy=56547a4e-8e3b-46f4-aaea-dd84d0b427c5&ts=87&cd=2&pud=146&pus=c&pue=839&pid=31&pis=c&pie=870&ppd=468&pps=a&ppe=1307&pcl=897&ttc=1268&tti=1722&ttif=0&lca=1307&lcak=ppe&lct=1307&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=nvlnews.com&mlre=undefined&mlin=0&mlsi=820x280&mlbw=4g&mlcs=NaN&mltp=490c5f92-d3df-4e82-aa11-afb3a370abe9&e=lm&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4f0b8553684-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 169ms
60ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 13 Mar 2023 10:37:54 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 98ms
29ms XHR
application/json 34.250.206.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.206.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-206-183.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7e403edcca8df869cbf77b4238a381da8866be08096956187302ac563b8eb014

Request headers

Referer: https://nvlnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 10:37:54 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache
x-server: 10.45.5.237
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 98ms
27ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://nvlnews.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nvlnews.com
date: Mon, 13 Mar 2023 10:37:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 container.html Show response
eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B42D 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nvlnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:37:54 GMT
expires: Tue, 12 Mar 2024 10:37:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
498 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.01&b=3&r=nvlnews.com_auto_interstitial_desktop&sy=56547a4e-8e3b-46f4-aaea-dd84d0b427c5&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=nvlnews.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=490c5f92-d3df-4e82-aa11-afb3a370abe9&e=lm&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:54 GMT
cf-cache-status: HIT
age: 1
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4f138fd3684-FRA

GET
H2 200 css2
fonts.googleapis.com/ Frame B42D 4 KB
1 KB 125ms
44ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 10:04:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 10:37:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 16D1 6 KB
745 B 113ms
45ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 09:51:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Mar 2023 10:37:54 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 16D1 2 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 16D1 22 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 16D1 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 09:18:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 16D1 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16D1 158 KB
49 KB 61ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 10:37:54 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 16D1 34 KB
14 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 16:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 21:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 16:46:22 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/ Frame B42D 20 KB
8 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:45:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60759
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8547
x-xss-protection: 0
server: cafe
etag: 17360858034827311943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:45:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B42D 205 B
649 B 119ms
39ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:54:11 GMT
x-content-type-options: nosniff
age: 2623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Mar 2024 09:54:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B42D 604 B
694 B 130ms
51ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:19:49 GMT
x-content-type-options: nosniff
age: 4685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Mar 2024 09:19:49 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E751 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nvlnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:23:27 GMT
expires: Tue, 12 Mar 2024 10:23:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 31C7 783 B
1 KB 135ms
46ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7593ca35334ef86a41d2bd1d059ed114d4e6964671917d765d1f5d43f8e03604

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8IntIofBzIT7LLsv5ttLLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nvlnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-8IntIofBzIT7LLsv5ttLLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:37:54 GMT
expires: Mon, 13 Mar 2023 10:37:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET view
securepubads.g.doubleclick.net/pcs/ Frame EDEC 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EDEC 0
0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 45ms
45ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nvlnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 113 KB
42 KB 308ms
308ms XHR
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=741798977102059&correlator=3153094028373692&eid=31072887%2C31072890%2C31072986%2C31073001%2C44761478%2C44752585&output=ldjh&gdfp_req=1&vrg=2023030701&ptt=17&impl=fif&iu_parts=44890869%3A22867537641%2Cca-pub-3831894559014614-tag%2Cbc66382e-9045-4456-9b63-b72890eff4c5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=6&adks=115369231&sfv=1-0-40&prev_scp=ti%3D490c5f92-d3df-4e82-aa11-afb3a370abe9%26pof%3D0%26bid%3D0.03%26bid-p%3Dgoogle%26stt%3Dbhs%26bsc%3D87&eri=1&sc=1&cookie=ID%3D6e8e1bd249b3beca%3AT%3D1678703874%3AS%3DALNI_MZXF19tSF2VIuu4T6s-8JhuP1L60g&gpic=UID%3D00000bc575c789dc%3AT%3D1678703874%3ART%3D1678703874%3AS%3DALNI_MbUNDQvg8qid64aGe9Iu02aAh0zrA&abxe=1&dt=1678703874937&lmt=1678703874&dlt=1678703873631&idt=468&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnvlnews.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1769547456.1678703874&ga_sid=1678703874&ga_hid=530793019&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyaSx1O0wSABSAghkEhkKCnB1YmNpZC5vcmcYiKWx1O0wSABSAghqEhkKCnVpZGFwaS5jb20YyaSx1O0wSABSAghkEhsKDGlkNS1zeW5jLmNvbRi9prHU7TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c0da9b9a615bc297de30aa224a6686698100274794c3dd410724294de3c64b9

