www.neoldu.com Open in urlscan Pro
2606:4700:20::681a:628 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.neoldu.com/
Effective URL:
https://www.neoldu.com/
Submission: On January 03 via api (January 3rd 2024, 5:14:50 pm UTC) from US — Scanned from DE

Summary HTTP 184 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 41 IPs in 5 countries across 25 domains to perform 184 HTTP transactions. The main IP is 2606:4700:20::681a:628, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.neoldu.com.
TLS certificate: Issued by GTS CA 1P5 on November 26th 2023. Valid for: 3 months.

This is the only time www.neoldu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:20:... 2606:4700:20::ac43:4a79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
55	2606:4700:20:... 2606:4700:20::681a:628	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.239.18.33 18.239.18.33	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	54.194.101.149 54.194.101.149	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
24	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.214.64.190 52.214.64.190	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
2	168.119.0.148 168.119.0.148	24940 (HETZNER-AS) (HETZNER-AS)
3	2600:9000:223... 2600:9000:223f:b200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
12	192.229.233.6 192.229.233.6	15133 (EDGECAST) (EDGECAST)
6	2600:1f13:800... 2600:1f13:800:7780:3623:fc9f:7e19:58ab	16509 (AMAZON-02) (AMAZON-02)
3	167.235.39.43 167.235.39.43	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:206... 2600:9000:206f:7200:15:157b:ff80:93a1	16509 (AMAZON-02) (AMAZON-02)
184	41

2 2606:4700:20::ac43:4a79 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2606:4700:20::681a:628 (United States)

ASN13335 (CLOUDFLARENET, US)

www.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-33.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.101.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.64.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-64-190.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.0.148 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.0.119.168.clients.your-server.de

ads.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:b200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.233.6 (United States)

ASN15133 (EDGECAST, US)

cdn.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:3623:fc9f:7e19:58ab (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.39.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.43.39.235.167.clients.your-server.de

pix.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:206f:7200:15:157b:ff80:93a1 (United States)

ASN16509 (AMAZON-02, US)

img01.ztat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	neoldu.com 1 redirects www.neoldu.com s.neoldu.com d.neoldu.com	1 MB
36	googlesyndication.com f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	238 KB
21	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677 ad.doubleclick.net — Cisco Umbrella Rank: 199	245 KB
17	revjet.com ads.revjet.com — Cisco Umbrella Rank: 8504 cdn.revjet.com — Cisco Umbrella Rank: 8224 pix.revjet.com — Cisco Umbrella Rank: 7200	691 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	126 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1241 static.adsafeprotected.com — Cisco Umbrella Rank: 988 dt.adsafeprotected.com — Cisco Umbrella Rank: 933	104 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	5 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	5 KB
4	ztat.net img01.ztat.net — Cisco Umbrella Rank: 28362	42 KB
4	gstatic.com fonts.gstatic.com	55 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2214 google-bidout-d.openx.net — Cisco Umbrella Rank: 2217	789 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	123 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1218 id5-sync.com — Cisco Umbrella Rank: 658	34 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	12 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	156 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 1261	574 B
1	google.com www.google.com — Cisco Umbrella Rank: 6	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	1 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 3020	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2532	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1919	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	13 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
184	25

	Domain	Requested by
45	d.neoldu.com	www.neoldu.com
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	cdn.revjet.com	ads.revjet.com srcdoc
12	s0.2mdn.net	www.neoldu.com s0.2mdn.net f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com www.neoldu.com googleads.g.doubleclick.net
10	s.neoldu.com	www.neoldu.com s.neoldu.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	dt.adsafeprotected.com	f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	img01.ztat.net
4	googleads.g.doubleclick.net	f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	pix.revjet.com	srcdoc f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com cdn.revjet.com
3	static.adsafeprotected.com	fw.adsafeprotected.com f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
3	ad.doubleclick.net	1 redirects f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com srcdoc
3	f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.neoldu.com securepubads.g.doubleclick.net
2	ads.revjet.com	f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com ads.revjet.com
2	googleads4.g.doubleclick.net	www.neoldu.com
2	fw.adsafeprotected.com	1 redirects www.neoldu.com
2	www.googletagservices.com	f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.neoldu.com www.googletagmanager.com
2	www.neoldu.com	1 redirects
1	tags.bluekai.com	f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	fonts.googleapis.com	www.neoldu.com
184	43

This site contains links to these domains. Also see Links.

Domain
doviz.neoldu.com
www.cmbilisim.com

Subject Issuer	Validity	Valid
neoldu.com GTS CA 1P5	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.revjet.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-11`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
cdn.revjet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-03-11`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
img01.ztat.net Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.neoldu.com/
Frame ID: 8B40BECACA0A6CE111CE1ECA87BED0DE
Requests: 84 HTTP requests in this frame

Frame: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B61A2A5FB9CFF1873BA136BA4E63B65
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.neoldu.com
Frame ID: 47E516F62413EF0F8968BD21C31886D6
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6E69A8BF34BB6C3559A39F4A7ABAD37D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8FA21AA4F0F879141009EA8F0C00C4CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4E59B223992F4B120407F8A7F0D50D7F
Requests: 2 HTTP requests in this frame

Frame: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FB8CBC6618B893D44EE0085EA78E1398
Requests: 28 HTTP requests in this frame

Frame: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5A3521A2A49110E2319126F74D535C3E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOqrnYICMAE&v=APEucNX-BT8zGTwaOhwhx0Be2ACF7FfM5Hs1WgArtAuuYh8ziJg84OiW2NYUOOTZ0qQKXxAczcE2vKE0h2thFOiLCh1kjn1zDkruRcwoG3JbK09zVXFil5Hzy9OYR39AoqQ4fnX02f8duVhufRt9Afkft6KfA54omFBcakGJuOWJwlKBtTJHlW0
Frame ID: 254EECB92F906EEA761C7CECFBFDC73D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNXL3d4BMAE&v=APEucNUYvIZMnFtfH5j4ki6OZ566vLWueC8Hp3sDGdZaP3qYFLhvTyj9BtKDx57JWTbc7T4aBUHHkaeqxQeF88n3BNCMetFNyRaY3gxF5TTjrTcqm5IqR1ij-7kxgd699mXjdUzEYLbL3BxnwkIvZNuQNMlpzowP1D3n4lt2wuhbl2LEPMbTsmc
Frame ID: C9B7F69245D07A09E2DDD49DCFBDECD6
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F5717D854AC366BC33B67C1F82373E20
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
Frame ID: 0D9CC1C51D51BECFA11216FFA80BD02E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8A9E6E9D186793300840E114871678E3
Requests: 3 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Ff760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
Frame ID: D74B0BB0376A10B19B659B2CAE84A751
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E42CAF50C774D1009F23AB620E5B6B06
Requests: 1 HTTP requests in this frame

Frame: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Frame ID: E02F6655058F021F7D86FF189037EB5E
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NeOldu.com / En İyileri Listeler - Tavsiye ve Öneriler Platformu

Page URL History Show full URLs

http://www.neoldu.com/ HTTP 301
https://www.neoldu.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

184
Requests

93 %
HTTPS

55 %
IPv6

25
Domains

43
Subdomains

41
IPs

5
Countries

3172 kB
Transfer

5986 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://doviz.neoldu.com/
Title: DÖVİZ

Search URL Search Domain Scan URL

URL: http://www.cmbilisim.com/haber-portali-20s.htm
Title: Haber Scripti

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.neoldu.com/ HTTP 301
https://www.neoldu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.neoldu.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.neoldu.com%2F&rid=esp&cc=1

Request Chain 80

https://gum.criteo.com/sid/json?origin=publishertagids&domain=neoldu.com&sn=ChromeSyncframe&so=0&topUrl=www.neoldu.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=lV6OlHxIZTlYR2p0K0REYldiWGxCZElCUmpGMElUUEsrS2tQem5RNFBQajE3bi93VUZ6Z2Y0QUdLZDlmWURKQXVmNENrT1FDeDJrUVo2dkVvd01vYWZCMUNCSnZpYUZlOXA4K1dRalhJNnhFaTNHTEN6L2tib3VtU1YzS2RwNitEcDlXczlmckpaNmlOSDhpMEx6M2NHR3RHUUMza3B5LzBmWHNsMENtdkdyQURDblVBOG1vUGtESHo5U2J4ZXB4OHhOZTliOWk5UnBWbi9Zak9DeHVjQjZhT0cxK1VFN0ZOdHhPa25QMk9oSmpGOEJXNGpMRFJwbm1WYmpkZy92blhOTjNsRURGQm5NclpSdzVzeEtIVlZNZWxPcEI5eGhsbTl2eWtnV0h1ZFdZZEdLUT18&cppv=2

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZWWAyuo64oWp0EGaxliQgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ2MzgwOTc2NDg2ODk5MjA2OA%3D%3D

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

Request Chain 107

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZWWA9ehKcwuP0Cp8dtxcwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1

Request Chain 109

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2Mjk3MzM1ODg4ODA5NDExNg%3D%3D

Request Chain 149

https://fw.adsafeprotected.com/rfw/st/1898970/77442864/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-8203385927523536&ias_chanId=1&ias_placementId=20903658371&bidurl=https://www.neoldu.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h7PhvvJ9JMw5BkyWYP6YZU&adsafe_url=https%3A%2F%2Fwww.neoldu.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.neoldu.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:83271810-94de-ab72-22a6-88bb6e2d79f7,c:g8EHc,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-tnkwf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:162,mot:0,app:0,maw:0,fm:u0jXRkk+11%7C12%7C13%7C14%7C15%7C16*.1898970-77442864%7C161%7C1621%7C163%7C171%7C1721%7C173,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:191,oid:96ac15c0-aa5b-11ee-bb28-321cb8bfd4c5,v:19.8.466,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

Request Chain 160

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506037;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704302084571 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506037;dc_pre=CM7-4oLcwYMDFQJK5QodBPILOg;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704302084571

184 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.neoldu.com/
Redirect Chain

http://www.neoldu.com/
https://www.neoldu.com/

55 KB
12 KB

350ms
317ms

Document
text/html

2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39352d5c00d932ff29e2857d2211717a0d38c55812bccd7e4db7a2a939c09ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: DYNAMIC
cf-ray: 83fce12f5e546ae2-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 17:14:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QjKY4kHWj4%2BT2sjuuJuMhguLi2mQm%2BqBbVWR9igOyPodHGykYyFQL8Vj3g5r%2FmZgmtuwMn25d%2Fwn04hSMEdf6YOw6MJO9FTulLJX6%2FQ1f4ARnsio5qFIgIpSRUCiqIE94yirziK2i%2FcsQ6C"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding

Redirect headers

CF-RAY: 83fce12f0eeb2bcf-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 03 Jan 2024 17:14:42 GMT
Expires: Wed, 03 Jan 2024 18:14:42 GMT
Location: https://www.neoldu.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cl%2Fl4o%2BXaW%2FYmbJS%2B%2Bo5SKxLu14wH4GD7P5RkbQoLk9Rtcnk9HxpiBNcgAHWXe0%2BdB%2B4gL%2BmAMCS7dSyA6mNzMtLu1DEOzuBSaL7hA4fM0sP94MlWjwAoVUiFycuyF9l0gG5ZubSjzahgz5Y"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 127ms
67ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc4f6449763c89371c9e72486bdd97ab2024d7b763b89512e72bf399c88a3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29407
x-xss-protection: 0
server: cafe
etag: 983 / 19725 / m202312070101 / config-hash: 14990503706918479220
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 17:14:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 74ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97203200-1

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c621036064bb1fa56e52de72c4cfc8bdf434b0e0d7b7570b6df9c32b666eb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64894
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 17:14:42 GMT

GET
H2 200 style.css
s.neoldu.com/ 143 KB
28 KB 38ms
18ms Stylesheet
text/css 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.neoldu.com/style.css?230317.css
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0903de78ea8971fdf6a9dc18f63015245d450577829138abf0edd423bd26d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2970462
content-length: 28126
last-modified: Fri, 17 Mar 2023 05:47:47 GMT
server: cloudflare
etag: "6413ff03-6dde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k293lO4VoK8fasIl%2Boaz9av4GFZNHM18AyRn4A61JhdZrWDw6VjA9OhjDCTJJ5bCIbSbCcUK9reYIWNH37HPobhJuBRaAePmHg6O%2FIEH7qWcgYvyVvQH54BxCW8hePYgH3GEUccun4KoVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce13179c16ae2-FRA
expires: Fri, 29 Nov 2024 08:07:00 GMT

GET
H2 200 logo.svg
s.neoldu.com/i/ 4 KB
2 KB 19ms
17ms Image
image/svg+xml 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/logo.svg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd3dbfbd4e59c88ab5073a45a7f31a96443db557342f6e42bd897441034ca93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jul 2021 05:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2978828
etag: W/"60f7b6b2-e48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxIYFDSj2Yag9t7HQ7tPtWq%2BPGLZO%2FMD56twETxhpa24a4zXUfZOrAcFdlrz882KdzUjQVdbzxPuBtyPab8G8nunW6pRieWddyNAp3KmR6VGnKrUL07J9KAG84QOoE5a8Tvl7ppEjRhp6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 83fce131a9f06ae2-FRA
expires: Fri, 29 Nov 2024 05:47:34 GMT

GET
H2 200 90186.jpg
d.neoldu.com/news/ 20 KB
21 KB 40ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90186.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3337f150c61ee89be64e0892af2b0fe002913d34d238fb942a991aa083750f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17839
content-length: 20674
cf-bgj: h2pri
last-modified: Wed, 03 Jan 2024 11:20:19 GMT
server: cloudflare
etag: "659542f3-50c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxAq21LpkENdhACgTHLnJofTnvdpGfqheBhxfZTS6JDMWmVRzuL54hx3mmDMdRhTeuOXT3c8%2BdriDqV6iq7Sas2b8KVF8PcHPVJJEZEr0z2uYp%2Bwy3fbY8LuvCPrks8f9hepgKTyDRZ9kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce13179be6ae2-FRA
expires: Thu, 02 Jan 2025 12:17:23 GMT

GET
H2 200 90188.jpg
d.neoldu.com/news/ 23 KB
23 KB 35ms
15ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90188.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce6b01b52ec61baee536b101ee90779a46a8e6bf86ed0b8212bb93a55a2dd8b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3937
content-length: 23488
cf-bgj: h2pri
last-modified: Wed, 03 Jan 2024 15:17:03 GMT
server: cloudflare
etag: "65957a6f-5bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujoWRuUrQpItYlUmwimWJSSz6jyJtLMC6Q6Eglj%2FW%2BsJjVx%2BGC3jPHT88troXsohMwSxZ5zQFAc70CiIOkpE0I3WhaiGQJeA6Cb7Xp9QI7CbGy9EZoYmdrjbtCls6Mt%2FVW1ELPjZGJsKyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce13179bb6ae2-FRA
expires: Thu, 02 Jan 2025 16:09:05 GMT

GET
H2 200 90187.jpg
d.neoldu.com/news/ 71 KB
71 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90187.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd27758f6d9270a67e7e702e77579eede59da9c6db2873ea56370f1196902078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7603
content-length: 72409
cf-bgj: h2pri
last-modified: Wed, 03 Jan 2024 13:30:44 GMT
server: cloudflare
etag: "65956184-11ad9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlIYi5tHnJb%2FSbFBBd476ABWwXWQwwDrk9esOA4tDfhfpJvLuMzqn8r9%2FyNDMklPTDDllla80AExQ%2ByH15ft4tCiYbCHN6dvNA4sAKxpV6q3ZFbMDYKcun64RQbE8HNnFB%2BeMSUqxibf%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce13199dc6ae2-FRA
expires: Thu, 02 Jan 2025 15:07:59 GMT

