nlotv.com Open in urlscan Pro
2606:4700::6812:1019 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nlotv.com/online
Submission: On March 21 via manual (March 21st 2023, 8:19:48 pm UTC) from UA — Scanned from DE

Summary HTTP 48 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 13 domains to perform 48 HTTP transactions. The main IP is 2606:4700::6812:1019, located in United States and belongs to CLOUDFLARENET, US. The main domain is nlotv.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 10th 2022. Valid for: a year.

This is the only time nlotv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6812:1019	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
48	21

16 2606:4700::6812:1019 (United States)

ASN13335 (CLOUDFLARENET, US)

nlotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.nlotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

ua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	nlotv.com nlotv.com cdn.nlotv.com	828 KB
8	googlesyndication.com 78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	40 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 stats.g.doubleclick.net — Cisco Umbrella Rank: 76	137 KB
5	gemius.pl 1 redirects ua.hit.gemius.pl — Cisco Umbrella Rank: 609595 ls.hit.gemius.pl — Cisco Umbrella Rank: 13483	22 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	230 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720 www.google.de — Cisco Umbrella Rank: 6069	986 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	136 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
1	yadro.ru counter.yadro.ru — Cisco Umbrella Rank: 10464	416 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	59 KB
1	admixer.net prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 200154	114 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	27 KB
48	13

	Domain	Requested by
13	cdn.nlotv.com	nlotv.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ua.hit.gemius.pl	1 redirects nlotv.com ua.hit.gemius.pl
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	nlotv.com	nlotv.com
2	www.facebook.com	nlotv.com
2	www.google.com	nlotv.com tpc.googlesyndication.com
2	connect.facebook.net	nlotv.com connect.facebook.net
2	www.google-analytics.com	nlotv.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	nlotv.com
1	78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ls.hit.gemius.pl	ua.hit.gemius.pl
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	counter.yadro.ru	nlotv.com
1	www.googletagmanager.com	nlotv.com
1	prebid-inv-eu.admixer.net	nlotv.com
1	www.googletagservices.com	nlotv.com
48	21

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
telegram.me
www.youtube.com
www.instagram.com
vm.tiktok.com
kanalukraina.tv
donbass.tv
footballua.tv
indigotv.com.ua
ua.depositphotos.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2022-11-21` - `2023-12-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
counter.yadro.ru AlphaSSL CA - SHA256 - G2	`2022-10-29` - `2023-11-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://nlotv.com/online
Frame ID: 01FA2903CF8B818317615FC754448558
Requests: 41 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: AF306ECB7174AB3848D1B0C1F9290658
Requests: 1 HTTP requests in this frame

Frame: https://78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA7E4757632C1C11681E5DBDD11D23B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 647F3D2E2F28C04CD55A3BCE334713CF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A23F4A13A64E0FE219AB80B03D82DA1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DA2766BB30AC2557A700363FEF2C4EE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Заява Ріната Ахметова щодо активів Медіа Група Україна - Телеканал НЛО TVlogosearchsearch buttonfacebooktwittertelegramloaderstock

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

48
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

21
Subdomains

21
IPs

7
Countries

1273 kB
Transfer

2856 kB
Size

11
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/sharer.php?t=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&u=https://nlotv.com/news/view/8317-zayava-rinata-ahmetova-shchodo-aktiviv-media-grupa-ukrajina
Title: facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0&url=https://nlotv.com/news/view/8317-zayava-rinata-ahmetova-shchodo-aktiviv-media-grupa-ukrajina&counturl=https://nlotv.com/news/view/8317-zayava-rinata-ahmetova-shchodo-aktiviv-media-grupa-ukrajina
Title: twitter

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://nlotv.com/news/view/8317-zayava-rinata-ahmetova-shchodo-aktiviv-media-grupa-ukrajina&text=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0
Title: telegram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5EifS230kRgstQx9nK4YlA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NLO.tv

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nlotv/

Search URL Search Domain Scan URL

URL: https://vm.tiktok.com/ZMLFkb1aa/

Search URL Search Domain Scan URL

URL: https://kanalukraina.tv/

Search URL Search Domain Scan URL

URL: https://donbass.tv/

Search URL Search Domain Scan URL

URL: https://footballua.tv/

Search URL Search Domain Scan URL

URL: https://indigotv.com.ua/

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/
Title: Стоковi свiтлини stock