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnDm6Hb2P0CFRX_uwgdIFYDQA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14648426437844079381/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMnDm6Hb2P0CFRX_uwgdIFYDQA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14648426437844079381/index.html
date: Mon, 13 Mar 2023 10:37:55 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43413
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nvlnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js Show response
pagead2.googlesyndication.com/bg/ Frame E751 36 KB
14 KB 108ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 02:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14212
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 02:53:09 GMT

GET
H3 200 haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js Show response
pagead2.googlesyndication.com/bg/ Frame E809 36 KB
14 KB 82ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 02:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14212
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 02:53:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 31C7 0
0 106ms
69ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023030701&jk=741798977102059&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 container.html Show response
eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC0D 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nvlnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:37:54 GMT
expires: Tue, 12 Mar 2024 10:37:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
500 B 25ms
25ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=nvlnews.com_auto_728x90_sticky_display_bottom&pn=1&sn=2&pc=0.6779654502868652&ds=true&e=wdp&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:55 GMT
cf-cache-status: HIT
age: 2
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4f49d343684-FRA

GET
DATA 200
OK truncated
/ 182 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 834 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

HEAD
H3 200 e.js Show response
live.demand.supply/e/ 0
495 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8516
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.03&b=2&r=nvlnews.com_auto_728x90_sticky_display_bottom&sy=56547a4e-8e3b-46f4-aaea-dd84d0b427c5&ts=87&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=nvlnews.com&mlre=undefined&mlin=0&mlsi=728x90&mlbw=4g&mlcs=NaN&mltp=490c5f92-d3df-4e82-aa11-afb3a370abe9&e=lm&dsReferer=bnZsbmV3cy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v16.5.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-nf-request-id: 01GSHGGTXNK3XM9MR6KDKERD12
date: Mon, 13 Mar 2023 10:37:55 GMT
cf-cache-status: HIT
age: 2
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "fc19655e8626ed459bdd34d0d4cb6417-ssl"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 7a73a4f49d413684-FRA

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 81 KB
19 KB 53ms
52ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html

Requested by

Host: nvlnews.com
URL: https://nvlnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4858dcc1e4cd34fe7590f7d252dd0860a968454a47d20521de86265d3b3448d1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 295888
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18969
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Mar 2023 00:26:27 GMT
expires: Sat, 09 Mar 2024 00:26:27 GMT
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DC0D 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCaHXAv0OZMm6PJX-7_UPoKyNgAT7v-W5TYuFhPaICd6u15G-ChABIJWbyiFgleKQgqAHoAHtzf2ZA8gBCakCDhS7LA_bsT7gAgCoAwHIA0iqBOgBT9A2ihg-1AFCJ2e99h4FIWJdhygDcLhQenltonQBDovmj0zBGa6-shTbWUZ7Ag2yeMcq84JNqqC_7KY_mPpGFq9HRjwVfhl9dKgIZngVDPm1I6_f11DTxAyLNMsM5baxJRPPX1XV8deMCOODmoRCzKHiLjqOOAQMy-JDzdEauY0jmLMgQFhV36XkzimUNteogzebSXu3TSJiPWDlB-wQbviCIVSN89hL94uCFSQ-x0SMQlQV8ZMPwhxMJNhRBO-P-vYIL7BYDfPjv_HQ50gkqvleilEyhoo0JVka1pVp1zmdjQgVJyZWw8AEr9ncvbwB4AQBkgUECAQYAZIFBAgFGASgBi6AB-2vgmaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDOvgzSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi03NTA3NDM5MjMzODY1NDE1GP35Ew&sigh=2xEEUbuNjcs&uach_m=[UACH]&cid=CAQSOwDUE5ymPwQxH_yFROSuvOmswuXccS10W6mLa7CYX0NebDqIGa3xhzjCuCFbqlj2LpNkD7l66qgmozdxGAE&template_id=419
Requested by: Host: nvlnews.com
URL: https://nvlnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame DC0D 22 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E751 0
10 B 46ms
46ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ylh7oA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DF88 16 KB
6 KB 54ms
40ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 05:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 14 Mar 2023 05:05:43 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DF88 34 KB
13 KB 51ms
37ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 04:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 14 Mar 2023 04:22:19 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E595 143 B
383 B 118ms
36ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 09:56:42 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DC0D 3 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 09:18:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Mar 2023 09:18:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame DC0D 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 17:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Mar 2023 17:39:25 GMT