GET
H2 200 90185.jpg
d.neoldu.com/news/ 26 KB
26 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90185.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a085e24c3848488e2d3d85c33d8de768e4e81ebc02719c2ab8d4d976f0f5febf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18853
content-length: 26116
cf-bgj: h2pri
last-modified: Wed, 03 Jan 2024 07:31:52 GMT
server: cloudflare
etag: "65950d68-6604"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMrRqDIMx3eMVqjtTDyWYXuVD%2BMAhpPmfDLJPskzr62l8d0NIj6GJQEUI98jz3cW%2BlkF4oes2zDCjvQPPfDfJOAY4liNIaGeKagrdcXEMyYopzTMLXN8IAhjWNUG4XJgzUxWxa5BQoNXPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131a9eb6ae2-FRA
expires: Thu, 02 Jan 2025 12:00:29 GMT

GET
H2 200 90184.jpg
d.neoldu.com/news/ 187 KB
188 KB 29ms
26ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90184.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cce030a4fc657f68dd96791a44c290b586902e72aabc394c0c4d49a2b2bcb38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87823
content-length: 191885
cf-bgj: h2pri
last-modified: Tue, 02 Jan 2024 14:09:47 GMT
server: cloudflare
etag: "6594192b-2ed8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GECqmfNEbk5sNl8ItrAxd21%2BpbBaunNlqgkuITL4k5bUmLkGSHOm58Gna8NTB6CPYmUDQHCLnpLtZ%2FKLrfgv7PvndWRgn82RxlZbAtY6n2ymLP6IZdcrOQNVOqJrznuP8lzBfTdgPt1hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131a9ec6ae2-FRA
expires: Wed, 01 Jan 2025 16:50:59 GMT

GET
H2 200 90183.jpg
d.neoldu.com/news/ 23 KB
24 KB 27ms
25ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90183.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d89b3e9d55dfcce9b0a0b13b004d2433f4ab1c099d8f353575be57e538d0c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95818
content-length: 23740
cf-bgj: h2pri
last-modified: Tue, 02 Jan 2024 12:22:43 GMT
server: cloudflare
etag: "65940013-5cbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ODrQfKzKtySpuuKh%2BVN9XxMMrdhu0wSWOBRwPAa%2Fvnrc88ouFspJQ2pWnV%2FjwtuuDZ08OPWqMw5kyfBmp%2BUlorFda%2B6rmDmSy%2BQQnwPr18nNBY%2BAtryXJYDmeqiYkrC%2Bdgj1dfQ%2B%2FauJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131a9f16ae2-FRA
expires: Wed, 01 Jan 2025 14:37:44 GMT

GET
H2 200 660.jpg
d.neoldu.com/member/ 9 KB
9 KB 28ms
27ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/660.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd29d64976cf24d279d394f90e21ae38920273c4e7fb172f846238d4758294d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4265994
content-length: 9136
cf-bgj: h2pri
last-modified: Wed, 25 Aug 2021 11:21:32 GMT
server: cloudflare
etag: "612627bc-23b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUeAa9af8MkRmcwB5XPZHWcv9wsOuQIPwlUe8t1KG331iuMn0MHXvqHuUMKOH5EGyttbWjX9hk8FbwrtPG8aSwJCmNUYuwaV16Q9dV4QKlsl66cdiMj5bG1%2Bwkd%2B%2FMsXUJ36DFn0F8qVrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131a9f46ae2-FRA
expires: Thu, 14 Nov 2024 08:14:48 GMT

GET
H2 200 663.jpg
d.neoldu.com/member/ 8 KB
8 KB 37ms
37ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/663.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea808dabbaba0b295d7a7bce33fdee9471a84ef352c6769b97cd27b41be66d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4519893
content-length: 7884
cf-bgj: h2pri
last-modified: Tue, 31 Aug 2021 10:39:27 GMT
server: cloudflare
etag: "612e06df-1ecc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dELqHzFlRnKXcHh7opoziidJPPLO7amLuOL0w54T3rMvzWZXylsQ6hh9FZWVapbsVSn62iMsDTQWbXuMohxfNHePtPjmcJuSspYCjWyJ4ReGb8iXNETh%2F7RIOKHPLVNfaQOEf8D4bpyALA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131a9f66ae2-FRA
expires: Mon, 11 Nov 2024 09:43:08 GMT

GET
H2 200 661.jpg
d.neoldu.com/member/ 10 KB
11 KB 25ms
25ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/661.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77871a2d0c71a16aecadd8cd2f9934d2cabef8fc089f3978a75dedc66943cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4577463
content-length: 10395
cf-bgj: h2pri
last-modified: Wed, 25 Aug 2021 11:23:30 GMT
server: cloudflare
etag: "61262832-289b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieEIkxj8K842Y6GZaUgp%2FXEXISVejwbdLkMo%2FTI4YsXBnxprdp9mSvIfwtVbER5fKHVKoSrxecOxR7Fxd%2BMmApSEx0rKOLmvIP2SwJV8RF91zvU2EVlIYR4yd%2Fj0iTwWeEB8HnniiP%2FDFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131ba086ae2-FRA
expires: Sun, 10 Nov 2024 17:43:39 GMT

GET
H2 200 674.jpg
d.neoldu.com/member/ 8 KB
9 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/674.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf2ebd796ac6537d97c4cca1b9723122bea6253736f35617aabec4a223274a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 8556
cf-bgj: h2pri
last-modified: Mon, 30 Aug 2021 13:39:49 GMT
server: cloudflare
etag: "612cdfa5-216c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BDbREoneTHYm2jD1KD%2FZ3mhssPTRfYyykMM%2B2VqHl%2FyIrxDFzsrBCKUhnt4SkKpIKDfPLmgTjHpp1t%2BmcFTEPyq3EZjWdy0LHnc13Z0r%2FbhEPGTG2lyLkllDKGNsNnvd4KLVX7e2NrL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131ca0e6ae2-FRA
expires: Sat, 14 Dec 2024 20:30:28 GMT

GET
H2 200 859.jpg
d.neoldu.com/member/ 23 KB
23 KB 26ms
24ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/859.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35e5c1b2d49ec29744142ee8c59bd18c961575bf232f8237b6f62616d464975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3980529
content-length: 23174
cf-bgj: h2pri
last-modified: Fri, 18 Mar 2022 10:17:21 GMT
server: cloudflare
etag: "62345c31-5a86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgTRj481Tag%2FlwfapZmwo42IdmbTqWg03qOzV62WzjuIZFaF28aqUn2HGOQl8SZgckP3lWc%2FuN%2BVuIbSAj%2Fuc93qgoALE81KOj6nZq0D%2FsrWNDgq%2FwsRppr2jl2u%2F9MJUVZJFpFrDxC8Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131da226ae2-FRA
expires: Sun, 17 Nov 2024 15:32:33 GMT

GET
H2 200 1x1.gif
s.neoldu.com/i/ 43 B
397 B 24ms
24ms Image
image/gif 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/1x1.gif
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2980920
content-length: 43
last-modified: Sat, 18 Apr 2015 02:03:28 GMT
server: cloudflare
etag: "5531bb70-2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB3rCXiS4tYhBi%2Fv5inTWq2Oi55YfRs79P6Ifmu6hz06MtiYU6GyUFyKtYADz4%2BbgAjor6HhsaTS8dhcGzgY%2BKpLdzVjCRu9UtJ516juA2jvw6Df0uC88vsluAjqNptUbW4ccTt2Mbi2bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131ca106ae2-FRA
expires: Fri, 29 Nov 2024 05:12:42 GMT

GET
H2 200 function.js Show response
s.neoldu.com/ 211 KB
69 KB 39ms
37ms Script
application/javascript 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.neoldu.com/function.js?200930.js
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc81b2a3f6d2a76a6019c848712b31233a157bf11fbb4b24600fc9070c7d367f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2981732
content-length: 70569
last-modified: Fri, 17 Mar 2023 05:47:38 GMT
server: cloudflare
etag: "6413fefa-113a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd9QGUYRAnPZ2cCA1m20eKMnpM0ZgxBg5PbE7IMLDOyAKpcS2YRy9zduBA2C6%2BkNfGyJ3g6FYtxDVcUE0181yhYSToxyxfwJXNO03vUm7BrrwaHKBPX2nchjmp6nasb7KGUghqQNyKiG2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131a9ee6ae2-FRA
expires: Fri, 29 Nov 2024 04:59:10 GMT

GET
H2 200 base-outer-bck.png
s.neoldu.com/i/ 109 B
469 B 31ms
31ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/base-outer-bck.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbcdb7efb1c3ceccde4dec40c04a14fda79fe5e33c0db39eb74053aabb2e8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2889026
content-length: 109
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJPclIxnPYTVor0oKS2%2BemaJOJ8AG76kODLJxAL%2FV02Da966JdrIBMNWop%2FIs8RGv3pwlbsXYMbLwhaNtEwUxM3UczVUj%2FibaWp7Ow2AmwHjdm0dMz1vDCHSSu7rb4vcjm7t0k7G%2B4tKPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131b9fa6ae2-FRA
expires: Sat, 30 Nov 2024 06:44:16 GMT

GET
H2 200 blog-slide-bck.png
s.neoldu.com/i/ 12 KB
12 KB 26ms
25ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/blog-slide-bck.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fa54ab76eba77a3dcd2d8ee1c407b3718e2408ca71956dd37628fc376344f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 12108
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-2f4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlWBwcGJGMOVOQZyJoxmxZcQjFylA3VQ6jADxd3iYhZm6CtVGxMZ%2BglpFLG6BS1G3wX6D2EBgsiAr%2BIPg0reycEbBgIqMvZlYL36aWEmietlo6zH%2Fx51Ol7mStq7TgqeTJIYrEFlNEGXgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131da236ae2-FRA
expires: Sat, 14 Dec 2024 20:30:28 GMT

GET
H2 200 blog-slide-item.png
s.neoldu.com/i/ 170 B
514 B 24ms
20ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/blog-slide-item.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65df2e1f238caeb22b2db1f3e3ca029f2b308b3a4e6f988c5ac676154f13c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4850839
content-length: 170
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZED4milzQ0S82W%2B6iVuem8Fze9vhAw2yIPXkGgWkpXjz3wl2dBTGJI8SdO6Qq8A3a1ISGIHKjqx7XRTVgF3voaxSuOiLah34DTvmuoRPMoe6Zn4zCF%2B1Lcc5gRveHhl1YlwIZ%2FHXh2tFKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131fa3d6ae2-FRA
expires: Thu, 07 Nov 2024 13:47:23 GMT

GET
H2 200 gazette-slide-pager.png
s.neoldu.com/i/ 196 B
579 B 20ms
19ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/gazette-slide-pager.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4ab387a8bff4052837f004ea8c973a4891d6b3ec260989b6c4d7be8d20bf0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 196
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLLOETBg8dEgSy8%2FgZNr5aonYnmxnHjbUbxs3LLye7srjkLwyrAuVZxHyTIHQD0oEPSEFTRwCAWF5AArRdmEx5XBjDXJ4SbWpCrCY9G5AMgtum3e9PTI7t2pVp2X1wKi3RMH%2B25x8ntiYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131fa3e6ae2-FRA
expires: Sat, 14 Dec 2024 20:30:28 GMT

GET
H2 200 gazette-slide-bck.png
s.neoldu.com/i/ 13 KB
14 KB 26ms
25ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/gazette-slide-bck.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885c6b0b1d8a8f4508e924b7a6e8b7a95533201420bee1b72f0e5cea97d7d510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 13795
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-35e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XaBXmSOIcghyuMoHMvMiTjqX4J3aGpx7Bpf1np8i3cNdCWAqxULUJUuWxxLV2m25bqSZSh4BMJJ6Jwsp4WLFd7gKyV5xUVY6P9f3LqSCSN6%2FM2AW6x3YLJLWXLMy3VAWFVJdQvt3qeQ9bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131fa416ae2-FRA
expires: Sat, 14 Dec 2024 20:30:28 GMT

GET
H2 200 cm-icons.woff2
s.neoldu.com/i/font/ 39 KB
39 KB 52ms
17ms Font
application/octet-stream 2606:4700:20::ac43:4a79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.neoldu.com/i/font/cm-icons.woff2?87789116
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccd1dba2361724375bfe0cc75deac06ac94758f9ee3b39b3572a92e91120e8b

Request headers

Referer: https://s.neoldu.com/style.css?230317.css
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2888696
content-length: 39588
last-modified: Tue, 01 Jan 2019 06:10:54 GMT
server: cloudflare
etag: "5c2b046e-9aa4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwRSJPgzjDLZl3BWQvAr0GXIZDyILh31UY9cjc1ccYDxz7PDdUMJNZql%2B%2B9EjKwZmjJqt5xQ7%2FJHltpMSgYUZ3dD5BO4%2BrmpeCpKCo5jSzrJHaBf91rFnfl4MjSAmJL8%2B%2FxM35P8vMJt3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131ff5c3809-FRA
expires: Sat, 30 Nov 2024 06:49:46 GMT

GET
H2 200 90180.jpg
d.neoldu.com/news_t/ 10 KB
10 KB 21ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90180.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ca4763243c8132c0720a6677c1e7dba0a6c459bed84d086d78533d73efc014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 359495
content-length: 9804
cf-bgj: h2pri
last-modified: Sat, 30 Dec 2023 08:21:28 GMT
server: cloudflare
etag: "658fd308-264c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nut%2B8oEGSvaesurIBMXwTB0GnBS5IyJgpe0DLod4sTXolg0z3w7CeKb6fs93n2YeMQl4wsqC%2FLQC%2B6G3PW%2FsXFK1HKMEGIasbXVEJskm%2FO%2B5ctAffRJ4okVRVfHuAOvN%2F7gBINchyBRMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131fa496ae2-FRA
expires: Sun, 29 Dec 2024 13:23:06 GMT

GET
H2 200 90178.jpg
d.neoldu.com/news_t/ 12 KB
12 KB 24ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90178.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38ce282c141a9ec6ef508d7d442f8ad3d768cfd5a61cd28a255f38cbfa0249bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444941
content-length: 12007
cf-bgj: h2pri
last-modified: Fri, 29 Dec 2023 13:36:33 GMT
server: cloudflare
etag: "658ecb61-2ee7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rid6ZQbwGC7GmB65fQ3shYI4cq8cWTCBOnMOl%2FGkUDqr97hnIIWmlib3YXb6Zf9AR0K4w5QX%2FezG8jKdBNOWSaIyyQDBKTQN4iD3DqI2A6l1%2BnWQz%2BEU43ccHqLMz8hVezjLml%2FtJ5e7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131fa4d6ae2-FRA
expires: Sat, 28 Dec 2024 13:39:01 GMT

GET
H2 200 90179.jpg
d.neoldu.com/news_t/ 11 KB
11 KB 18ms
16ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90179.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20f208397ed58df9a3c6d5b004bddbcc376e745e686e661aa47bcf9674bd142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444941
content-length: 11153
cf-bgj: h2pri
last-modified: Fri, 29 Dec 2023 13:11:34 GMT
server: cloudflare
etag: "658ec586-2b91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mh227lwvnH6Io6YBhIa6yJEB4Xp6PwhGPfz6kAOo%2FY1DRezPa5NpMjnm%2FzYNN7R9SeDaMSgtCC7eDRanLoUzgeP8hpCBJGczz46TXSagBiYsyKVoeqz%2BGxeZWpxU51Hh51YOjtTEjnmpXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce131fa4f6ae2-FRA
expires: Sat, 28 Dec 2024 13:39:01 GMT