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;SEGODNYA_UA

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://ua.hit.gemius.pl/_1679429983757/rexdot.js?l=100&sendf=8&id=d6aQBM8AI2VIQCD3m_FOVvWpDfXRkecE2B9PH1w5E4D.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnlotv.com%2Fonline&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=GfB1CHdNqxVH3JA0fBUPg1YHTx0uc.xJKvCXXFiav7z.O7QM0aN5p7JIO1tgIOchm1HcLEwwgt7zu2nekOuEYS4TjqNl/5s1uB_ST9Hzra/&fpdata=R_11EJ4amJ4LNcf257vipj_jpt.36G0Ac4TEB5luTQj.M7&ltime=141&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641a115f24a57cbb&brts=1679429983&fpcap= HTTP 301
https://ua.hit.gemius.pl/__/_1679429983757/rexdot.js?l=100&sendf=8&id=d6aQBM8AI2VIQCD3m_FOVvWpDfXRkecE2B9PH1w5E4D.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnlotv.com%2Fonline&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=GfB1CHdNqxVH3JA0fBUPg1YHTx0uc.xJKvCXXFiav7z.O7QM0aN5p7JIO1tgIOchm1HcLEwwgt7zu2nekOuEYS4TjqNl/5s1uB_ST9Hzra/&fpdata=R_11EJ4amJ4LNcf257vipj_jpt.36G0Ac4TEB5luTQj.M7&ltime=141&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641a115f24a57cbb&brts=1679429983&fpcap=

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request online Show response
nlotv.com/ 105 KB
30 KB 212ms
165ms Document
text/html 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b003ddcc409e3b252367b6a388993a72398b3e012e38629a9622d208558ca55

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
age: 0
cache-control: max-age=60, private
cf-cache-status: DYNAMIC
cf-ray: 7ab8e4330901912a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 20:19:43 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS %(
x-cache-rule: YES with ttl: 60.000
x-varnish: 912533408
xkey: block.news.news.zayava-rinata-ahmetova-shchodo-aktiviv-media-grupa-ukrajina

GET
H2 200 LatoRegular.woff2
cdn.nlotv.com/fonts/ 178 KB
176 KB 209ms
159ms Font
application/font-woff 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlotv.com/fonts/LatoRegular.woff2
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer: https://nlotv.com/
Origin: https://nlotv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 May 2022 11:03:29 GMT
server: cloudflare
etag: W/"62822f81-2c9b4"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ab8e4346b6890e6-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 LatoSemibold.woff2
cdn.nlotv.com/fonts/ 180 KB
177 KB 84ms
35ms Font
application/font-woff 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlotv.com/fonts/LatoSemibold.woff2
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30f77a5ff0bcba46d4e760b0c939a5ff112da0d3ddd13a261834134e00cc21c7

Request headers

Referer: https://nlotv.com/
Origin: https://nlotv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:03:29 GMT
server: cloudflare
age: 265811
etag: W/"62822f81-2cf0c"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ab8e4346b6990e6-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 LatoBold.woff2
cdn.nlotv.com/fonts/ 181 KB
178 KB 70ms
21ms Font
application/font-woff 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlotv.com/fonts/LatoBold.woff2
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer: https://nlotv.com/
Origin: https://nlotv.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:03:29 GMT
server: cloudflare
age: 840838
etag: W/"62822f81-2d250"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ab8e4346b6a90e6-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b4144aa0b8824f7cb1e4ca8b537d16c881f32b5dc9178f9257b22e4a420ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27188
x-xss-protection: 0
server: sffe
etag: "1518 / 166 of 1000 / last-modified: 1679397154"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 21 Mar 2023 20:19:43 GMT

GET
H2 200 prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 0
114 B 62ms
13ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?secguid=754e5227-8f38-4b0a-bfb4-b29f352ad78d
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
access-control-allow-credentials: true
server: nginx
keep-alive: timeout=25
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 288ms
13ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Mar 2023 18:23:33 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6970
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 21 Mar 2023 20:23:33 GMT