GET
H3 200 haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js Show response
pagead2.googlesyndication.com/bg/ Frame DF88 36 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/haezTdMeijvNpzpe-iMvzf0waJjhxHRsaf2aRdVkA3o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 02:53:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14212
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Mar 2024 02:53:09 GMT

GET
H3 200 Button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 11 KB
11 KB 39ms
38ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/Button.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8d7eade8e42e39e45e64f0117a4bc0e08b5f1e6456168cf8da955862a39c770

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 08 Mar 2023 05:31:04 GMT
x-content-type-options: nosniff
age: 450411
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11362
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Mar 2024 05:31:04 GMT

GET
H3 200 logo_stencil.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 9 KB
9 KB 71ms
70ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/logo_stencil.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39c8806fbca211e2cd0c03351956b7a40d38027b30d7a9dd231f7c0b31d1fb8d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 09 Mar 2023 23:54:32 GMT
x-content-type-options: nosniff
age: 297803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9043
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 23:54:32 GMT

GET
H3 200 car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 18 KB
18 KB 59ms
58ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/car.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

572066892833277e23a7d799554ba31f75f23e2422b5fe5007138eda7096f565

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 10 Mar 2023 13:44:27 GMT
x-content-type-options: nosniff
age: 248008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17960
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 13:44:27 GMT

GET
H3 200 dunst_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 20 KB
20 KB 47ms
46ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/dunst_1.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9937cfd92101bad82af0d5cb570975b2b30d613e1962a799108e0626f50a991

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 10 Mar 2023 13:12:19 GMT
x-content-type-options: nosniff
age: 249936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20351
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 13:12:19 GMT

GET
H3 200 Tour1ohne.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 7 KB
7 KB 41ms
40ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/Tour1ohne.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

631c14d1157e665fad7fae46fea4c6a72c16d4f30637eb6b120efc49f1cb00e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 07 Mar 2023 20:39:54 GMT
x-content-type-options: nosniff
age: 482281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7076
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Mar 2024 20:39:54 GMT

GET
H3 200 Tour_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 6 KB
6 KB 75ms
74ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/Tour_2.png

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0efa83236f43a0268c4ace922537e12349cd556331359e7502f32ec6538f6efb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 10 Mar 2023 06:54:12 GMT
x-content-type-options: nosniff
age: 272623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5685
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 06:54:12 GMT

GET
H3 200 hintergrund728.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/ Frame DF88 15 KB
15 KB 81ms
80ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14648426437844079381/hintergrund728.jpg

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f70cbe5cc9bc06e572bc0c489f32baf02fa892d26d8f49b6646723e0d48b828b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 09 Mar 2023 19:26:00 GMT
x-content-type-options: nosniff
age: 313915
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15158
x-xss-protection: 0
last-modified: Thu, 25 Apr 2019 11:37:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 08 Mar 2024 19:26:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DC0D 0
0 49ms
47ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTjtO0Z-_qZv8CTUyqdoiX8aR_YLZ1zi2Y0Dg7Hm9Ie0Uz2is_iED3hLTFX0TRhx_IDOEoLd5eWf_WSnVMg94r2RQ24qA
Requested by: Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC0D 158 KB
49 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 13 Mar 2023 10:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Mar 2023 10:37:55 GMT

GET
DATA 200
OK truncated
/ Frame DC0D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 795c9ac583b1f297239a76e1b75a81905939ff9c29b57be3a6764fb00c76f5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E595
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