GET
H2 200 90177.jpg
d.neoldu.com/news_t/ 15 KB
15 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90177.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619be5487ecfb7b504f7147528a2c5f336297daff6a05d3c145f166fd3565ca7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 444696
content-length: 15005
cf-bgj: h2pri
last-modified: Fri, 29 Dec 2023 09:11:34 GMT
server: cloudflare
etag: "658e8d46-3a9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD60RWYmTDkOyU7yPQ6XWskaswzC0gQq8KeIpeGjYo7YuxYVRI2bOEFXlzG5zDgMClctHhw9lzU4eoX%2B1I25g9cIW%2Bo0kuWfo%2BWGntEXqyYd56beJQwo8Nf%2BA%2FFR1439i5shADTfvyD5GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1320a586ae2-FRA
expires: Sat, 28 Dec 2024 13:43:06 GMT

GET
H2 200 90175.jpg
d.neoldu.com/news_t/ 13 KB
13 KB 368ms
367ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90175.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b37e9c5a2b4c1ba0a890695dfca1babbb47bef8ddefacc5c966a604fdec2f6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: MISS
last-modified: Thu, 28 Dec 2023 14:38:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658d886b-338a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zoix8Nv5%2FQZtIH7UC%2FM%2FtU4dhaF0qFOS9pqimdm14f7rzjTfrPjH%2FRCjKMeP2wIt%2Bd1e9pm5iQv2pNQC4yRpC85eg5YaM4%2F6s75nylZ4Eg8szMtq62%2B4xrPRkSk6glpp0k0UuG8%2BAWdCAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1320a5b6ae2-FRA
content-length: 13194
expires: Thu, 02 Jan 2025 17:14:43 GMT

GET
H2 200 90174.jpg
d.neoldu.com/news_t/ 7 KB
8 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90174.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bd46acedcdb9f7c7ef7b5ddbb4cb6a57fd9477d5de057d3c6e4493150f6f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181213
content-length: 7431
cf-bgj: h2pri
last-modified: Wed, 27 Dec 2023 11:02:51 GMT
server: cloudflare
etag: "658c045b-1d07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBqvpWJb5nFbT4DdH5q5GRUdlMP9NPa8lwOyu8ZLzRN7xfNJT0XHSaYgxMSRtaHNe%2Fn9y%2FdEgQe2u%2FMbRUTdGFqyLUGhOJHTQ4oEPNjSBcFybCU0cs9BT41LHb2ZmR92woxJFUtb0F0XsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1320a606ae2-FRA
expires: Tue, 31 Dec 2024 14:54:29 GMT

GET
H2 200 90173.jpg
d.neoldu.com/news_t/ 16 KB
16 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90173.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab99bbedd7d7c5b9437b85c209aaceadd13ccad4ed4b7f1d31689e7f7a72c32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181213
content-length: 16016
cf-bgj: h2pri
last-modified: Tue, 26 Dec 2023 14:48:52 GMT
server: cloudflare
etag: "658ae7d4-3e90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hogVf3wFVrYMwH6JNTStqK1JK1JQ%2FlfcjeQ67IntPZwiZDBWExkWNDBPFG5hb2DN9xCmHZGEg%2BIKr0UE3WQM5Mm3jTuOjMxyqJnPzcgCBjVX31r7rk%2FeKcfY%2FbZ3HrJLnXgLDY7Nr%2FnnbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1321a806ae2-FRA
expires: Tue, 31 Dec 2024 14:54:29 GMT

GET
H2 200 90172.jpg
d.neoldu.com/news_t/ 12 KB
12 KB 17ms
16ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90172.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a170c28519ab163347c5f2148e7f71f9a93f933696e6458ab2760c117d7dd8e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 763507
content-length: 12190
cf-bgj: h2pri
last-modified: Mon, 25 Dec 2023 14:51:17 GMT
server: cloudflare
etag: "658996e5-2f9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdO7zp4U7mLjfk60ZUiw6iSH0b%2FcL5JWXy3pSGv4GV3odT8vw%2BIyyk%2BQAh%2FVfDWEyGo0rDiv7DQMwwyWi6eNdBChB9%2BF551F%2FgoHPf%2Fov5lObjvGbmbuylhjqLrpEV6lxADf76tAQmR4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1321a826ae2-FRA
expires: Tue, 24 Dec 2024 21:09:35 GMT

GET
H2 200 90171.jpg
d.neoldu.com/news_t/ 12 KB
13 KB 17ms
15ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90171.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23c35a9b9e47b1d001695eff256f1f2ffb3f29685ec895043a7545c3ddb683d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95778
content-length: 12490
cf-bgj: h2pri
last-modified: Mon, 25 Dec 2023 12:29:12 GMT
server: cloudflare
etag: "65897598-30ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ts74mb6gpR%2FJO%2Bz9VK143Izn3vZEfULy9GsmrpVWg5vLTxa1wkINxpzB%2FUkQvOBlHPN%2BhxnEtT1pAkl1KpWIrhO%2FG7khBdjk45VQLY6QMz4Dk0zEJ7KCEcQF4Y7D8sjJGkc5BkVg6PrL1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1322a996ae2-FRA
expires: Wed, 01 Jan 2025 14:38:24 GMT

GET
H2 200 90169.jpg
d.neoldu.com/news_t/ 13 KB
13 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90169.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4736b2c14b2e33beda655ca3fd1733fd10d72626ab276af206f5bcb06c1e7f80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 860825
content-length: 13034
cf-bgj: h2pri
last-modified: Sun, 24 Dec 2023 08:42:06 GMT
server: cloudflare
etag: "6587eede-32ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm3GJqb569U2BYoiD6QlJDIjVa%2B2r9YanSPCxqyISdtRza3aHNahP%2BYhoK9UZHUyLmSI%2BT8hRxftUMTnuNzaFedGya6kbHqdJNUDwCaMmXkwAYZEyIQ8dwu2BLO3jBxbh1vXiEkd%2FsRusA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1322a9c6ae2-FRA
expires: Mon, 23 Dec 2024 18:07:37 GMT

GET
H2 200 90167.jpg
d.neoldu.com/news_t/ 8 KB
9 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90167.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 988d25d0fc5100d78313270475f9efa16a357bfa2ff48f4c61e87fe3cc0a6617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181213
content-length: 8360
cf-bgj: h2pri
last-modified: Thu, 21 Dec 2023 12:02:35 GMT
server: cloudflare
etag: "6584295b-20a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZHHK4vIa0qtNjo33ilHt%2F%2BibJ3aFPfpletmemkbZ2k3HQ%2Fx5rBLdQq2esnX5cICnrjheHaWNM6s9MZXGXJDdDHC3anf0ZfMw4hSnDMW5S2kRUOLBZ1275IlPFyXOwjSikeuSvRGBE%2FHGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1322a9e6ae2-FRA
expires: Tue, 31 Dec 2024 14:54:29 GMT

GET
H2 200 90166.jpg
d.neoldu.com/news_t/ 16 KB
16 KB 22ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90166.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1137defc8b0289e743a609d5d8e3807c2c8790b084b65dbeb7431b1f104de1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1037531
content-length: 16268
cf-bgj: h2pri
last-modified: Wed, 20 Dec 2023 14:32:14 GMT
server: cloudflare
etag: "6582faee-3f8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q852diAM%2BYEHN6u0zBAXDaZSMF0BaB71aDDRoEWw0p9QEqGw7UR9WS8KRCvkOtqw0qxRNwTUZFSeeFR5fKpccxtz9fpNRN23Bu7TSzypJZ%2BWYD7UILOC4p1uWad41YJpZivf5iHo82LhNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1323aaf6ae2-FRA
expires: Sat, 21 Dec 2024 17:02:31 GMT

GET
H2 200 90165.jpg
d.neoldu.com/news_t/ 8 KB
8 KB 40ms
40ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90165.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e92827b8239b59fd6efabd8dbedfa65f9926d599fa42989b7fd5b4bdcfde899d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515841
content-length: 8286
cf-bgj: h2pri
last-modified: Tue, 19 Dec 2023 12:10:51 GMT
server: cloudflare
etag: "6581884b-205e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eh3ZJLu0Dhi71Kw0XCIVSseNv%2FuRjWU7lltI5c%2B6BxweyGMGH3VSloYAAshENF63dBcvXPLrphUknXzT9FcENKAzHA%2FlejUz7GfT%2FT%2BZ926ZtR7hKQy8agNz5kFUx7gIu0ZwvL1RZujsFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1323ab16ae2-FRA
expires: Fri, 27 Dec 2024 17:57:21 GMT

GET
H2 200 90164.jpg
d.neoldu.com/news_t/ 9 KB
9 KB 28ms
27ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90164.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbe8d2cdd16160c193b1b1e81cbf7a2a24b8dfd0a1ce16b270c588ef2d2aae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1395789
content-length: 8747
cf-bgj: h2pri
last-modified: Mon, 18 Dec 2023 12:58:01 GMT
server: cloudflare
etag: "658041d9-222b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2cfJ6HmsDbQnWypxa9xwfqXcYYwAnE6iyDqExEX7xK3QPKGnkRYmhKCbkDw2wUQxnp5uxgGX6Qd8G7TZ1aW0FjH0rT%2FDWxox2ClaJgGDJ0jkaSCcySUh51G9aE1j0V0hUXdlFamICg4iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1324acd6ae2-FRA
expires: Tue, 17 Dec 2024 13:31:33 GMT

GET
H2 200 90163.jpg
d.neoldu.com/news_t/ 20 KB
20 KB 29ms
29ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90163.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb97cba3bfeb396106f589d9f3d996acbf9fcfcc4690a0e98926da9f400887e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1558020
content-length: 20462
cf-bgj: h2pri
last-modified: Sat, 16 Dec 2023 10:40:23 GMT
server: cloudflare
etag: "657d7e97-4fee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57kCr3TKP1Ba6rOTGSjorO97WpvKRzMdy9%2BmI9aFxuYqNgGwi8b6%2FETijIeIi%2FOPTkkAb8wizWTFKvFUCUnId9qB7TPYM0dgQg%2FONmP%2FJMKD4t4IfDwM4lq3kikuAlNzXFH4we1MYoHqJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1324ad16ae2-FRA
expires: Sun, 15 Dec 2024 16:27:42 GMT

GET
H2 200 90162.jpg
d.neoldu.com/news_t/ 6 KB
6 KB 28ms
27ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90162.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9a2c6761749c7e1c88d37fd5d6ed99bb77ee5833f32c10172207c55c9760b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 627115
content-length: 6170
cf-bgj: h2pri
last-modified: Sat, 23 Dec 2023 10:35:15 GMT
server: cloudflare
etag: "6586b7e3-181a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mmcw8OtOkkoxuk8P5V%2F6asUJZtvb1UIgbzbJ%2Bz2%2FJRxUPl%2BIhCF%2BjBTmWHdRDvq%2BSDhMx%2ByFF0Bzn4hmPaHprvK3CQ57WXCP1yk7bk%2FeGXYeAqBPOVpLSXsvPIKGJKv9buqM3Ni9ryPJtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1324ad66ae2-FRA
expires: Thu, 26 Dec 2024 11:02:47 GMT

GET
H2 200 90159.jpg
d.neoldu.com/news_t/ 11 KB
11 KB 24ms
23ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90159.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 121eeba8bb5f858d75e2fc1d028486832d1d29c113e3555ad0ad54fda3fefe32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 992583
content-length: 10863
cf-bgj: h2pri
last-modified: Thu, 14 Dec 2023 14:29:30 GMT
server: cloudflare
etag: "657b114a-2a6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OA%2B3oNn%2F26WVyOkaUqAfGn9r2n3WvhPpZhfNv4GvUJumrNe6YiDcXB8F7Gpu04d7HdHcV%2F%2BVfV4Nzm7Wne8Or0OQ%2F2QtGVzYop6o9keV04knHdJZMXLxLFrT4VPNGhPM5r2GhBPtbkaffg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1326af26ae2-FRA
expires: Sun, 22 Dec 2024 05:31:39 GMT

GET
H2 200 90157.jpg
d.neoldu.com/news_t/ 11 KB
11 KB 18ms
16ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90157.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27a1bd0c8558ae99e84600f9496e5d1785ca45b3867d1a72ce135fefb154ebc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176584
content-length: 10875
cf-bgj: h2pri
last-modified: Thu, 14 Dec 2023 14:16:28 GMT
server: cloudflare
etag: "657b0e3c-2a7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ngOvIFLoDM40AbY6gQb%2B0eaGp6zIHxA2xpRFhK81j7dPACKo0a7vBJbuiWwH1vgOdwLm52NhrZ5NyMO6thj0w%2FLNVCyPxZe7SlwQdDBVO04bDclEgEXbrQ2wuof%2FDq0H98NGnTnoZ6rEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1327b036ae2-FRA
expires: Fri, 20 Dec 2024 02:24:58 GMT

GET
H2 200 90158.jpg
d.neoldu.com/news_t/ 14 KB
14 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90158.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2becd7129f7065c8c57bf8f4b264cd76925f468384861d218b3d5a7936076723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 13862
cf-bgj: h2pri
last-modified: Thu, 14 Dec 2023 11:20:34 GMT
server: cloudflare
etag: "657ae502-3626"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HooFAzUTUCsC0v5bXXpL0epYgMfgi4pvmje727WZF13qfNxOwU1A0Nlw8u2Ptt2qkseHiQMctO2dmM3aOhi93v4TfhqOQc6e7Z0xPbH6GDsu1VigmDQo%2FMid0Acxhb%2FRSOJASK7LjYdhzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1327b056ae2-FRA
expires: Sat, 14 Dec 2024 20:30:28 GMT

GET
H2 200 90150.jpg
d.neoldu.com/news_t/ 16 KB
16 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90150.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d64d3e39a615a82f4cda7f2430b203eb4b182916434d8724ab03e9f1820ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1901893
content-length: 15952
cf-bgj: h2pri
last-modified: Tue, 12 Dec 2023 16:06:12 GMT
server: cloudflare
etag: "657884f4-3e50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PngbGI3lPPEDbmpfI8uQXfV0rJvll3W%2BjqFQe3B%2FUAA0AOAxwDqq%2FCOzE12oaPTkQJl4%2BUa4eo%2FDqv%2FNGYOpcscVboUljPwA3HQHPelTOAfU5TUWsm9%2FACXfxX4FsLomDWld2OoIB99RDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1327b066ae2-FRA
expires: Wed, 11 Dec 2024 16:56:29 GMT

GET
H2 200 90155.jpg
d.neoldu.com/news_t/ 29 KB
29 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90155.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db62221e4ce05a6c6572787b9498a0b38ba0b1cd2e84e8c83b22803a4a9c5601

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 663019
content-length: 29786
cf-bgj: h2pri
last-modified: Wed, 13 Dec 2023 14:14:32 GMT
server: cloudflare
etag: "6579bc48-745a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd1flf8GVOZFAcvUDCGDqS2u%2BvPe%2FI4qCd4ZuYIf5adZHuPxb4SRzmaK9Y15f%2BGTBTkA56Pbw3M%2F%2FxMzVUVrY9gbocWEG3wER5TN8E5ifKb8Ru%2Fycw1ehOxK%2FNpLLbCluo5fLmwhNKq4Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1327b076ae2-FRA
expires: Thu, 26 Dec 2024 01:04:23 GMT