GET
H2 200 xgemius.js Show response
ua.hit.gemius.pl/ 64 KB
17 KB 132ms
31ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.hit.gemius.pl/xgemius.js
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 3873b295c37c048cd4417c44dc73d9b6084f9381b9f4126a308429ecd7dbbf81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
last-modified: Fri, 17 Mar 2023 09:26:20 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17199
expires: Wed, 22 Mar 2023 08:19:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 154 KB
59 KB 118ms
42ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KW2VT93

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdb2eb1c174d8c412fd4160261a3721c75bc0e451827e73e33e9bd6d9edfb004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59916
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 19:27:01 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Mar 2023 20:19:43 GMT

GET
H2 200 logo_ukraine.png
cdn.nlotv.com/bundles/app/i/partners/ 2 KB
2 KB 49ms
45ms Image
image/png 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/bundles/app/i/partners/logo_ukraine.png
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58fcf7c8fea3853f906c5f7c15be995d8298f064ba5c5dbba20c19e503118c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:31:47 GMT
server: cloudflare
age: 95075
etag: W/"62823623-8d1"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac5912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 logo_donbas.png
cdn.nlotv.com/bundles/app/i/partners/ 2 KB
2 KB 46ms
42ms Image
image/png 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/bundles/app/i/partners/logo_donbas.png
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31431dabe59190990c3c43d754eb426bd32e424e2b62ba31530a0cd9395756fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:31:47 GMT
server: cloudflare
age: 199224
etag: W/"62823623-9c2"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac6912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 logo_football1.png
cdn.nlotv.com/bundles/app/i/partners/ 2 KB
2 KB 21ms
18ms Image
image/png 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/bundles/app/i/partners/logo_football1.png
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55132bcb0e9a42fb7a1e3e31ff04bb0d5e503239a814de09b540876ac2651b20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:31:47 GMT
server: cloudflare
age: 199224
etag: W/"62823623-6ec"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac8912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 logo_football2.png
cdn.nlotv.com/bundles/app/i/partners/ 2 KB
2 KB 138ms
135ms Image
image/png 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/bundles/app/i/partners/logo_football2.png
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e15a327b38dbcee2191fd8a163be9702f2b2afb752b749f333729f9dfc3d3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 16 May 2022 11:31:47 GMT
server: cloudflare
etag: W/"62823623-6b0"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac9912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 logo_indigo.png
cdn.nlotv.com/bundles/app/i/partners/ 1 KB
1 KB 29ms
26ms Image
image/png 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/bundles/app/i/partners/logo_indigo.png
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3c121ddab0ddd58a7ef8b5ab9a8f8fb27426fa42848d328f801a37f58acf7bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:31:47 GMT
server: cloudflare
age: 199224
etag: W/"62823623-571"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348acb912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H/1.1 200
OK logo;SEGODNYA_UA
counter.yadro.ru/ 140 B
416 B 243ms
43ms Image
image/gif 88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo;SEGODNYA_UA?44.2

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

d08b85897a28dfa5fbf7410f3bdfe3a17254f78b3a4dcf26fbb695657bfcacb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Tue, 21 Mar 2023 20:19:43 GMT
Strict-Transport-Security: max-age=86400
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx/1.17.9
Content-Type: image/gif
Connection: keep-alive
Content-Length: 140
Expires: Tue, 19 Mar 2024 21:00:00 GMT

GET
H2 200 email-decode.min.js Show response
nlotv.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 14ms
10ms Script
application/javascript 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nlotv.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 17 Mar 2023 11:52:23 GMT
server: cloudflare
etag: W/"64145477-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7ab8e4348abf912a-FRA
expires: Thu, 23 Mar 2023 20:19:43 GMT