51ms
50ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:37:55 GMT
expires: Mon, 13 Mar 2023 10:37:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 13 Mar 2023 10:37:55 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023030701&jk=741798977102059&bg=!bW6lbjrNAAZKh9k7aoc7ADkAdvg8WqkToxJ89wioXeIFM-AM3AGjDG9YyR1QiUkjbgGWCoyf6khscxgeCetqNjTiZ5I0VwlSerQCAAAA2VIAAAADaAEHCgB5AakDlwAImMdi5c647osH4MCLPr75WeCwC3NWhXxXftVhuZH6ZRnuKdxFONgjOI5Mk1TZbBEv1O4ohOjISBVgcmOOsIKR2sdyEt8Mpdu3XNq6_uuhurkT3hoyBCGfRLxbxfWVYvpbA8JH7FYFLq9tLu4cPx1glD1ZUJkC4WcEIKDH0eerDi4vIWQkpbm0rwxKDmNv0OcXS9AvHBgcVxZbikbl7gsyVCBOqnMA_l3eV-H1gtYrZOEZVATRLU7K09CABudMW8ouHcg8aznHItBBAQS5LI4b1qaFdhUGUs42d4XTATf77_fsP-ZDYa2pPleo6q6OUlxtTTnzcIYq8BY_k25Z3A44zgYEXW-1aSufCD5OOgJbPj3ZoLtMHXk-Bdu1VhySNkdeE2g8QtBYzRtf-PpYLPDb-B0arCOC7FdKuKZ12xL168ZQviO2g_XEiT3GSHvivp9al-N0MEK3j1FMxKGnW1xTegcpzTW7ahpQDf_TD7mQLxE9F8jfIV3WmJ8FCQdyyuvm43_kvbyPVm2QBhezS030eoTu9cDRt3sr-__SZ88ASimTpohzRikDO4SU7gwwIV_q2e9UsPqvKi-fe2yFRry0Zz-MY7iPrpkLQrHxiBlE3R8imdH6ypu7ApsoNiwLqptaLMePdIEDbO-JfuBMypBK5zFMN0pNKWyDMOAbRFLaoOVjAbrHyp-OMovbEPOKai9pypqkDV8ftvDG6EuswQlk3WdpbyGA_XpXkoY84wHQCwh0uRbzHvy1httLSfC9xX8EOGJZABuYTkZb0f8oy_cxcW_zvm8nOmBTLg57YSrSeO4XKe9tBzd34bCYCXwq4mkmvN2pAqAuDYnAViXBS9eUtuxnCB4DxGYxk38nRhdeP1VQkc7nk-2WAhcVuLdfSvBhpn2xVb8PyP2YWX6-leSUsRChdz87ls66bNY9pQu9fGd_1mbYqfz9mZKJTg0wp3EnBsRnlFCxP4thMBgVfGOvJltdhqVFfKwcgFKXSeUfeWddMtLl_ubTHmcz_9pwO-OVRrnDUn9FTX9bErhQRbgEox6GECR0vddc0dli1slZi-IG2BQ167i1j65g67q8p1XapAU3yoMaBvquKVW82JC5I9RYdQXCpqr5Bd5D9gamqISHgRea8dqe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC0D 42 B
174 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu46VjM3i-Hln8e7o9Ki6-zedMZzo9yHVGxfKogPSyKg0kSox_fYlIHNC8ZkfmDJ98Yj3copPBEZ2_TMJ0QyH3aw36EuhIuEZIUNuEIB13Bl-y7v-3JjaxPmb3kiQX5SPFv_N3HCsykSDXnVaVKgn6Oz57OTzJ4wRs9Iw&sai=AMfl-YRZHSWKGtyPIlJgvZ8T6i1T-6bQu6j0VVSe9TWNUPbxM009_DXQq5I_5-fPuGJbipna4hWGJ81QfA_g3yZsV8AKeb87devWB2m_TQMVaO0KQPw9SunX4ok7Cxc&sig=Cg0ArKJSzLfuZWX9TH08EAE&cid=CAQSOwDUE5ymPwQxH_yFROSuvOmswuXccS10W6mLa7CYX0NebDqIGa3xhzjCuCFbqlj2LpNkD7l66qgmozdxGAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=115369231&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678703875284&rpt=539&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Mar 2023 10:37:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8fsWb5_-E7qdvI7anit9f8APDeXYwZiIJ1B_EKUPeOKbIsgqaZlVv0qopmuTVyF7LojaryvwyAa3kCtnrMplFRFhzpzEmB38nr9-MGuv2lwbOCpCrfcc_lc_4G19SOYAmJBs6YdetjILzsQU9kVYRDiVqlBuSlYby5Cjj_N6NoHvqhOAGHvQMpUPQAdeSvu2dN7AHbMyVpmLmv8hlzsMxKD3hg2bSd_F3OToLhsJ-Lv283LTLkSapJKgnosKN1BzuXEL4hNtUyxEzVlIwNccoUylOCtMjq8VUuafLzjkY1uj27eFgHZc_1B1jfxYnu_fpNX8WC5IZX_VAmYCLq2pGQ7eCK1nnaeK_ge_bZj43gEKM2sruCL1KR0R6JVBVGXlZOck&sai=AMfl-YTP9ii9jRxAsmlaeBF3rFap1fV5KOuCvOIWwanotCNQHL591FaVm0eiXX5Ht2TKX9Junkdni9LXzB4fRyXM_f9YkyEALeRbsfdwedmSzNgNyCuGUNWaKUUzhwmRV6lBxuKm7GFDSjwjVKshsNI&sig=Cg0ArKJSzHdY3rS18EwKEAE&uach_m=[UACH]&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 19:54:23	Name: demandSupplyTi Value: 490c5f92-d3df-4e82-aa11-afb3a370abe9
.demand.supply/	1970-01-20 10:18:25	Name: __cf_bm Value: uRRE3GyDJKQ_rOxa7sDTKBrGD0a2KDhl1Tuqvnl2BoI-1678703873-0-AeTUIp4zaE2BYML7JX99DBHcoZAhsrbdvr6x0RojNBqHVlfNVhHslAENj3pUdKDyqA+Wz3qE+ZkMYDjmFAQymEE=