GET
H2 200 90153.jpg
d.neoldu.com/news_t/ 12 KB
12 KB 16ms
16ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90153.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06224be901fb9886906d5401c2eca4467a7b102b78d4fde1468e31f974dbbec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178082
content-length: 12102
cf-bgj: h2pri
last-modified: Thu, 28 Dec 2023 12:56:27 GMT
server: cloudflare
etag: "658d707b-2f46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbhPoIES0iJQ6DnQgpLOzS1Vj6%2FgUdI3IKF08JkkOdVKJybb30ojL%2FZ2xIX8pMd3b7otSbSyOF1fRVbY%2F8mkmzWVGszDquoo4OvHLQSvX8rCeaV%2BJQm5Aw7USwQwxJPwiePAgmDjWqy6Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1328b0d6ae2-FRA
expires: Tue, 31 Dec 2024 15:46:40 GMT

GET
H2 200 90154.jpg
d.neoldu.com/news_t/ 16 KB
17 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90154.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b7a983c66254302d022a449332d3ec862ae537f22860dfddf1643f6c06bfeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629853
content-length: 16627
cf-bgj: h2pri
last-modified: Wed, 13 Dec 2023 13:34:12 GMT
server: cloudflare
etag: "6579b2d4-40f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGi4JRr3YxzlZpnvWpqrx83GRWG1l84xiDbjSLrzFM1bbQHSHl%2Bhtjz2vTyIsH0D4k4%2FqCAllzXlYUwZjBvUtM499ixBFe2b8ocAaSwpv5DAMzcw%2FRiMR9X0Fl3s01h41waIQn%2FbXZiLQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1329b226ae2-FRA
expires: Sat, 14 Dec 2024 20:30:28 GMT

GET
H2 200 90135.jpg
d.neoldu.com/news_t/ 11 KB
12 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90135.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 210d5609407dae7127a056a3ce413b946060d8f5d892cac87213cc6e6d1f775f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2352756
content-length: 11458
cf-bgj: h2pri
last-modified: Thu, 07 Dec 2023 11:13:07 GMT
server: cloudflare
etag: "6571a8c3-2cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tM%2BE%2FAMPyAj95666KkmySRU1ZRZJMnKczcOR%2BZBprjXUWNcXzEMLZsG2OjYfs2m9WQMO2OEY5SdxoOObxHd9Ai29YAznhU2VeAmz7jlTBHd79EXx8fZOHBtMh25Rpj758vBe%2B9LiRl3og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1329b246ae2-FRA
expires: Fri, 06 Dec 2024 11:42:06 GMT

GET
H2 200 90156.jpg
d.neoldu.com/news_t/ 8 KB
9 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90156.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56f25533b8ea6874f010eb489df9136ba79b15cb5a995e9b39a8b9a1966a3b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 663019
content-length: 8519
cf-bgj: h2pri
last-modified: Wed, 13 Dec 2023 13:02:27 GMT
server: cloudflare
etag: "6579ab63-2147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7drfMu3bt9IH1wHByPhg2GFKhcIo1%2FWeiOrJfNqc3W3i6Vq4YD%2Bn%2Fd%2BOs3hifuZOwhGELaoaX4aH%2BCtBeeOqMXIIQ4ThHTW8fPmmN8PrIR5ohGJIKYo%2Fl77UnZ9JDcljEH4GgCmlF9ROCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1329b2b6ae2-FRA
expires: Thu, 26 Dec 2024 01:04:23 GMT

GET
H2 200 90151.jpg
d.neoldu.com/news_t/ 15 KB
15 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90151.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23b58e6d443aff4b3dd7cd5f34418abebe42d739bd6716479976773db44c3f41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178082
content-length: 15259
cf-bgj: h2pri
last-modified: Tue, 12 Dec 2023 14:35:34 GMT
server: cloudflare
etag: "65786fb6-3b9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goERWL2sTZU0XBVr8A9xdNsGyaEbPVdD6SgefCUYmcSMYE2Sn6tZv9ew3xsWuYf0q8DRggTZUhyhTC09sVbiLM%2BsH11%2BgTcAKZqo3kODa%2BJ6jZGgs52X2oAvPCSC1v1TTndrXQuQpiohfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1329b2c6ae2-FRA
expires: Tue, 31 Dec 2024 15:46:40 GMT

GET
H2 200 90152.jpg
d.neoldu.com/news_t/ 18 KB
18 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90152.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d330637bd9accfa208a8bf1c7e2f56c872223cdadf3214876b98cb53af84ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 763535
content-length: 18012
cf-bgj: h2pri
last-modified: Tue, 12 Dec 2023 14:26:36 GMT
server: cloudflare
etag: "65786d9c-465c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oREMF6G912Qb7EqSmY6sHJ6Be4BJlkrLLnZW%2FEQU1H58s6ztUTQUsNfOCaQp2bhFk343A17xtsGShVfnt6WGLckCk6UDaaqg0fenkzYjPfIpBv0Jd0FzV43MdrHqAapclPgNpdKuHSR%2BYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1329b2e6ae2-FRA
expires: Tue, 24 Dec 2024 21:09:07 GMT

GET
H2 200 90149.jpg
d.neoldu.com/news_t/ 14 KB
15 KB 21ms
16ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90149.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b586d78bb34e8b3b0ce47419d51b4cc6b915a148273ea17baa7c66a6bfeb41cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209883
content-length: 14737
cf-bgj: h2pri
last-modified: Tue, 12 Dec 2023 09:11:05 GMT
server: cloudflare
etag: "657823a9-3991"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFKID%2Fq7HuHbsCPH8Mu4ntwHHFscey2qCuZ%2BKYCa1352vXvyqPQf7F%2Ba4SUZtmaHFCcT7hNU1SygkdRgN9QD1qsr%2BiUFfNu0YO0awCrzRzhWnEuXYc2BwB0IEcOxzK7uJo%2BSuGar3jQBcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce132bb506ae2-FRA
expires: Thu, 19 Dec 2024 17:10:00 GMT

GET
H2 200 90146.jpg
d.neoldu.com/news_t/ 12 KB
12 KB 23ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90146.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66b4266f91d93d88e60c1feeb8a05c6ff94f8a04bc177db6765be9aeb47d1209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1965069
content-length: 11977
cf-bgj: h2pri
last-modified: Mon, 11 Dec 2023 15:13:35 GMT
server: cloudflare
etag: "6577271f-2ec9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAxjMaRJ3JZPSPZoTewsrJ9pgCLLoDro1WLPExabMmQjnWaStXkRqb7Df%2FJqx9Wl8cAsx7Wb58TfzLdSzDiizEYibhMnAmQUlcQ9tA4Y%2F4CiQs1rZ4QC6uBi4PfZXnMM1FrXJk7yhCR%2B2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce132cb516ae2-FRA
expires: Tue, 10 Dec 2024 23:23:34 GMT

GET
H2 200 90145.jpg
d.neoldu.com/news_t/ 13 KB
14 KB 15ms
14ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/90145.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 701916d6a04f89dbdb7bf4273fdfde4a35c12090bed9f4cdef4dcef938771119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1965069
content-length: 13470
cf-bgj: h2pri
last-modified: Mon, 11 Dec 2023 12:30:04 GMT
server: cloudflare
etag: "657700cc-349e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvoR17V86eN34Shfi%2F52w5QHEunlXcEVhR9waWHNcxP1%2FljmoCHEURYAQwW9lIEr2aQlQOufa%2FCtJUMGVUFpzlukussdYgx%2B6MG%2BV%2FbSLR0vPYkj6fuxAdRVGXpJRET%2BZuCbVRcPluMMfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce132cb536ae2-FRA
expires: Tue, 10 Dec 2024 23:23:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 66ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 16:05:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 84ms
24ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97203200-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 Jan 2024 15:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6738
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 03 Jan 2024 17:22:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8XPP9T2J47&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97203200-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbaa8ef0c6968f0b1af48aca93d91795139d835ac541570a58bf56d4e60aabce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5501
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 02 Jan 2025 15:43:02 GMT

GET
H2 200 14_t.jpg
d.neoldu.com/newspaper/ 8 KB
9 KB 16ms
14ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/newspaper/14_t.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17cf360bc6366de1c0dc855be430e81689ff2d3a98f8e605af9f13c07e3b33f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 8578
cf-bgj: h2pri
last-modified: Fri, 15 Dec 2023 04:32:01 GMT
server: cloudflare
etag: "657bd6c1-2182"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGgjlZie7EPln%2FSUS5DP8Oe98zD%2FuMm4P0rSXnnwiCl8cj1njzNCmfCKW3BNiBnN3CTmH%2BCWktMtgxiKev%2BIIDjjpug3dpCsDaqptSOR725Aygym2GN1gkArW5BFufARhQ3z9dWexyVHzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1331bb66ae2-FRA
expires: Sat, 14 Dec 2024 20:30:29 GMT

GET
H2 200 19_t.jpg
d.neoldu.com/newspaper/ 8 KB
8 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/newspaper/19_t.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a96450725a3bd73c1aca9f89def8deca91d24ea284e12d90fe228d5d7984b9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629854
content-length: 8288
cf-bgj: h2pri
last-modified: Fri, 15 Dec 2023 04:32:01 GMT
server: cloudflare
etag: "657bd6c1-2060"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjqCD%2B4mdHBbZYfF3p7gYJlxbxhYk05seQ4nvudGknSCwvLq%2Brc4T21tFg9R1IaUGyKBhF1H6GZh3B7OIM6siTk9zxjOR6IebVH%2FR2EJWrA1g7QJbmZtiPnmIgiaBA31YFSiloJzwKPILQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1331bb76ae2-FRA
expires: Sat, 14 Dec 2024 20:30:29 GMT

GET
H2 200 23_t.jpg
d.neoldu.com/newspaper/ 8 KB
8 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/newspaper/23_t.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1044ceea7297297b9308d3c185e12c78e00515881306e5720f820c6df247a123

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 663020
content-length: 7997
cf-bgj: h2pri
last-modified: Tue, 26 Dec 2023 04:32:02 GMT
server: cloudflare
etag: "658a5742-1f3d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IO7MeBLpfri035W9mQcZuGaBNgt8EO4QKA0mCs75TZZbCTW75VZUOv3upQZUcJK2oSh%2FsR6nQPze4YjKXBYGmTjReoZrk2%2B5l7ovARaSLCQp1CdONJl2I%2BXIbcGIOw1YId9i1TxZFkM31g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce1331bb86ae2-FRA
expires: Thu, 26 Dec 2024 01:04:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 56ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:54:09 GMT
x-content-type-options: nosniff
age: 116434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:54:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 51ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 434122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 63ms
35ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 14:33:16 GMT
x-content-type-options: nosniff
age: 182487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 14:33:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 59ms
31ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:18:51 GMT
x-content-type-options: nosniff
age: 114952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:18:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 48ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8XPP9T2J47&gtm=45je3bt0v9102095739&_p=1704302082795&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1724041439.1704302083&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704302083&sct=1&seg=0&dl=https%3A%2F%2Fwww.neoldu.com%2F&dt=NeOldu.com%20%2F%20En%20%C4%B0yileri%20Listeler%20-%20Tavsiye%20ve%20%C3%96neriler%20Platformu&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=841
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8XPP9T2J47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 74ms
30ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 21 Dec 2023 07:50:16 GMT
server: nginx
etag: W/"6583ee38-a9b8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 04 Jan 2024 17:14:43 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 65ms
14ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:40 GMT
server: cloudflare
age: 594560
etag: W/"65833ec4-2d18"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83fce134b8031e55-FRA
expires: Sat, 06 Jan 2024 17:14:43 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 73ms
18ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 23:30:13 GMT
content-encoding: gzip
age: 1791870
x-guploader-uploadid: ABPtcPpPE0vjHLKkcxVClS2DI0WddWarTtH4PXBLpfLZCdHoTRe5ZF8OJcHVEwRa3mtthjLTXg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 12 Dec 2024 23:30:13 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 62ms
19ms Script
text/javascript 18.239.18.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-33.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 11e924fe383f6400148d019b996a5864.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 41851
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: BzjeD6J52_pHzXA5P0jIlTtRiZkb6DiV2RqsXLqJn17JACZ07FrjnQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 85ms
32ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 3730016c1421a98ef186e9aea6eb9061
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 34ms
16ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39181
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230100-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7A6tHSU19IJdQXJ3nC7%2F4XfZZv1Yqql8F%2B7qhD2NHhJOLlvBJnDE%2FbwTLjS66p%2FVlJ8PBbbga3qmxfRXjDj%2BoC%2FNd7KzpXPrwJagQutdORqQzUD5PrE%2FltyYbqvUUWwptOcXc1ySnTQ63bZkyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83fce1348a729261-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
33 KB 58ms
23ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: SB3XV3WX7D3TRQY4
age: 1351
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 83fce134ac3818ff-FRA
x-amz-id-2: XK/uEyn2Io5UalpG02MciRCI2T5BGC42ZH9PVGUjT++wf10oqSqzOVRQs4UsI2d0cvzgX31ynXk=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
16 KB 378ms
378ms Fetch
text/plain 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1232890412357495&correlator=2589667069891403&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&iu_parts=21647185140%2CKULE-PAGESKINSOL%2Cskin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=300x600%2C300x600&ifi=1&didk=2008512495~2675297495&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704302083258&lmt=1704302083&adxs=-45%2C1345&adys=80%2C80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.neoldu.com%2F&vis=1&psz=300x-1%7C300x-1&msz=300x-1%7C300x-1&fws=512%2C512&ohw=0%2C0&ga_vid=1724041439.1704302083&ga_sid=1704302083&ga_hid=761199491&ga_fc=true&dlt=1704302082774&idt=453&adks=321644570%2C4177763976&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887f2b8672f7ad52334707edae182c6f796b6e8bdab40319f63ec2102452bc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15989
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B61 6 KB
3 KB 91ms
22ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
expires: Thu, 02 Jan 2025 17:14:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 22ms
22ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=761199491&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neoldu.com%2F&ul=en-us&de=UTF-8&dt=NeOldu.com%20%2F%20En%20%C4%B0yileri%20Listeler%20-%20Tavsiye%20ve%20%C3%96neriler%20Platformu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1282596211&gjid=857490000&cid=1724041439.1704302083&tid=UA-97203200-1&_gid=1450443764.1704302083&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1003448569

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 138ms
33ms XHR
application/json 54.194.101.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.101.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-101-149.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: f071ebef2e1abf8e07b217c7cb3c4fc4a91915cbe8488bad8272057e43e19a57

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache
x-server: 10.45.4.172
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 34ms
8ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Wed, 03 Jan 2024 17:14:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-97203200-1&cid=1724041439.1704302083&jid=1282596211&gjid=857490000&_gid=1450443764.1704302083&_u=YADAAUAAAAAAACAAI~&z=1441374292

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 Jan 2024 17:14:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.neoldu.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.neoldu.com%2F&rid=esp&cc=1

85 B
194 B

115ms
114ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.neoldu.com%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1b3af1dcf881223cd856379bf91cfb457eadb3d19700d77c2a55b6f10c44cd54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ZlwlN5n5c/KPwGGl3RTy5SDzsGk"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.neoldu.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Wed, 03 Jan 2024 17:14:43 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.neoldu.com
location: /esp?url=https%3A%2F%2Fwww.neoldu.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 47E5 14 KB
6 KB 50ms
18ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.neoldu.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 386615
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

sid Show response
mug.criteo.com/ Frame 47E5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=neoldu.com&sn=ChromeSyncframe&so=0&topUrl=www.neoldu.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=lV6OlHxIZTlYR2p0K0REYldiWGxCZElCUmpGMElUUEsrS2tQem5RNFBQajE3bi93VUZ6Z2Y0QUdLZDlmWURKQXVmNENrT1FDeDJrUVo2dkVvd01vYWZCMUNCSnZpYUZlOXA4K1dRalhJNnhFaTNHTEN6L2tib3VtU1YzS2...