GET
H2 200 scripts.f66ef28f.js Show response
cdn.nlotv.com/build/ 11 KB
3 KB 24ms
19ms Script
application/javascript 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlotv.com/build/scripts.f66ef28f.js
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a61718f23e1992f5ed30851189a0f4088498d0ba97adf2a7091d214a1ab8733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 16 May 2022 11:33:47 GMT
server: cloudflare
age: 95075
etag: W/"6282369b-2bec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac3912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 article-scripts.e8b076e3.js Show response
cdn.nlotv.com/build/ 7 KB
3 KB 50ms
46ms Script
application/javascript 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlotv.com/build/article-scripts.e8b076e3.js
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fe7bfacf3cf1e541f1d60133b97009c11d0746ced1146db209a122d01aedbb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 16 May 2022 11:33:47 GMT
server: cloudflare
age: 554901
etag: W/"6282369b-1a37"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac1912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 player.29ee93b5.js Show response
cdn.nlotv.com/build/ 733 KB
201 KB 32ms
28ms Script
application/javascript 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.nlotv.com/build/player.29ee93b5.js
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b30d0dfa3511eca3947cf2bafda47b2421752a6dfad37e680a140673eaf16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 16 May 2022 11:33:47 GMT
server: cloudflare
age: 554901
etag: W/"6282369b-b7266"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ab8e4348ac2912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 8317 Show response
nlotv.com/news/view/inc/ 105 KB
29 KB 113ms
112ms XHR
text/html 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nlotv.com/news/view/inc/8317
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf492184ba6397a327f194ce5dcccd1fe23b57ae228f09908eddff679c2c90a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
via: 1.1 varnish (Varnish/6.0)
content-encoding: gzip
cf-cache-status: DYNAMIC
xkey: block.news.news.zayava-rinata-ahmetova-shchodo-aktiviv-media-grupa-ukrajina
age: 0
x-cache: MISS %(
x-cache-rule: YES with ttl: 60.000
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-varnish: 912317578
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=60, private
cf-ray: 7ab8e4348acd912a-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb2d5bc632a2ebdc3f161bba0ed80af7a4f48725592979111ba1eed4bf9b5c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 62cc81fc0ef68.jpeg
cdn.nlotv.com/i/original/uploads/uploader/2022/07/11/ 20 KB
20 KB 17ms
16ms Image
image/jpeg 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/i/original/uploads/uploader/2022/07/11/62cc81fc0ef68.jpeg
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc4711c88d6cf3d7d96717a162f079f0e74e1b22d0a80c00b884d17ffc5b6de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
cf-cache-status: HIT
cf-bgj: h2pri
last-modified: Mon, 11 Jul 2022 20:03:55 GMT
server: cloudflare
age: 95075
etag: W/"62cc822b-511c"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
cf-ray: 7ab8e434eb6d912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 favicon-32x32.png
cdn.nlotv.com/fav/ 2 KB
2 KB 18ms
17ms Image
image/png 2606:4700::6812:1019
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.nlotv.com/fav/favicon-32x32.png
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a0ce3db1efec61da18094e48730a98ac22dae5cce78b645831b6496a22d27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 May 2022 11:03:29 GMT
server: cloudflare
age: 181349
etag: W/"62822f81-70c"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7ab8e434eb6e912a-FRA
expires: Wed, 20 Mar 2024 20:19:43 GMT

GET
H2 200 pubads_impl_2023031601.js Show response
securepubads.g.doubleclick.net/gpt/ 396 KB
134 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 14:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136618
x-xss-protection: 0
last-modified: Thu, 16 Mar 2023 08:37:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Mar 2024 14:54:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 75 B
602 B 103ms
49ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nlotv.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fee5d5bbd17747da10bef223a2d8e662a3dc900acdd3a6593712b6de33b6e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60
x-xss-protection: 0
expires: Tue, 21 Mar 2023 20:19:43 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/846678317/ 3 KB
2 KB 97ms
60ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/846678317/?random=1679429983605&cv=11&fst=1679429983605&bg=ffffff&guid=ON&async=1&gtm=45He33k0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fnlotv.com%2Fonline&hn=www.googleadservices.com&frm=0&tiba=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KW2VT93

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c99a5e206dd273badda9b480e17cf790d37cf64f572b7715f9a5c8a38d6f4e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 36ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Mar 2023 20:19:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yxgD8+BK6v4P8bS7GQaEg+gdU3YvUEIjmF6rYQWxU6QREx1HhxycU8T6kxBdKjC/2u54FXynvdscc2FfAl6wng==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fpdata.js Show response
ua.hit.gemius.pl/ 278 B
393 B 31ms
30ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.hit.gemius.pl/fpdata.js?href=nlotv.com
Requested by: Host: ua.hit.gemius.pl
URL: https://ua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e81401bf6a7603854ca92528ac0d4fe82f55e6f6ae402572ac42653473b27142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 278
expires: Thu, 20 Apr 2023 20:19:43 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame AF30 5 KB
3 KB 117ms
34ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: ua.hit.gemius.pl
URL: https://ua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: 858c72eb788fed9a3537e6e20a753c2b9749d35f547fc48c0d4e7899bd3770e9