.nvlnews.com/	1970-01-20 19:54:23	Name: _ga Value: GA1.2.1769547456.1678703874
.nvlnews.com/	1970-01-20 10:19:50	Name: _gid Value: GA1.2.238062039.1678703874
.nvlnews.com/	1970-01-20 10:18:23	Name: _gat_gtag_UA_252600292_1 Value: 1
.nvlnews.com/	1970-01-20 19:39:59	Name: __gads Value: ID=6e8e1bd249b3beca:T=1678703874:S=ALNI_MZXF19tSF2VIuu4T6s-8JhuP1L60g
.nvlnews.com/	1970-01-20 19:39:59	Name: __gpi Value: UID=00000bc575c789dc:T=1678703874:RT=1678703874:S=ALNI_MbUNDQvg8qid64aGe9Iu02aAh0zrA
.doubleclick.net/	1970-01-20 19:39:59	Name: IDE Value: AHWqTUmlparMdQlgpbFWsdWCCGH4528BVsHTbvOLaOYErPY54NGnQMUqgHQwKFtuKeo
.doubleclick.net/	1970-01-20 10:18:27	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js(Line 9) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-O5zj1Hk6t67bzR0uH9kC6PDC7FDKdn5ILU7f756uerM='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js(Line 9) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030701.js(Line 9) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-lJF65h4TX6XzD0qA6vV1+NfMPLufBXuBwe2cIgQjyKs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 16) Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/14648426437844079381/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.demand.supply
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
eda6f7cdc8bd2e3ea8dc1ecbbd385c55.safeframe.googlesyndication.com
fonts.googleapis.com
googleads.g.doubleclick.net
id5-sync.com
live.demand.supply
nvlnews.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
securepubads.g.doubleclick.net
www.googletagservices.com
162.19.138.119
18.66.97.8
2600:9000:2250:c800:a:e047:752:b361
2606:4700:10::ac43:266a
2606:4700::6810:5714
2606:4700::6810:8516
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
34.250.206.183
35.209.139.20
01bd376cf54a9fc49dab79cb65210386282cdf45a9100666e2914748d51472f5
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0ea842ad92b2cb342a00d74293e6036981ec07854e082223080525efa9c88528
0efa83236f43a0268c4ace922537e12349cd556331359e7502f32ec6538f6efb
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c687beb7584e658ecf345b226d14b8f11bd98619389f7b999b1481646e54ef7
224df0334d8a05194c2394d4bfadb3924b372bafd38104ec75b95f5d9998f818
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37a651075a321e216cc982003871bf1a969a4874b706d12571dbe095b01479e1
39c8806fbca211e2cd0c03351956b7a40d38027b30d7a9dd231f7c0b31d1fb8d
3cdc8768b77b752d62d488cda4d7917a5df5d334da0f7fa7c9f86aeae573923b
3edcb6e07b47699afea1d210cf5416950de9f6cca3e61d098262d4e4e68e100b
3fb9fbdd68d79585260165b6ffb1d82cbd85bd2b0d28abbd5120816eb35cfcf0
3fbb7dc619788ae13aec18ac90445854ead7eafa6262fe5bd343485f9be7e49a
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
42bc0545d3cf61017a1b07083431efa85064652e5b91dd5f29bc3e3d3027ba70
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dde6dd5afd36e719cfe8c4146eb9608243dfca499da8b5387c02dae3ba2382
476d8d8a5ee6c842a16e5ae6a58cec35ff7649729b77de0319644cdc128340eb
481c4b63180785679ecc1b932f54e3ea60d742890b40a68f52fedaf297aab7a1
4858dcc1e4cd34fe7590f7d252dd0860a968454a47d20521de86265d3b3448d1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572066892833277e23a7d799554ba31f75f23e2422b5fe5007138eda7096f565