425 B
645 B

16ms
15ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lV6OlHxIZTlYR2p0K0REYldiWGxCZElCUmpGMElUUEsrS2tQem5RNFBQajE3bi93VUZ6Z2Y0QUdLZDlmWURKQXVmNENrT1FDeDJrUVo2dkVvd01vYWZCMUNCSnZpYUZlOXA4K1dRalhJNnhFaTNHTEN6L2tib3VtU1YzS2RwNitEcDlXczlmckpaNmlOSDhpMEx6M2NHR3RHUUMza3B5LzBmWHNsMENtdkdyQURDblVBOG1vUGtESHo5U2J4ZXB4OHhOZTliOWk5UnBWbi9Zak9DeHVjQjZhT0cxK1VFN0ZOdHhPa25QMk9oSmpGOEJXNGpMRFJwbm1WYmpkZy92blhOTjNsRURGQm5NclpSdzVzeEtIVlZNZWxPcEI5eGhsbTl2eWtnV0h1ZFdZZEdLUT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0c885e778a37745ae3c183fbaf4b1e87b80c55a6fce5449aa4abbae65eee18c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1174817
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=lV6OlHxIZTlYR2p0K0REYldiWGxCZElCUmpGMElUUEsrS2tQem5RNFBQajE3bi93VUZ6Z2Y0QUdLZDlmWURKQXVmNENrT1FDeDJrUVo2dkVvd01vYWZCMUNCSnZpYUZlOXA4K1dRalhJNnhFaTNHTEN6L2tib3VtU1YzS2RwNitEcDlXczlmckpaNmlOSDhpMEx6M2NHR3RHUUMza3B5LzBmWHNsMENtdkdyQURDblVBOG1vUGtESHo5U2J4ZXB4OHhOZTliOWk5UnBWbi9Zak9DeHVjQjZhT0cxK1VFN0ZOdHhPa25QMk9oSmpGOEJXNGpMRFJwbm1WYmpkZy92blhOTjNsRURGQm5NclpSdzVzeEtIVlZNZWxPcEI5eGhsbTl2eWtnV0h1ZFdZZEdLUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 226815
content-length: 0
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 103ms
64ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d0670c9223b881aef9756ff0b8d9a407ddf23ed6486f3e15bd76bc9f894eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12196
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6E69 199 B
298 B 90ms
21ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Wed, 03 Jan 2024 17:14:43 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8FA2 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 15:57:27 GMT
expires: Thu, 02 Jan 2025 15:57:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4E59 829 B
1 KB 62ms
25ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2673c61130c81b9b52f3e3d698e40da07918eb8bf8c35aecad5ca5f5c437eba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EvTJJBXo4EUtuOAdRafb_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EvTJJBXo4EUtuOAdRafb_Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
expires: Wed, 03 Jan 2024 17:14:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FB8C 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
expires: Thu, 02 Jan 2025 17:14:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5A35 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
expires: Thu, 02 Jan 2025 17:14:43 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 254E 624 B
505 B 100ms
57ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOqrnYICMAE&v=APEucNX-BT8zGTwaOhwhx0Be2ACF7FfM5Hs1WgArtAuuYh8ziJg84OiW2NYUOOTZ0qQKXxAczcE2vKE0h2thFOiLCh1kjn1zDkruRcwoG3JbK09zVXFil5Hzy9OYR39AoqQ4fnX02f8duVhufRt9Afkft6KfA54omFBcakGJuOWJwlKBtTJHlW0

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
expires: Wed, 03 Jan 2024 17:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FB8C 89 KB
31 KB 171ms
134ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB8C 42 B
63 B 98ms
62ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CuUZxEQLyEwZlhWv_Bb9Fr63B1VofwMUnHg18ZNKINGUmm5J9Z5yOJmFWnj4hvtRdbRYwaGQPFAChZp2_bIr55b-MykCI-Qw__ypgzHWMgrwxvZ0E

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FB8C 3 KB
1 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FB8C 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB8C 194 KB
62 KB 69ms
26ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C9B7 624 B
826 B 92ms
55ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNXL3d4BMAE&v=APEucNUYvIZMnFtfH5j4ki6OZ566vLWueC8Hp3sDGdZaP3qYFLhvTyj9BtKDx57JWTbc7T4aBUHHkaeqxQeF88n3BNCMetFNyRaY3gxF5TTjrTcqm5IqR1ij-7kxgd699mXjdUzEYLbL3BxnwkIvZNuQNMlpzowP1D3n4lt2wuhbl2LEPMbTsmc

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 17:14:43 GMT
expires: Wed, 03 Jan 2024 17:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5A35 89 KB
31 KB 273ms
243ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A35 42 B
63 B 89ms
61ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-By46rDXFg4YdukHVwGbp7MdSIEpRWIWpFRT4ARsSjqCtVoNbmWqSQ5XE_WkzEULHxfua8t_lwB2qa3vcOj15kiNR6Jebl4VLc7oKtMk9WuE8lGqcA

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A35 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 09:57:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 09:57:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5A35 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71094
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:29:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A35 194 KB
61 KB 90ms
54ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jan 2024 17:14:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E59 0
0 72ms
60ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312070101&jk=1232890412357495&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FA2 39 KB
15 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 15:57:28 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C9B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

43 B
735 B

33ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNXL3d4BMAE&v=APEucNUYvIZMnFtfH5j4ki6OZ566vLWueC8Hp3sDGdZaP3qYFLhvTyj9BtKDx57JWTbc7T4aBUHHkaeqxQeF88n3BNCMetFNyRaY3gxF5TTjrTcqm5IqR1ij-7kxgd699mXjdUzEYLbL3BxnwkIvZNuQNMlpzowP1D3n4lt2wuhbl2LEPMbTsmc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EW2voGDZxGA7%2FCmq64jFe8r8J5QSzhSthc83Hr8F%2FJa%2FnUBHSNOnKrPororBty21nu2ehh01CwTiSlBuSaFAJJUFQQ4u0gPNyDrhGjSJIh8ErbkJqQzbuVelYFCIw%2FFiWh9ZVFhJ%2FHNMOA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fce138ad4a65b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C9B7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZWWAyuo64oWp0EGaxliQgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

43 B
737 B

47ms
46ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNXL3d4BMAE&v=APEucNUYvIZMnFtfH5j4ki6OZ566vLWueC8Hp3sDGdZaP3qYFLhvTyj9BtKDx57JWTbc7T4aBUHHkaeqxQeF88n3BNCMetFNyRaY3gxF5TTjrTcqm5IqR1ij-7kxgd699mXjdUzEYLbL3BxnwkIvZNuQNMlpzowP1D3n4lt2wuhbl2LEPMbTsmc
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFOt6r9LMP8hxRZ8KSjGvOpCsEZr84iz2Anzf6EPBFnRoM5aaIq2X%2Bz%2FZkQjmDcM9UdyUXO5F8FTcbieBn8zi%2F5fNlJywN%2FQUeWn0vMgkGM6CVR1T%2BgoIClILv0n4NzLmAT9H%2BqXTZn9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fce138bd8965b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C9B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1

43 B
842 B

23ms
22ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKQCELzvkpIEGNXL3d4BMAE&v=APEucNUYvIZMnFtfH5j4ki6OZ566vLWueC8Hp3sDGdZaP3qYFLhvTyj9BtKDx57JWTbc7T4aBUHHkaeqxQeF88n3BNCMetFNyRaY3gxF5TTjrTcqm5IqR1ij-7kxgd699mXjdUzEYLbL3BxnwkIvZNuQNMlpzowP1D3n4lt2wuhbl2LEPMbTsmc

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
an-x-request-uuid: 1b09bef0-3be9-48b1-acef-784ddd7b3204
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C9B7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ2MzgwOTc2NDg2ODk5MjA2OA%3D%3D

170 B
243 B

25ms
25ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ2MzgwOTc2NDg2ODk5MjA2OA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
an-x-request-uuid: beace96a-9896-44ec-889f-58727a02dd95
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ2MzgwOTc2NDg2ODk5MjA2OA%3D%3D
x-proxy-origin: 178.162.209.131; 178.162.209.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 254E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

43 B
780 B

29ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOqrnYICMAE&v=APEucNX-BT8zGTwaOhwhx0Be2ACF7FfM5Hs1WgArtAuuYh8ziJg84OiW2NYUOOTZ0qQKXxAczcE2vKE0h2thFOiLCh1kjn1zDkruRcwoG3JbK09zVXFil5Hzy9OYR39AoqQ4fnX02f8duVhufRt9Afkft6KfA54omFBcakGJuOWJwlKBtTJHlW0
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FmPPj2pdRys8c6F%2FNC19%2F4ip%2Bvehc%2FTURoL4411%2BtCzmH9UgkquGd5rHEcdJq5tbZ2%2F6qlREtgatx6EMQf%2BttBzRW4MlRXM0WuOO%2FtELsNfZ95%2BVqN%2BGwkI9xEh9xMYRS1qfpe%2FqA7Bhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fce138ad4e65b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 254E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZWWA9ehKcwuP0Cp8dtxcwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1

43 B
739 B

38ms
38ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOqrnYICMAE&v=APEucNX-BT8zGTwaOhwhx0Be2ACF7FfM5Hs1WgArtAuuYh8ziJg84OiW2NYUOOTZ0qQKXxAczcE2vKE0h2thFOiLCh1kjn1zDkruRcwoG3JbK09zVXFil5Hzy9OYR39AoqQ4fnX02f8duVhufRt9Afkft6KfA54omFBcakGJuOWJwlKBtTJHlW0
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K0vxMZRpsrP4z%2F3yswfzQdq3K1TzaY4JvaLqMxm8d%2F%2Fiqrh09RyCz%2FvcbscGbobHr%2BfkUg1jJ3rBqvMzP%2Bb0OUzCgszfTpHMi%2B3vHjY5QRmCwsYiN2XWwfuHejM%2Fd4wVqODxGBBHx1g6TA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83fce138bd8465b5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBhcclk5_xGf5BMB0zl5iMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 254E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1

43 B
842 B

23ms
22ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGOqrnYICMAE&v=APEucNX-BT8zGTwaOhwhx0Be2ACF7FfM5Hs1WgArtAuuYh8ziJg84OiW2NYUOOTZ0qQKXxAczcE2vKE0h2thFOiLCh1kjn1zDkruRcwoG3JbK09zVXFil5Hzy9OYR39AoqQ4fnX02f8duVhufRt9Afkft6KfA54omFBcakGJuOWJwlKBtTJHlW0

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
an-x-request-uuid: 131604b8-98eb-4301-ba51-0452eb801ce3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECIh1nKAqEYJIrr9VTJeeqQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 254E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2Mjk3MzM1ODg4ODA5NDExNg%3D%3D