Request headers

Referer: https://nlotv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2715
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 20:19:43 GMT
etag: PRIVATE7520710249
expires: Thu, 20 Apr 2023 20:19:43 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 78ms
24ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nlotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
26ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nlotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 678 B
856 B 54ms
53ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1158812466764493&correlator=2725523315430657&eid=31072887%2C31073284%2C44785969&output=ldjh&gdfp_req=1&vrg=2023031601&ptt=17&impl=fifs&iu_parts=21673151856%2Cnlotv_com_tv_Background&enc_prev_ius=%2F0%2F1&prev_iu_szs=2002x1300&ifi=1&adks=1110342106&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679429983664&lmt=1679429983&dlt=1679429983372&idt=264&adxs=-1001&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnlotv.com%2Fonline&frm=20&vis=1&psz=2601x0&msz=2601x0&fws=0&ohw=0&ga_vid=1172471623.1679429984&ga_sid=1679429984&ga_hid=1125319322&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5411994bee027c1f4a4d0fb98e1d361071a372f31072e775d48880aed173b956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nlotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA7E 6 KB
3 KB 99ms
21ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nlotv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 20:19:43 GMT
expires: Wed, 20 Mar 2024 20:19:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 460190584578022 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 523ms
521ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/460190584578022?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e70234401834dd45cc1ba046ef22e826b9e3f4b9094426442ee02ee438e78f75

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 21 Mar 2023 20:19:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: JCcZjoJ+8zXOwkbl+KjUTC2sx38fgF/wqKF6Ny1b+UCStGDt7ogrQ407Mq6rbU29dj8SW4//yKKVEsj9SQD2Ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/846678317/ 42 B
455 B 62ms
25ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/846678317/?random=1679429983605&cv=11&fst=1679428800000&bg=ffffff&guid=ON&async=1&gtm=45He33k0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fnlotv.com%2Fonline&frm=0&tiba=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF&fmt=3&is_vtc=1&random=178637404&rmt_tld=0&ipr=y

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 20:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/846678317/ 42 B
455 B 88ms
27ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/846678317/?random=1679429983605&cv=11&fst=1679428800000&bg=ffffff&guid=ON&async=1&gtm=45He33k0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fnlotv.com%2Fonline&frm=0&tiba=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF&fmt=3&is_vtc=1&random=178637404&rmt_tld=1&ipr=y

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 20:19:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
342 B 74ms
21ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39756367-1&cid=1172471623.1679429984&jid=1669774673&gjid=2098110216&_gid=345984825.1679429984&_u=IChAgEABAAAAAEAAI~&z=1203488178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nlotv.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 20:19:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nlotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 15ms
13ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1125319322&t=pageview&_s=1&dl=https%3A%2F%2Fnlotv.com%2Fonline&ul=en-us&de=UTF-8&dt=%D0%97%D0%B0%D1%8F%D0%B2%D0%B0%20%D0%A0%D1%96%D0%BD%D0%B0%D1%82%D0%B0%20%D0%90%D1%85%D0%BC%D0%B5%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%BE%D0%B4%D0%BE%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D1%96%D0%B2%20%D0%9C%D0%B5%D0%B4%D1%96%D0%B0%20%D0%93%D1%80%D1%83%D0%BF%D0%B0%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20-%20%D0%A2%D0%B5%D0%BB%D0%B5%D0%BA%D0%B0%D0%BD%D0%B0%D0%BB%20%D0%9D%D0%9B%D0%9E%20TV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IChAgEABAAAAAAAAI~&jid=1669774673&gjid=2098110216&cid=1172471623.1679429984&tid=UA-39756367-1&_gid=345984825.1679429984&z=1259814213

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 12:11:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29276
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
ua.hit.gemius.pl/__/_1679429983757/
Redirect Chain

https://ua.hit.gemius.pl/_1679429983757/rexdot.js?l=100&sendf=8&id=d6aQBM8AI2VIQCD3m_FOVvWpDfXRkecE2B9PH1w5E4D.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnlotv.com%...
https://ua.hit.gemius.pl/__/_1679429983757/rexdot.js?l=100&sendf=8&id=d6aQBM8AI2VIQCD3m_FOVvWpDfXRkecE2B9PH1w5E4D.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnlotv.c...