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b02499a236eb0666d0b8ccc593cb9a74554520e48ff619aa05836b9afdefd4d
5b1546ae8f493de03b1ca99f9f955a20785679be18625354b363f2f8311f421b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631c14d1157e665fad7fae46fea4c6a72c16d4f30637eb6b120efc49f1cb00e1
649b6e34f79b04c8aedd855071ec1434a04cce409a423db1e29aa36945d5e133
66a8ebc15b8b7b37168771875c392dac1720799e21fc11e91582920f94879081
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
7593ca35334ef86a41d2bd1d059ed114d4e6964671917d765d1f5d43f8e03604
775a02c37772954d38fe41b802b94a0ee37dccb98a03827cdef3eddd2abc13d1
795c9ac583b1f297239a76e1b75a81905939ff9c29b57be3a6764fb00c76f5ee
7e403edcca8df869cbf77b4238a381da8866be08096956187302ac563b8eb014
7f52555fd2a2cfc6e447cbc3e2d4ef115687394356e319f13f3b37f8bf793c83
85a7b34dd31e8a3bcda73a5efa232fcdfd306898e1c4746c69fd9a45d564037a
869184548a0c4fa823795d09dbf8d3e5f7b607d4a30a01b7e73445f106f7ee54
8ae3b4616f7ebed4f76436b19df6ffb05d23b32bbc968889b31c3d11ab996421
8d0608692433a30f00e2f46a6bdaf8963100faa4e0b96657cf7dbb59afc14bdb
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
9b413fc7b51831d67408bd470a4f6f3fe89acab64a87f8d5a01fb918481707ad
9c0da9b9a615bc297de30aa224a6686698100274794c3dd410724294de3c64b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a843bed68507bf5d8c676e20389f166a1746fe63dee2ed642536212a48829f19
af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f
b3ebae3df048a20f9d6005147f5bdd3d31ba307cf1dff8434b6b76126699e457
bbfaefe85b3ca60217ad2ce44f35673f03ae35f34d55de24dd49888245c2ff53
bc3df2caa8149b0ec7ee14a9150d05dcec3059a5a234979ede33412a4ab0ef4f
bd8dc646e2ab3ec2cfc523c408d8bcb67a70369c36a884e5835969c988fc714e
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c77bda7a3fd4822e727762a64a89f095827ec66d2c3d4f44c02420a4868fe091
d134ce313453d9425594a60293b93a6201ee254bd6e6b79aad10bc1ebbf151f1
d5b0da6844579f0e5808d7838ac53b531e67815a1850e84ee2d68d88229acbf9
d8d7eade8e42e39e45e64f0117a4bc0e08b5f1e6456168cf8da955862a39c770
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
ea9c275f2cbd426d5df5bb043d6421ca8839526bd005ec4af7a9511d8a21060b
ec7fb02509ed2c1354bcd444787b64b3f15fac65a96cf871ae9647857d80880b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d0c6a094ec876c2dbea780dac5655e44bc1ec2b0c9c492f8513581879c89c5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f70cbe5cc9bc06e572bc0c489f32baf02fa892d26d8f49b6646723e0d48b828b
f90dfee702fa581e6e25554d858a91fbaff26dfe2aef3b533be169ff5042a136
f9937cfd92101bad82af0d5cb570975b2b30d613e1962a799108e0626f50a991
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

nvlnews.com Open in urlscan Pro 35.209.139.20 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

98 %HTTPS

79 %IPv6

15 Domains

22 Subdomains

20 IPs

4 Countries

1162 kBTransfer

3078 kBSize

9 Cookies

1 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nvlnews.com Open in urlscan Pro
35.209.139.20 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

98 %
HTTPS

79 %
IPv6

15
Domains

22
Subdomains

20
IPs

4
Countries

1162 kB
Transfer

3078 kB
Size

9
Cookies

115 HTTP transactions
3 data transactions