170 B
232 B

28ms
28ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2Mjk3MzM1ODg4ODA5NDExNg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
an-x-request-uuid: ffce067c-de91-4e87-bbf6-a83a95007329
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjU2Mjk3MzM1ODg4ODA5NDExNg%3D%3D
x-proxy-origin: 178.162.209.131; 178.162.209.131; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8FA2 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k6dghg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB8C 0
20 B 48ms
48ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2604413824898&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB8C 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2604413824898&version=m202309260101&ct=76&x=1&cor=12007996894803716000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FB8C 110 KB
42 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVxTxK2gRPIL7-CypiTAPtFF9rh67Uvf0NeluUiu1evnuGWBXyIcxdh7-CQh1W-f4Tp98VdQ2V9THclQ2rdAOBB3Icb9A1VTzc9SGC9SmjiHGt-J-2X0Rf-SLpKUqiI90DlfRXtBPd6lml0rQ1qL4sCx-xb0YC4_LdmsYOw7w9nIXdNnU&dbm_d=AKAmf-DThB0cGLVtYhMJYR0KT73ImqV1nM9SemUNkzgMpLXZ6e9cB8Ij24L_KMCW610SbdpB5t_FoFkfLcNPkXbcv4aS68vEZ0HszD35a7wd3g-PM1WZA2hZlAnGLrX6ECAqVtM-zpjblu3yjNc6fq0BeZ9hBLfpa-GGrJPgk-qJWQzt6nOSess2-eIuNg4C1fxGV2qEPd2IxxGYhrZhMRZBDqzF9P_5DejffNV2g3PKWxIt_o6RqpaBtxTid8mKulLoXbFDEVbVEK9qTGYKHl4Q4k8esdrRWcEKDIY4BQppgNFD1kR3pNUTcEIBVZlf_YvGD4dixAkATspbz4iArfldETY3w25ksuOYhaOwH3MNWSYTU78RXMmPbB8Mu6Npnh3jsjUnGFOwH4W-SPgIglkNBjF8h1loh541c1-LNe2nq9DMI0MrZh-rhkc9pvdqDD-7u7La85mnYPhUYr0-jMKzgyQkUeG-FWQz2-crZF1uKo4XZ4T_bmKWs9-bJLr3qW02C4Gk7SmvqCHzIaa0hhf27HgxbGZ1yZEwrOQyQclESHKn5XWqK9RB6QtP3kJjgTm_J7zfVLa327xnuUOUU1rzmNB_RpONEuAtrYw9QBax8pWF09nEXI6FYqnqOjp2e1vMuoRJto_Crd5T49P80qZMZ9jMHcUY85MsoQlvIkLAkVARuSNN61hU7MWNPQ_pvKd_lq7bQhPa7I6Z4VqECETQ1WcCi92moid5dungL3cAmj3zGUpkcdZ2itMRhobfmFspzzKzSeVuzReu9vMLDQqxTD8svkUKi8iANleSUwzWWL0h8kfV2uRVgzAyyGEbU7POvuEpSQ3h_4LJA06-ZEX2kelXpyq_oSWfVxqpWV2LTfXxmz-gne1KCwpWpJ2ia9_dgfaE6KwsafBBIu7qaF9lYiPfKwqPOC2UTAsOfwPZ4FEPpPi_Q6S9Cc7RD0VGHuhYRG3OzddOJb6tCD7E_mgxeCjAHQUcXUpX3nt4euVeLPy6IooxODWKEB8gqE8e3mU4b-m5SrebF0jt8NS-aenzzFWJH2QK-FRGS4Th2rqYq5bAzRbBDjHOaDgig37ReUAggks3Ct3F4JWW1jSmty-dbchmL5289Ij7LX9gLP6njhXlidVP9ZfZpjMWmFGaWQSjSObXnwVp-6NAHl6Z5mr6dYmxtmUlk4eFQRvmlfcKcbW8WKDHguii5uOHQ70HO4pP3cyVionhsYNyJV_SfIZj7vxMjy__WwW5R8jji6htLyOUxkmO-rjEyqQJQCxC6pBLVttpDaNDpqqBL0MEEWbFIEPCASYTpB0ziwMd3bzfvi4R_7oAelTJiLUgAc6nCtc21r1R-YqBxMM4PfbNPMHL8O5R-EhjAUhFy3-7nXt3SIpw9MOwPWbvjWUah54EhPs5us0wpZRUUvUIjpWk7lxto8S_WE0LLAaE-ps5qEU2WyHk7bEcnf577-z5_aM5MffW5t2gO-SDSv5yH7zFaS1yEczdD2sgS7oM5UlEEmcdwqqMZ5GUg8HNjseBwh1jUYeaD5IFM4ZUpIsEYsQkTaWSmO5r1SLw3oI6iSMINkXBrFBmW9L0tF3tICrCa5LkcBG78SiMI5y4Be0AP0EssiJgsROtjkr4q9QdOHamDvGraTgf_BqeUbY1o-dlFupho8aYA3a2u18GL4S6mRmQbjeLpZQgeQ1bkiy2ccaMnmx2wfEvzSVRtEymOd6venIDPeoolB5QjIIND7yReGAVVULRRRS63iKIAQkkxD56X2XwjKBLXYZ-UtRB-JkuklLxZxZ-7t0i_vizSCIRkk0-wuhoo59b2SQFugZcYPHWy2OH2dwpLBKzQl4InBJJeYDWaw4cATmrYtAU_JBR8ALuDCDIK_pf1Sh7EC7Cj2AXir96pazQn0YAieVeb5hGqtnAM-RD2jc6QyFi7Jy8ecMoVMLBtjxMZn0i7_P7hTkhgqqs5EcAR2yTeI91WMbxE0xxOrrp0ZyrZ_cFJ9CTb_-neIGfNj1V6ea8z14RLT1h6AtEtBUaqCaZFl0s6fVRZ-kc1_SWLJQhPqVXc_zAFG-UX3knI7svxsJJyEdt8y1gXCYS8kSSDwZ9pLUncVE8pSAfWaGp5BjtJTMKNS2vM5Qze79f-JKJDB67HIC2irrYqVXI-DMNWc-z3KOaVzFSiC-meXsNQ577R-iN9zuyGBNp2YW0JKGfHgh-hDGCyXozES5qy0QSxAie5k_ut9hw32DchTvpsuTKbnXL8z7l0aRpDh-hIuR-rPL5GuVpMWgO1HgPs5kxIKTfRx5G6vbfb5iHQb8fsMc-KtzjjLj5fQVLF-HpzgHRBiFEC0RgIB1noi_QMIFffM8DSTTeYr3jJiMK-14jnwW1kZFvMOkVm70GKweINpWwDXPV3eSUwFUJ0dvjWZj_5gTc12k8FcepXFj7Y0wi-q7Er5jBORd-ixAA-ejZV2TiagvPGRRFBi6RxyxySGih3niqx7zjKQDY46rXh2t0_iT1i3xfn10TyKQPfcxGS4P59lV30Lds38KE_o6v_W89EuThTnLV_sRpmnq1Wnlb_FFXSGvdj7wKWvraptREKuun7lfOtCI8byu4i1jHWtXLYS2QadKIeTfuxEUpbAZhRrMye5SecOUSqlr5tAVreB_5me87-77ytJtlKiiHwNOETpvawQvGwzOzLbYQfiBXVkANVySyFcgiN1PwNwfc5xQEGKD-N5kFpGypbyGPl6H4YYetk6r0AgRhEPp1TiBhSUzK85-Ehuir58RUQiTVnyuyOBhvOU0nSsB1Aici9SWFsLaoZo7G70j9EJk9fNcBa7tX2PErQUNGrO66__WOltA_ridtWTwGhurqkTitARtqOOiU9x-qFec1McCnpvYeJhoIk0jiepPh7r3fZNvIBLK3QyqnY2ZeYmvM84PMyx9gQ1hseUc0f-Lei99dVP1GuhQOOKCmHqpklVudyeTyQtW_t_OSGNf-jJO3BzUEklQfZxM6HVkIqLfckBfHPF8HaZyjzSKC2eiQIB94E6MP5w3LvTpLH7WeOjFsCs3xjQqU7Iwahz-5T2QaUuHdOflbo3FsW89zwjXRDR0TMGHVq6YJPfQ2zpYvwYs6WAqQ3arWQSruV_4u8SNM4cwyEoxWepFXN34Z1bUpze7VWwiqCHoxdYA4YSoNBWc3VcFVxG8V_wFawHCdjcaPPUFvqVdmwV6tXWOuOktBlOD_NUkyUH6TLwEUvnE790wvSx6m0GPdRBDlZd18EImQZQyE5go3M_7H0FJbE9w2T4LCu6f441tCVNrdbJghQ1OPRaThzMGuGXH0CdhOgs-h975uM8vIrDK8_OSUVxRr1glUyh2qmem4UK3ZPm9ejhFPv9YKuKV_liKTb5GTxMGHgUMR6jlWqIoqafwpkp80cO-Zf5s07XUO7Se0UJ2epbtS0kdAhCyp7P4aPcxqeNrqbzgtD8PPjscXpNG2jJGmz88Cv-T4pR03J2ox1KTp8vH8kCLzwSXgV73Sqo4Z5AMnXweJ91OAcaeFA9cBGxwctdpr1EwXnokM64XpkNQnd02LUl6wKBefCq6l7U-XRETpDOg3INYK31WJTJns-4ISOtHeAFh_mhGpCGZPOVLMUk7ZoLaZXiagwY0O4-PwMSxtxcyzNmGCn9VWdt1OPrTTfLcKk51n4JbLOpe7L-6sVBZS9wKFXOb1KKWhwrd-Ta_kG6XxhjyVsLTAOYlcOmLprOTO7doR8f2LHjB2nbTz7bRsfJ275cS5mqyvQ6KUHBeBZLouwEvW2iI66Nx5XhVv8FKyzMS1Na7x5BYjT6bjXADjhRe00B7mZb5WaR41PbmgmJewACxKGVwlptJa5JdPICpJqr79d9sGDcWF5MrppOi8mC5CXogw8hn4z7RBjyH6JitdYKdT9aPCRGJauUJRWGUl1CXZLSrDoRlvCri4ckgyAuyM63SmmncHMJOoftG278e42YP-AzYNQAUk&cid=CAQSTgAvHhf_27Y43HO5M8MXERF8enoV2amFEypGdHzBspLJICiHS7L5s9KKGBgFC6bCbZhts_tcDJZuBzOPdHxcbgYNE_5P5HjIarVN8wmC0RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=12007996894803716000&adk=2228999114&idt=181&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc2fb5b1136bd0300d9d8c648f78f8efcdf7d312082c13374f5ecbf4220bd076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42598
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1898970/77442864/ Frame FB8C 46 KB
12 KB 226ms
97ms Script
application/javascript 52.214.64.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1898970/77442864/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-8203385927523536&ias_chanId=1&ias_placementId=20903658371&bidurl=https://www.neoldu.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h7PhvvJ9JMw5BkyWYP6YZU
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.64.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-64-190.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bf3b707ab259d7927864439589cca26345f6bf848a9db118ab37c18533ec75f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame FB8C 111 KB
39 KB 83ms
16ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Origin: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 07:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 04 Jan 2024 07:16:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame FB8C 11 KB
4 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVxTxK2gRPIL7-CypiTAPtFF9rh67Uvf0NeluUiu1evnuGWBXyIcxdh7-CQh1W-f4Tp98VdQ2V9THclQ2rdAOBB3Icb9A1VTzc9SGC9SmjiHGt-J-2X0Rf-SLpKUqiI90DlfRXtBPd6lml0rQ1qL4sCx-xb0YC4_LdmsYOw7w9nIXdNnU&dbm_d=AKAmf-DThB0cGLVtYhMJYR0KT73ImqV1nM9SemUNkzgMpLXZ6e9cB8Ij24L_KMCW610SbdpB5t_FoFkfLcNPkXbcv4aS68vEZ0HszD35a7wd3g-PM1WZA2hZlAnGLrX6ECAqVtM-zpjblu3yjNc6fq0BeZ9hBLfpa-GGrJPgk-qJWQzt6nOSess2-eIuNg4C1fxGV2qEPd2IxxGYhrZhMRZBDqzF9P_5DejffNV2g3PKWxIt_o6RqpaBtxTid8mKulLoXbFDEVbVEK9qTGYKHl4Q4k8esdrRWcEKDIY4BQppgNFD1kR3pNUTcEIBVZlf_YvGD4dixAkATspbz4iArfldETY3w25ksuOYhaOwH3MNWSYTU78RXMmPbB8Mu6Npnh3jsjUnGFOwH4W-SPgIglkNBjF8h1loh541c1-LNe2nq9DMI0MrZh-rhkc9pvdqDD-7u7La85mnYPhUYr0-jMKzgyQkUeG-FWQz2-crZF1uKo4XZ4T_bmKWs9-bJLr3qW02C4Gk7SmvqCHzIaa0hhf27HgxbGZ1yZEwrOQyQclESHKn5XWqK9RB6QtP3kJjgTm_J7zfVLa327xnuUOUU1rzmNB_RpONEuAtrYw9QBax8pWF09nEXI6FYqnqOjp2e1vMuoRJto_Crd5T49P80qZMZ9jMHcUY85MsoQlvIkLAkVARuSNN61hU7MWNPQ_pvKd_lq7bQhPa7I6Z4VqECETQ1WcCi92moid5dungL3cAmj3zGUpkcdZ2itMRhobfmFspzzKzSeVuzReu9vMLDQqxTD8svkUKi8iANleSUwzWWL0h8kfV2uRVgzAyyGEbU7POvuEpSQ3h_4LJA06-ZEX2kelXpyq_oSWfVxqpWV2LTfXxmz-gne1KCwpWpJ2ia9_dgfaE6KwsafBBIu7qaF9lYiPfKwqPOC2UTAsOfwPZ4FEPpPi_Q6S9Cc7RD0VGHuhYRG3OzddOJb6tCD7E_mgxeCjAHQUcXUpX3nt4euVeLPy6IooxODWKEB8gqE8e3mU4b-m5SrebF0jt8NS-aenzzFWJH2QK-FRGS4Th2rqYq5bAzRbBDjHOaDgig37ReUAggks3Ct3F4JWW1jSmty-dbchmL5289Ij7LX9gLP6njhXlidVP9ZfZpjMWmFGaWQSjSObXnwVp-6NAHl6Z5mr6dYmxtmUlk4eFQRvmlfcKcbW8WKDHguii5uOHQ70HO4pP3cyVionhsYNyJV_SfIZj7vxMjy__WwW5R8jji6htLyOUxkmO-rjEyqQJQCxC6pBLVttpDaNDpqqBL0MEEWbFIEPCASYTpB0ziwMd3bzfvi4R_7oAelTJiLUgAc6nCtc21r1R-YqBxMM4PfbNPMHL8O5R-EhjAUhFy3-7nXt3SIpw9MOwPWbvjWUah54EhPs5us0wpZRUUvUIjpWk7lxto8S_WE0LLAaE-ps5qEU2WyHk7bEcnf577-z5_aM5MffW5t2gO-SDSv5yH7zFaS1yEczdD2sgS7oM5UlEEmcdwqqMZ5GUg8HNjseBwh1jUYeaD5IFM4ZUpIsEYsQkTaWSmO5r1SLw3oI6iSMINkXBrFBmW9L0tF3tICrCa5LkcBG78SiMI5y4Be0AP0EssiJgsROtjkr4q9QdOHamDvGraTgf_BqeUbY1o-dlFupho8aYA3a2u18GL4S6mRmQbjeLpZQgeQ1bkiy2ccaMnmx2wfEvzSVRtEymOd6venIDPeoolB5QjIIND7yReGAVVULRRRS63iKIAQkkxD56X2XwjKBLXYZ-UtRB-JkuklLxZxZ-7t0i_vizSCIRkk0-wuhoo59b2SQFugZcYPHWy2OH2dwpLBKzQl4InBJJeYDWaw4cATmrYtAU_JBR8ALuDCDIK_pf1Sh7EC7Cj2AXir96pazQn0YAieVeb5hGqtnAM-RD2jc6QyFi7Jy8ecMoVMLBtjxMZn0i7_P7hTkhgqqs5EcAR2yTeI91WMbxE0xxOrrp0ZyrZ_cFJ9CTb_-neIGfNj1V6ea8z14RLT1h6AtEtBUaqCaZFl0s6fVRZ-kc1_SWLJQhPqVXc_zAFG-UX3knI7svxsJJyEdt8y1gXCYS8kSSDwZ9pLUncVE8pSAfWaGp5BjtJTMKNS2vM5Qze79f-JKJDB67HIC2irrYqVXI-DMNWc-z3KOaVzFSiC-meXsNQ577R-iN9zuyGBNp2YW0JKGfHgh-hDGCyXozES5qy0QSxAie5k_ut9hw32DchTvpsuTKbnXL8z7l0aRpDh-hIuR-rPL5GuVpMWgO1HgPs5kxIKTfRx5G6vbfb5iHQb8fsMc-KtzjjLj5fQVLF-HpzgHRBiFEC0RgIB1noi_QMIFffM8DSTTeYr3jJiMK-14jnwW1kZFvMOkVm70GKweINpWwDXPV3eSUwFUJ0dvjWZj_5gTc12k8FcepXFj7Y0wi-q7Er5jBORd-ixAA-ejZV2TiagvPGRRFBi6RxyxySGih3niqx7zjKQDY46rXh2t0_iT1i3xfn10TyKQPfcxGS4P59lV30Lds38KE_o6v_W89EuThTnLV_sRpmnq1Wnlb_FFXSGvdj7wKWvraptREKuun7lfOtCI8byu4i1jHWtXLYS2QadKIeTfuxEUpbAZhRrMye5SecOUSqlr5tAVreB_5me87-77ytJtlKiiHwNOETpvawQvGwzOzLbYQfiBXVkANVySyFcgiN1PwNwfc5xQEGKD-N5kFpGypbyGPl6H4YYetk6r0AgRhEPp1TiBhSUzK85-Ehuir58RUQiTVnyuyOBhvOU0nSsB1Aici9SWFsLaoZo7G70j9EJk9fNcBa7tX2PErQUNGrO66__WOltA_ridtWTwGhurqkTitARtqOOiU9x-qFec1McCnpvYeJhoIk0jiepPh7r3fZNvIBLK3QyqnY2ZeYmvM84PMyx9gQ1hseUc0f-Lei99dVP1GuhQOOKCmHqpklVudyeTyQtW_t_OSGNf-jJO3BzUEklQfZxM6HVkIqLfckBfHPF8HaZyjzSKC2eiQIB94E6MP5w3LvTpLH7WeOjFsCs3xjQqU7Iwahz-5T2QaUuHdOflbo3FsW89zwjXRDR0TMGHVq6YJPfQ2zpYvwYs6WAqQ3arWQSruV_4u8SNM4cwyEoxWepFXN34Z1bUpze7VWwiqCHoxdYA4YSoNBWc3VcFVxG8V_wFawHCdjcaPPUFvqVdmwV6tXWOuOktBlOD_NUkyUH6TLwEUvnE790wvSx6m0GPdRBDlZd18EImQZQyE5go3M_7H0FJbE9w2T4LCu6f441tCVNrdbJghQ1OPRaThzMGuGXH0CdhOgs-h975uM8vIrDK8_OSUVxRr1glUyh2qmem4UK3ZPm9ejhFPv9YKuKV_liKTb5GTxMGHgUMR6jlWqIoqafwpkp80cO-Zf5s07XUO7Se0UJ2epbtS0kdAhCyp7P4aPcxqeNrqbzgtD8PPjscXpNG2jJGmz88Cv-T4pR03J2ox1KTp8vH8kCLzwSXgV73Sqo4Z5AMnXweJ91OAcaeFA9cBGxwctdpr1EwXnokM64XpkNQnd02LUl6wKBefCq6l7U-XRETpDOg3INYK31WJTJns-4ISOtHeAFh_mhGpCGZPOVLMUk7ZoLaZXiagwY0O4-PwMSxtxcyzNmGCn9VWdt1OPrTTfLcKk51n4JbLOpe7L-6sVBZS9wKFXOb1KKWhwrd-Ta_kG6XxhjyVsLTAOYlcOmLprOTO7doR8f2LHjB2nbTz7bRsfJ275cS5mqyvQ6KUHBeBZLouwEvW2iI66Nx5XhVv8FKyzMS1Na7x5BYjT6bjXADjhRe00B7mZb5WaR41PbmgmJewACxKGVwlptJa5JdPICpJqr79d9sGDcWF5MrppOi8mC5CXogw8hn4z7RBjyH6JitdYKdT9aPCRGJauUJRWGUl1CXZLSrDoRlvCri4ckgyAuyM63SmmncHMJOoftG278e42YP-AzYNQAUk&cid=CAQSTgAvHhf_27Y43HO5M8MXERF8enoV2amFEypGdHzBspLJICiHS7L5s9KKGBgFC6bCbZhts_tcDJZuBzOPdHxcbgYNE_5P5HjIarVN8wmC0RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=12007996894803716000&adk=2228999114&idt=181&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:44:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 21:44:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FB8C 31 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame FB8C 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 13:49:16 GMT