169 B
423 B

64ms
64ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.hit.gemius.pl/__/_1679429983757/rexdot.js?l=100&sendf=8&id=d6aQBM8AI2VIQCD3m_FOVvWpDfXRkecE2B9PH1w5E4D.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnlotv.com%2Fonline&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=GfB1CHdNqxVH3JA0fBUPg1YHTx0uc.xJKvCXXFiav7z.O7QM0aN5p7JIO1tgIOchm1HcLEwwgt7zu2nekOuEYS4TjqNl/5s1uB_ST9Hzra/&fpdata=R_11EJ4amJ4LNcf257vipj_jpt.36G0Ac4TEB5luTQj.M7&ltime=141&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641a115f24a57cbb&brts=1679429983&fpcap=
Requested by: Host: nlotv.com
URL: https://nlotv.com/online
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 22dbb2bb7f0a17b2e86e8bab5121346bef7ab0e1f0318aad558e4278e63c6878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Mar 2023 20:19:43 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 20 Mar 2023 20:19:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Mar 2023 20:19:43 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1679429983757/rexdot.js?l=100&sendf=8&id=d6aQBM8AI2VIQCD3m_FOVvWpDfXRkecE2B9PH1w5E4D.C7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnlotv.com%2Fonline&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=GfB1CHdNqxVH3JA0fBUPg1YHTx0uc.xJKvCXXFiav7z.O7QM0aN5p7JIO1tgIOchm1HcLEwwgt7zu2nekOuEYS4TjqNl/5s1uB_ST9Hzra/&fpdata=R_11EJ4amJ4LNcf257vipj_jpt.36G0Ac4TEB5luTQj.M7&ltime=141&fr=1&ref=&inner=_ver%3D340%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=641a115f24a57cbb&brts=1679429983&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 20 Mar 2023 20:19:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 36ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=460190584578022&ev=PageView&dl=https%3A%2F%2Fnlotv.com%2Fonline&rl=&if=false&ts=1679429984271&sw=1600&sh=1200&v=2.9.99&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.1.1679429984270.1911608157&it=1679429983705&coo=false&rqm=GET