GET
DATA 200
OK truncated
/ Frame FB8C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7416cbeb64b23f259e5371f20f37151d013beb0a5b42f0b22c20a5e3eb4eb3b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A35 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6899054047253&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A35 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6899054047253&version=m202309260101&ct=77&x=1&cor=17953582728209099000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5A35 34 KB
20 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dj-Ttk7WqQQ1ejW7PKsr0p1il1fD3WiBqtl2NlLJ6K_Hp5dTWwJkQquWia6Slkg46WyCK_4K8tDT_-42qcDXqCrtzM60tsVfv9GT-MJwTzqnpu6VJl9L4LlKlCyYFINEEK8Mx21ZoBg5IdaQB2Y7lp2PjdplHXjr_kz4rGFokQvsKAcO8&cry=1&dbm_d=AKAmf-DJfAIEeVLrZ9-yCuhxkqUhr2QSKX9j1v57t3edkkn5Y30XXoJBFx5I42saINt744OETTRrO3JCHZ0nlnjP9OY8hHPAca86rv7u-m42Tc0Zs6ANXDM_XDOv0qM6nW-3e-nSHCyAMI3dVQ5HJIOsHj5KfflPaxQO7IcOQBK3ysZBpoOpftr9nPmwxt_iqEbr_74W4sCzNa0eClIpuNJJJ1Ln0J6PNfgd9x61kZBEOMm3RZ2ENZX_4Soe2f81oAleJ9MVxi3eJpo-uPTLOwWbb2tgfjHiwlEBzk4GkWMEBl1p-ENdiG_W3mYoDBNV1-HLQ5QzxUWHrDoQzbus-S9dVhiTlSYobLNdoRQEksJSAkvTxFBLlETTan9lYKOoIWVFDXXzViOLhLnOHW7CxLDfkh6TSrTnIwSPKzM5zQxfFFrBxPgrJHNur8hcFPpnhHWsAfzU1zEktpeCKk9zefvNXYIypS2hndS8ajg2t9hX8sx11APbCz4xnX-nj4jdFUCbJR7_783mZTVMdBNO6kLa5-NPQrULiW6-QYlRa30SDXKSRukAGQhoNUy3ERbU4In7AnqrRHLb3vdoJAf2LZbTg560ij-A98U5xGSGaFnK8ZVCZRduQtO_s52jsJG83KVNtNOcHA9eHwzSJo0JRnqsZOO2znnU9NVq1SiGd4OXRKq36PQyx-4az6MuwAS8CqJAQPiykms9XlcoL1AiLHDOqoSdBewsJ0zoCxXoKImK9sor8Q7GHQidary6l-5jNyehb3_A69-kNxw4Aqp7ekZ90oGHRzMoUOrLcwEXkGbDqnu6fHNFJWiI2v3FBKU5gJCpPAEtpQzM5hZ9d5c5dE5Ix9qZYq2Dw9xZxZMi83itgvCRzb1rIh7rLzM5GmT4423WI1CIEdJ7QuXIH2poyf1bhQKrw0qG_4pcSfctbr_OOSqy8M6_nEEYiArS9xGzGCjQPPBGZGxED6ovazQH5Wjs4pR2wrQrncIj-bYEyiAGaklaey_286M9mOWGJRv10wOLOLTNuiZtPDKavEVhu6DPV1j6Ac5uHpwKiA6-DzbFLo7RUB4RYm9SboPNXkZ1moTuRZQANMvVFvbdn9kLmFskQWizZIr1PmQ0Mn9otpYow_dy-81JRTz22hsHcjX5FEKWPlHXEbTUTXiQeBxnmfOwEd59_bbjXSN0Fir2U1c1BZLNay2lsDYzE0sj-8kE2EKQpeqgyanQ4z0nKrW_GflsDsnMS-ipYmB79c5UNaZHw18GZSjem1m_ia2SmpCj7gYXQuVJc2ZaQgTNB9fpX0IwatUyQEvtIidhqniXshjvIPZmln0MgJbEZeMstH3Bgvfx1E99qtJOAC_UFKuICZiAXvkxX1fRMT15J_o1u6ug00bzUe_WO0QlvjelFZ33h1ZhOeNYwWT4hnrkB7MH3vJLOCDXKEKrrtOSrdKJ0LLpN2NvOJ2IX-7NrCMUJ6UGY103LN_G6tHTAqW6qW6aBmWUDeOXFRiAp2mYkKFrPRIc97T7Rm3s3eMJuSkptxHk1kW0YXG17rqVbcGsQU1TVJCmzYtvHgOYO2g7MYDx9wmxfGYYwTh6GSg6s-vJzzpQumlY9UDROfytfl2VOedej7E5BNdMBvl674cWa9JrxlcMVsJ10qtPA0F7J99dr6d4nI6a06WlcHY45mjTxySgXPMLfd3VsWexmXGVLmCieWa-mJIDh-SCd0yeNLUXW0BTPMiKLVnxEQ4LoDulO9s5eE-QAwM2zEttGy2GeoFWgnEFXWnDYr720j9HupkbJMcs-AzLQV6anULw0OeInGuuRaV5PdqrJiI1-EjR_OOb7w3DEqu-Gj3-Bof_Rm43w6DJBZT-cK1UFRrt_ix6wryNZsEbHTtKimz2fbMbVmj3gg-rcBTurHi5q37Ab0-sQmkAH0-ascSxHttOIYVml46KAoUyZ9C--u-dwRPGPMVlv2zQG1E78xMIxxygZqx-BzpSLAK-BPxXBcCoNsfimsAAtAhFkrQY_CXmuPbRcm5mZNFUkak1LOVuDreZmmUh2jagWw-dI8t2TvJaDONW7osVbEDkNt3bs61EccLtevtbX-DHtyxTeHlExfjREX8QdsK0Crb0nCmb1OKL7GoAEINqRCM9DYWQFR4lTHnlu3pGRrg59nhb4g2YS-IFppYoGJoc_LtBloWfLkRlb8Z86cB7qnGeV6c1Xct3VG9p3uAz6WzhTzmIYCIDkM_MOGmPtpne5dxvmv_QIfyL9JEX762mFrkTCyApucSLn-nPUE8TkkX8Ymo7auVvMgbN2cfkLh6kClGsClqnpCyrwsdahbbgER9O7_INvYJbyHqX4P9y3kQAGo1CtoqZJzO0nK2O3w24I_MHGBABToxUdFzRukVy11gdV7VbMZSBd8apqyDf776jzmBXiCNAZ1koE_BngT_PFRV0X3pY6R_MudVI4UbLajJF6g4H7_9ZUThRkNLN3XwMDER0SHAcJOQBKpAzodPTRBgxwnVKbskiqdNRxfknYlWf6hs0lylicPpTiETm9iKi5xES7ITn0OIRCExM6igHtjcGMxgYSkrmCKG__zFHHEW5rlc4gb04vkP0BgCibx6UgPpJJvp4cx9_NQdek7WkhfKPIXMb4WPq5nkVMJoBypc3qYKe768HqHgqwoCvpFhGTuIX30EPgI52DdONAY_JJ6frvWZE5SiKXiS0-yrAfsbdRiijvK11hUKeocol_7dfk9kkxZzfyDEoWKYUe_nwj1hiyp8QtbmwmB0uAYICQpI14kfev3Hmy_zs7FRdILrBSh51Z3DqbC4HUbAC7pMvYViDW-vA598yMg6JI3WF2yZeFUI9MyeojuDJJA0zK99Q1R8ENJCUAcbdJ1q0Y-C0CSPc_ZgETTL8opB2luPw3got7UDnClko9qte2tAQy-NwcQ_TWXJF1gmSDz1gh93LS17Nu4hDQeKqOIfdT_8w4YAMhayVRRHF6DX8pl-SLr83MVeThzxmrnR--Gp5kKtcYzmcjNPA1DRNHlBmWPw7yPyAEGi7O8FvZkpmRNLiTp4jrqOTAkbDsHEHu8fBxeOo8jlpWedlP6ZD9krIh-9oF7HdsZToW70nIl900P-IG_WocECnZ57LbxX6MQHL_ETunnXeaFulLLos0uxxDzT3vH6OXXlc51bxm4vClg2rpZDWpNmx4aDUMpfEiGyNJk4KU5hi3KTLIiq1WJBx1BwmGZdpr8vWLM09yzEwKVmk8sTe129xBM_ZXF7P2cM2FHK2ZxD40zdZHJTUR8rxQd78pWVOtgPKDlDy2_ukgMNXuHdpvAMXrGTBHDg9xStT9L5gxxaHapmZanhHCO_K_iPCVlb2X3THtnfRvIFHeYC_8KBe9izru-J-_aGrLJOPmc73I97WATu-stxz59iR0gE3glhR02LGlFcWNMsHeyMQM8MWuZcaCSzcpflCN6-PPxpuSP8JlKVjDLHe0b4tdLm42SUrA1dWRJ16TY7lWh9HiecbV25kyH8KcZVKwGb2rxqYwqIcdTKbzOK-JY-DsNa4uIlPjLeIeDzVAVkCFDJ9aNh5dAjkRYJYZyGXc99PmkTe5QJaCsOyXKjtglrn3zvRwfE4NxAdjcjBVmxc8ZYBEG8678mzKLpEuSu0Hegb7MW7ylojCSsBpSBsZjqNx7OMuRZ9aV3xt_Zq8hqdc80Gy0vcY7vZwLfWqQAP5PC43d7TDWFn4jxvSbv7ubJ5NfKtVjo1cAp6SIgi48N9Sb2YLg424tXHeOMIzBAsASMISMefslZ_GZSy4fqN471rJDHAg0yJbAzVUWQd20zp9u0yz68dLEC3jYB0gCOPSM7znko4-JH_R62P_DY9T_-dsUvSlcoIG40t2fUQr7i4EwxgXguzJx7MMxgcFaTyI8uQYg2IeCxloYvgWVQS&cid=CAQSTgAvHhf_27Y43HO5M8MXERF8enoV2amFEypGdHzBspLJICiHS7L5s9KKGBgFC6bCbZhts_tcDJZuBzOPdHxcbgYNE_5P5HjIarVN8wmC0RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=17953582728209099000&adk=3047537734&idt=305&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6a9242607c54fc131fc4a23c316a90282df4469326211d2b974103ee62fb5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20006
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F571 38 KB
13 KB 44ms
43ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 96845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 14:20:39 GMT
expires: Wed, 01 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 149 KB
24 KB 106ms
45ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3657b685752384c6278d3b65757b74cc5dd1d48e27f27b222c926923586d7d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 108884
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 24450
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 11:00:00 GMT
expires: Wed, 01 Jan 2025 11:00:00 GMT
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FB8C 0
0 165ms
73ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAOhxwBtveFIX4q0kpyDt4GhPkaUnREG3BXBWzI3nuUwJpHxs1RbLVQt6cOGDzrAPspoETjEYE5MNfPU6FrRYTp3K6f6qUWEJL5e6kZMkWqdfs5cRFeM7MR0YtksGztvgkza6fG8pwXX8dYxqVd6Y6kKm0Qlt4eQhYrvsut13_y8ooRDdEG50ousP21Rk5UA1YJNEZjzxzeNrj6oBWb2cEctWYcrgOvX9Z0WcPAoG7eYfCWiq2LHP3sF2eVBHgwFiEEPcbc7tpQEzpxJgmMtNhg9QsTJQplLaeWyZoEZN2Hv3DHwEOkX-e1hzD-imJFfYMBgMTGKG6CUTJNZjI5BEFwSLDNhzezQdqfIMF8cE-3kiHxDGSGCAysc4sZ1WXekIhpew3fLQ6DhowxwrCjzQ4zVR2ltEWc8q7jh7ZNsDOV7_EFasHke4smhQ9XcapKApZQK1xBACTDRHccS4jWQnLqg0IvmcBU1cI6_HdK-z1KkrAuVxn9ndykkcELKShhSA-ox4rsXgC9xmAxjeXg0xp5D1EAV4HldJFSYTTo1efbSTVzhTt5rNFzT9UgJedSHHh3ax7csLbJXBUFGFaQBKvUML6W8Y4SWXs_XfYMiwIvc9ZPEky58yR1JX_8L9My6-RluIi221bSi77BuipiBxdrTnvX4QZ8Dng5pzCQIN5_H3JeE8Qlj-PdwseDhN766txBQcFtd7KEEE9-h-sEhz4ysuf5fKKakCD7Jpbqc-eU-pnb-TM9scSarF0hZNTHjNi9YoCNsCw1fxEJH_Aj5UT_OYKuvcm6Sf5UmHA18nvq_D6PQ9MGT-dv_aHJZlcKhwYdupCGnGy5kGuIOgPy6uTKF4GIJjwYIJ29VbRdFWWOnFsvHieYAafDiCXQaGBoEusU1Hf61lvONc4C0hG6O1Wd_0Q2MfiymF9I5HZZdF7F-Wdds_EifEgKKX9HetJ79PVfhSSXmwH720UrNMrQ-qY_8tgxBMgMF32Yz9eMkk3ctE5oIRgtjt23UtNqhomIJ364rM2mjZ0pR33SfX266PxyMfcPl87aH2DVhGeId_I626Tj5VzF76K_J3nj7l_DYNTbNMUkZD1FeUw4-lz04isW7oCFopIQ6YcDf2H1Apx-5ebamSTHU_QWjiwM63esqMbHKySvBckQbQkLVqH4Zvch7TiLGx94q02cRDrIzoqLTxSHzduKH-e74jMgiBjYnHWngllkjz6rH7wZ3vzjVC3q28ByuIelKV4IxEhq2am3BfalD6cfNXj2EklNo9wqbAtyQ75McIS05fbRV_WSFVW8jQX6Pu5wA0s-HA1PrXAhxlcTAt97Diapv3Xcae2s42_teE3QtFaZV4qmuNY2QOGYeOCcX4bkr0Pq8SZqypGFmO0c52B-jeQib_bMy7px4ZbzhnLJ4ia1Gk6vsQChbw4ZcSctIrajvOYG_AjPxq4fMG6gX83mpk8eCOc-Ga4wg&sai=AMfl-YTmtZ-O2YRJc30TnB9ocZmwsOdPz2LbC6D69X9mQI436GpFS8wrO1awdRLf3IwWmNlO5RlBfYYO615EJag5Aa1wQRq-CVmSjdtoKw3c98055OKpLR7jEAmmOTuykOuY_FliquTfT1bjUt5pjYvjlZXs7vgmXO-Wwhxrev2UTGsrjJZ0xWHWBnvVWAuWVhAo0EnpyddhEY801fL4ZV2UiFTTG_3LRbinO-LIDuDq7h1BEx9if2rhPpdXPCXAwkgLdEZqh8VvBib2PJ5vo0xEW0U2mHhRYIXxfZnj-bhjl4ukVd-TeAPHYP4xeCiOpNc&sig=Cg0ArKJSzF_Eh2abloJeEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=131&cbvp=1&cstd=128&cisv=r20231207.28187&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 93656
tags.bluekai.com/site/ Frame FB8C 62 B
574 B 287ms
197ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D31200026&phint=crid%3D208225770&phint=pid%3D384709785
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 03 Jan 2024 17:14:44 GMT
content-length: 62
bk-server: d4cc
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5A35 31 KB
12 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dj-Ttk7WqQQ1ejW7PKsr0p1il1fD3WiBqtl2NlLJ6K_Hp5dTWwJkQquWia6Slkg46WyCK_4K8tDT_-42qcDXqCrtzM60tsVfv9GT-MJwTzqnpu6VJl9L4LlKlCyYFINEEK8Mx21ZoBg5IdaQB2Y7lp2PjdplHXjr_kz4rGFokQvsKAcO8&cry=1&dbm_d=AKAmf-DJfAIEeVLrZ9-yCuhxkqUhr2QSKX9j1v57t3edkkn5Y30XXoJBFx5I42saINt744OETTRrO3JCHZ0nlnjP9OY8hHPAca86rv7u-m42Tc0Zs6ANXDM_XDOv0qM6nW-3e-nSHCyAMI3dVQ5HJIOsHj5KfflPaxQO7IcOQBK3ysZBpoOpftr9nPmwxt_iqEbr_74W4sCzNa0eClIpuNJJJ1Ln0J6PNfgd9x61kZBEOMm3RZ2ENZX_4Soe2f81oAleJ9MVxi3eJpo-uPTLOwWbb2tgfjHiwlEBzk4GkWMEBl1p-ENdiG_W3mYoDBNV1-HLQ5QzxUWHrDoQzbus-S9dVhiTlSYobLNdoRQEksJSAkvTxFBLlETTan9lYKOoIWVFDXXzViOLhLnOHW7CxLDfkh6TSrTnIwSPKzM5zQxfFFrBxPgrJHNur8hcFPpnhHWsAfzU1zEktpeCKk9zefvNXYIypS2hndS8ajg2t9hX8sx11APbCz4xnX-nj4jdFUCbJR7_783mZTVMdBNO6kLa5-NPQrULiW6-QYlRa30SDXKSRukAGQhoNUy3ERbU4In7AnqrRHLb3vdoJAf2LZbTg560ij-A98U5xGSGaFnK8ZVCZRduQtO_s52jsJG83KVNtNOcHA9eHwzSJo0JRnqsZOO2znnU9NVq1SiGd4OXRKq36PQyx-4az6MuwAS8CqJAQPiykms9XlcoL1AiLHDOqoSdBewsJ0zoCxXoKImK9sor8Q7GHQidary6l-5jNyehb3_A69-kNxw4Aqp7ekZ90oGHRzMoUOrLcwEXkGbDqnu6fHNFJWiI2v3FBKU5gJCpPAEtpQzM5hZ9d5c5dE5Ix9qZYq2Dw9xZxZMi83itgvCRzb1rIh7rLzM5GmT4423WI1CIEdJ7QuXIH2poyf1bhQKrw0qG_4pcSfctbr_OOSqy8M6_nEEYiArS9xGzGCjQPPBGZGxED6ovazQH5Wjs4pR2wrQrncIj-bYEyiAGaklaey_286M9mOWGJRv10wOLOLTNuiZtPDKavEVhu6DPV1j6Ac5uHpwKiA6-DzbFLo7RUB4RYm9SboPNXkZ1moTuRZQANMvVFvbdn9kLmFskQWizZIr1PmQ0Mn9otpYow_dy-81JRTz22hsHcjX5FEKWPlHXEbTUTXiQeBxnmfOwEd59_bbjXSN0Fir2U1c1BZLNay2lsDYzE0sj-8kE2EKQpeqgyanQ4z0nKrW_GflsDsnMS-ipYmB79c5UNaZHw18GZSjem1m_ia2SmpCj7gYXQuVJc2ZaQgTNB9fpX0IwatUyQEvtIidhqniXshjvIPZmln0MgJbEZeMstH3Bgvfx1E99qtJOAC_UFKuICZiAXvkxX1fRMT15J_o1u6ug00bzUe_WO0QlvjelFZ33h1ZhOeNYwWT4hnrkB7MH3vJLOCDXKEKrrtOSrdKJ0LLpN2NvOJ2IX-7NrCMUJ6UGY103LN_G6tHTAqW6qW6aBmWUDeOXFRiAp2mYkKFrPRIc97T7Rm3s3eMJuSkptxHk1kW0YXG17rqVbcGsQU1TVJCmzYtvHgOYO2g7MYDx9wmxfGYYwTh6GSg6s-vJzzpQumlY9UDROfytfl2VOedej7E5BNdMBvl674cWa9JrxlcMVsJ10qtPA0F7J99dr6d4nI6a06WlcHY45mjTxySgXPMLfd3VsWexmXGVLmCieWa-mJIDh-SCd0yeNLUXW0BTPMiKLVnxEQ4LoDulO9s5eE-QAwM2zEttGy2GeoFWgnEFXWnDYr720j9HupkbJMcs-AzLQV6anULw0OeInGuuRaV5PdqrJiI1-EjR_OOb7w3DEqu-Gj3-Bof_Rm43w6DJBZT-cK1UFRrt_ix6wryNZsEbHTtKimz2fbMbVmj3gg-rcBTurHi5q37Ab0-sQmkAH0-ascSxHttOIYVml46KAoUyZ9C--u-dwRPGPMVlv2zQG1E78xMIxxygZqx-BzpSLAK-BPxXBcCoNsfimsAAtAhFkrQY_CXmuPbRcm5mZNFUkak1LOVuDreZmmUh2jagWw-dI8t2TvJaDONW7osVbEDkNt3bs61EccLtevtbX-DHtyxTeHlExfjREX8QdsK0Crb0nCmb1OKL7GoAEINqRCM9DYWQFR4lTHnlu3pGRrg59nhb4g2YS-IFppYoGJoc_LtBloWfLkRlb8Z86cB7qnGeV6c1Xct3VG9p3uAz6WzhTzmIYCIDkM_MOGmPtpne5dxvmv_QIfyL9JEX762mFrkTCyApucSLn-nPUE8TkkX8Ymo7auVvMgbN2cfkLh6kClGsClqnpCyrwsdahbbgER9O7_INvYJbyHqX4P9y3kQAGo1CtoqZJzO0nK2O3w24I_MHGBABToxUdFzRukVy11gdV7VbMZSBd8apqyDf776jzmBXiCNAZ1koE_BngT_PFRV0X3pY6R_MudVI4UbLajJF6g4H7_9ZUThRkNLN3XwMDER0SHAcJOQBKpAzodPTRBgxwnVKbskiqdNRxfknYlWf6hs0lylicPpTiETm9iKi5xES7ITn0OIRCExM6igHtjcGMxgYSkrmCKG__zFHHEW5rlc4gb04vkP0BgCibx6UgPpJJvp4cx9_NQdek7WkhfKPIXMb4WPq5nkVMJoBypc3qYKe768HqHgqwoCvpFhGTuIX30EPgI52DdONAY_JJ6frvWZE5SiKXiS0-yrAfsbdRiijvK11hUKeocol_7dfk9kkxZzfyDEoWKYUe_nwj1hiyp8QtbmwmB0uAYICQpI14kfev3Hmy_zs7FRdILrBSh51Z3DqbC4HUbAC7pMvYViDW-vA598yMg6JI3WF2yZeFUI9MyeojuDJJA0zK99Q1R8ENJCUAcbdJ1q0Y-C0CSPc_ZgETTL8opB2luPw3got7UDnClko9qte2tAQy-NwcQ_TWXJF1gmSDz1gh93LS17Nu4hDQeKqOIfdT_8w4YAMhayVRRHF6DX8pl-SLr83MVeThzxmrnR--Gp5kKtcYzmcjNPA1DRNHlBmWPw7yPyAEGi7O8FvZkpmRNLiTp4jrqOTAkbDsHEHu8fBxeOo8jlpWedlP6ZD9krIh-9oF7HdsZToW70nIl900P-IG_WocECnZ57LbxX6MQHL_ETunnXeaFulLLos0uxxDzT3vH6OXXlc51bxm4vClg2rpZDWpNmx4aDUMpfEiGyNJk4KU5hi3KTLIiq1WJBx1BwmGZdpr8vWLM09yzEwKVmk8sTe129xBM_ZXF7P2cM2FHK2ZxD40zdZHJTUR8rxQd78pWVOtgPKDlDy2_ukgMNXuHdpvAMXrGTBHDg9xStT9L5gxxaHapmZanhHCO_K_iPCVlb2X3THtnfRvIFHeYC_8KBe9izru-J-_aGrLJOPmc73I97WATu-stxz59iR0gE3glhR02LGlFcWNMsHeyMQM8MWuZcaCSzcpflCN6-PPxpuSP8JlKVjDLHe0b4tdLm42SUrA1dWRJ16TY7lWh9HiecbV25kyH8KcZVKwGb2rxqYwqIcdTKbzOK-JY-DsNa4uIlPjLeIeDzVAVkCFDJ9aNh5dAjkRYJYZyGXc99PmkTe5QJaCsOyXKjtglrn3zvRwfE4NxAdjcjBVmxc8ZYBEG8678mzKLpEuSu0Hegb7MW7ylojCSsBpSBsZjqNx7OMuRZ9aV3xt_Zq8hqdc80Gy0vcY7vZwLfWqQAP5PC43d7TDWFn4jxvSbv7ubJ5NfKtVjo1cAp6SIgi48N9Sb2YLg424tXHeOMIzBAsASMISMefslZ_GZSy4fqN471rJDHAg0yJbAzVUWQd20zp9u0yz68dLEC3jYB0gCOPSM7znko4-JH_R62P_DY9T_-dsUvSlcoIG40t2fUQr7i4EwxgXguzJx7MMxgcFaTyI8uQYg2IeCxloYvgWVQS&cid=CAQSTgAvHhf_27Y43HO5M8MXERF8enoV2amFEypGdHzBspLJICiHS7L5s9KKGBgFC6bCbZhts_tcDJZuBzOPdHxcbgYNE_5P5HjIarVN8wmC0RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=17953582728209099000&adk=3047537734&idt=305&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 01:43:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Jan 2024 01:43:50 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A35 41 KB
14 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 13:49:16 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDMwMjA4NDE0NDUzOQogIHNlcnZlcl9pcDogMTI2MDYxNTAwCiAgcHJvY2Vzc19pZDogMzg3NTk0MzE4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3...
ad.doubleclick.net/ddm/activity/ Frame 5A35 0
833 B 177ms
65ms Image
image/png 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDMwMjA4NDE0NDUzOQogIHNlcnZlcl9pcDogMTI2MDYxNTAwCiAgcHJvY2Vzc19pZDogMzg3NTk0MzE4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAzMjc2ODE3CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDIKZXZlbnRfaW1wcmVzc2lvbl9pZDogMzIxOTA5Nzk4ODc5MDU1NTA2NApkZWJ1Z19rZXk6IDQyNjYxNjg2MDA3ODE5MDE4MTAKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTAzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzI3NjgxNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM1NzY3ODYzMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTExMTc5OTc0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDMxNzc4MTY0MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ2NzEwMTE0MQogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly96YWxhbmRvLmRlIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vemFsYW5kby5wbCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3phbGFuZG8uZnIiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xceaf8d224bb6c71f0000000000000000","13":"0x1a908c876bc83570000000000000000","14":"0x14c2d9647ecf9b310000000000000000","15":"0xfb5be7261eb42ee00000000000000000"},"debug_key":"4266168600781901810","debug_reporting":true,"destination":"https://zalando.de","expiry":"172800","filter_data":{"14":[],"21":[],"8":["3276817"]},"priority":"0","source_event_id":"3219097988790555064"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg Show response
ads.revjet.com/ Frame 5A35 43 KB
18 KB 150ms
58ms Script
application/javascript 168.119.0.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/bg
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.119.0.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.0.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="CAO PSA OUR"
date: Wed, 03 Jan 2024 17:14:44 GMT
cache-control: max-age=10800
content-encoding: gzip
content-type: application/javascript
server: nginx
expires: Wed, 03 Jan 2024 20:14:44 GMT