Requested by

Host: nlotv.com
URL: https://nlotv.com/online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 21 Mar 2023 20:19:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 102ms
64ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08fcde31705b37e8c6c883d7f2490e1cb91d360480e9affada106b31e5e03341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11204
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 219ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031601.js?cb=31073284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Mar 2023 20:19:44 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 647F 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nlotv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 18:36:25 GMT
expires: Wed, 20 Mar 2024 18:36:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5A23 783 B
955 B 24ms
24ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aab366021530cc72ed0a904896d0bae3e42bfc94a20c68c2e8573781b9a05f88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iYZvPxqWkFkvDhtzaLRjEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nlotv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-iYZvPxqWkFkvDhtzaLRjEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 20:19:44 GMT
expires: Tue, 21 Mar 2023 20:19:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5A23 0
0 166ms
115ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023031601&jk=1158812466764493&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 647F 36 KB
14 KB 64ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 94566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 18:03:38 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame DA27 0
45 B 11ms
9ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://nlotv.com
Referer: https://nlotv.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://nlotv.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 20:19:44 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 647F 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MWLVMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 20:19:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 130ms
130ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023031601&jk=1158812466764493&bg=!n5ylnMjNAAZEjmHWZI47ADkAdvg8WsAQi0p4y6AUyi95xtmMJ20JK1liWoot1RxkDUeK6OYxfzjfS7J3XrhBWIaqny5WhqK-iKACAAAAdFIAAAADaAEHCgCgfoFSR7GI4W73-HVdIjIFhCG0XvuRyyMDuzGdYdkwDVI4RFWCmpxOzMxKtShdSINlrK_XJeSaEwOM2_orAEp-6SHJH2qDSaFkBj6tTBsquiyFG2rpkEECDbrV3M3Sisuzs5dVlWBzhilB5aagzhOY4C9BO9KkXJ0Rv2f0ey_RKr8WCNvQWp5q4wWkS-1ma7gtC71jk3J6wondw5f2DRWICZkCl2tJH-ZR_EKwJQKO0LOjK_OidF-aM-EM15acLfpzAZyu_dng7QQqQagDB_LIhRnsLAuAMtvdd3eU4H_7kYM1pPGrGcZUteoox4QY6O32qzemP5X9-bp7Yuo6r3YwdbeOh2KN_5cWVNcoBAR9bWeMeh8Fkt7XAVWV6P-t9lO1YJQ0YyKfrvK7Fx6tDS-pkUV9yOizdVshBeKJsNNsIykwcqZVxxVKFzbEDNMf9wjO3sR2eo0QCnxF4saZYxwL8dIUSgTQUVJLnMeA-Qct01g37Z-NrwQ_GE3bT0zra8zskC8Fgn7EXC4_epmsWEXy6BduWK5m5_yi_IGu8tk2EOoPA67EcTpb_rojX_SFIRZOvWQli1mXSqvrcAx0JlTZg0fZwYeEpEV1uR2YgUzSOyfrQSgEBu-jZJrO82CqNtt4b9PrW5Xe1mPI45hx7zIovITo_8nTpIHsM00BVzIG5454SIrnHvSd4yNHaN2lF5qShya7y_nJTjobfBOMVNUtQ7wZza7t-4prjyN6h9hfGk9d15DJKMd0VFY8cRP4q_OuxAjA3cAdQY1rK42DrqfikHxbnG416LRQ1Lni7Zs9YhVzTtvpgYnE6M3FdbIPx81GjL5d1Ef1gm99OcGnRjXhbVCU1K4uv2XdiSc5_Wqdp2RlXXoL1GDwQfMaS3aG6u5RqgMKS0ahzKT3H0g2DjyyABgkeznzDbfx4Bv0cO1Hb-nDEL3v_iWdwSsMU8TatGOheBkR4S2hEzJ5t3pnGB5cSueDx40pLXoJ1iU7xBqNNVdITWf8S539wqUZ1thmQwMj6LdRyYi83cDqEiAtoiRDZg0QSVFUj3dYMoflNCYncDaawuldOcc18sjJoQKQ1nC8an-RwyI6MJWWbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nlotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nlotv.com/	1970-01-20 10:30:31	Name: __cf_bm Value: LA2QXkmWH36tOVNsI8Z28EtJyIdHCuWPDXyuun80h.U-1679429983-0-AaWKoGs1Ba8iHv/rtdTjr7yRNXgVRO9cACLsvqaZOgzWY6tANcRlK2zqT7fIQ7g/RNPK9nZrKV9GBflEwsFIiFs=
.doubleclick.net/	1970-01-20 10:30:30	Name: test_cookie Value: CheckForPermission
.nlotv.com/	1970-01-20 19:59:17	Name: __gfp_64b Value: R_11EJ4amJ4LNcf257vipj_jpt.36G0Ac4TEB5luTQj.M7\|1679429983
.nlotv.com/	1970-01-20 19:52:05	Name: __gads Value: ID=4de1b3674e7affb7:T=1679429983:S=ALNI_MZRo07G9Qya7EFLxhQMkc4NtBKLgA
.nlotv.com/	1970-01-20 19:52:05	Name: __gpi Value: UID=00000bf14f9894cf:T=1679429983:RT=1679429983:S=ALNI_MZcqMu9ArlONMfzMIPo_xySykH_LQ
.nlotv.com/	1970-01-20 20:06:29	Name: _ga Value: GA1.2.1172471623.1679429984
.nlotv.com/	1970-01-20 10:31:56	Name: _gid Value: GA1.2.345984825.1679429984
.nlotv.com/	1970-01-20 10:30:30	Name: _gat Value: 1
.hit.gemius.pl/	1970-01-20 10:40:34	Name: Gtest Value: KlGzJRGGQMGGQcCyNCFB88XUssGMXP8c25nSGVbRNa45XBG.
.hit.gemius.pl/	1970-01-20 19:59:17	Name: Gdyn Value: Klx4kRMGQMGGQcCyNCFB88XUssGMXP8c25nSGVbRNa45FRxSG7RrGS6Gu4fBFlM1YH8PlexaG0F6Sssa
.nlotv.com/	1970-01-20 12:40:05	Name: _fbp Value: fb.1.1679429984270.1911608157

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ua.hit.gemius.pl/xgemius.js(Line 895) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

78dd1a59bfe655db3577188d49f1bd1f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.nlotv.com
connect.facebook.net
counter.yadro.ru
googleads.g.doubleclick.net
ls.hit.gemius.pl
nlotv.com
pagead2.googlesyndication.com
prebid-inv-eu.admixer.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
ua.hit.gemius.pl
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
146.0.227.109
146.59.30.108
2606:4700::6812:1019
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2001
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
54.37.238.28
88.212.201.198
0355d3058b5c3b6d7e6f65a1c28ef32a2c758db1d57cbdb07ab8a21bbc135a40
08fcde31705b37e8c6c883d7f2490e1cb91d360480e9affada106b31e5e03341
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
1fe7bfacf3cf1e541f1d60133b97009c11d0746ced1146db209a122d01aedbb8
22dbb2bb7f0a17b2e86e8bab5121346bef7ab0e1f0318aad558e4278e63c6878
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30f77a5ff0bcba46d4e760b0c939a5ff112da0d3ddd13a261834134e00cc21c7
31431dabe59190990c3c43d754eb426bd32e424e2b62ba31530a0cd9395756fc
3873b295c37c048cd4417c44dc73d9b6084f9381b9f4126a308429ecd7dbbf81
40e15a327b38dbcee2191fd8a163be9702f2b2afb752b749f333729f9dfc3d3b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
5411994bee027c1f4a4d0fb98e1d361071a372f31072e775d48880aed173b956
55132bcb0e9a42fb7a1e3e31ff04bb0d5e503239a814de09b540876ac2651b20
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b003ddcc409e3b252367b6a388993a72398b3e012e38629a9622d208558ca55
5bf492184ba6397a327f194ce5dcccd1fe23b57ae228f09908eddff679c2c90a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a61718f23e1992f5ed30851189a0f4088498d0ba97adf2a7091d214a1ab8733
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858c72eb788fed9a3537e6e20a753c2b9749d35f547fc48c0d4e7899bd3770e9
8a7b30d0dfa3511eca3947cf2bafda47b2421752a6dfad37e680a140673eaf16
983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f
9b1b4144aa0b8824f7cb1e4ca8b537d16c881f32b5dc9178f9257b22e4a420ab
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
9fee5d5bbd17747da10bef223a2d8e662a3dc900acdd3a6593712b6de33b6e09
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aab366021530cc72ed0a904896d0bae3e42bfc94a20c68c2e8573781b9a05f88
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
b3c121ddab0ddd58a7ef8b5ab9a8f8fb27426fa42848d328f801a37f58acf7bb
b58fcf7c8fea3853f906c5f7c15be995d8298f064ba5c5dbba20c19e503118c8
bb2d5bc632a2ebdc3f161bba0ed80af7a4f48725592979111ba1eed4bf9b5c6a
c99a5e206dd273badda9b480e17cf790d37cf64f572b7715f9a5c8a38d6f4e00
cdb2eb1c174d8c412fd4160261a3721c75bc0e451827e73e33e9bd6d9edfb004
cfc4711c88d6cf3d7d96717a162f079f0e74e1b22d0a80c00b884d17ffc5b6de
d08b85897a28dfa5fbf7410f3bdfe3a17254f78b3a4dcf26fbb695657bfcacb4
d6a0ce3db1efec61da18094e48730a98ac22dae5cce78b645831b6496a22d27b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70234401834dd45cc1ba046ef22e826b9e3f4b9094426442ee02ee438e78f75
e81401bf6a7603854ca92528ac0d4fe82f55e6f6ae402572ac42653473b27142
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

nlotv.com Open in urlscan Pro 2606:4700::6812:1019 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

80 %IPv6

13 Domains

21 Subdomains

21 IPs

7 Countries

1273 kBTransfer

2856 kBSize

11 Cookies

13 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nlotv.com Open in urlscan Pro
2606:4700::6812:1019 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

21
Subdomains

21
IPs

7
Countries

1273 kB
Transfer

2856 kB
Size

11
Cookies

48 HTTP transactions
1 data transactions