GET
DATA 200
OK truncated
/ Frame 5A35 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66ff6f11e4caac84a153c061bfed9d920bbae5a85df1423fa7fbfd62eef850b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F571 39 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 15:57:28 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A9E 38 KB
13 KB 35ms
34ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 96845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 14:20:39 GMT
expires: Wed, 01 Jan 2025 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.19.8.466.js Show response
static.adsafeprotected.com/ Frame FB8C 213 KB
67 KB 72ms
18ms Script
application/javascript 2600:9000:223f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.466.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1898970/77442864/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-8203385927523536&ias_chanId=1&ias_placementId=20903658371&bidurl=https://www.neoldu.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h7PhvvJ9JMw5BkyWYP6YZU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id: xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1801292
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Dec 2023 19:37:51 GMT
server: AmazonS3
etag: W/"eac384b0904b6f5677cb58a4d4e104c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 55hOmUXECKv3XNWkMOIwjJW80m7WyC703xFGmdF38P-GW9lp-v9KbA==

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 0D9C 32 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 23:49:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 Jan 2024 23:49:09 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A9E 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Jan 2025 15:57:28 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FB8C 0
0 72ms
72ms Fetch
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssAOhxwBtveFIX4q0kpyDt4GhPkaUnREG3BXBWzI3nuUwJpHxs1RbLVQt6cOGDzrAPspoETjEYE5MNfPU6FrRYTp3K6f6qUWEJL5e6kZMkWqdfs5cRFeM7MR0YtksGztvgkza6fG8pwXX8dYxqVd6Y6kKm0Qlt4eQhYrvsut13_y8ooRDdEG50ousP21Rk5UA1YJNEZjzxzeNrj6oBWb2cEctWYcrgOvX9Z0WcPAoG7eYfCWiq2LHP3sF2eVBHgwFiEEPcbc7tpQEzpxJgmMtNhg9QsTJQplLaeWyZoEZN2Hv3DHwEOkX-e1hzD-imJFfYMBgMTGKG6CUTJNZjI5BEFwSLDNhzezQdqfIMF8cE-3kiHxDGSGCAysc4sZ1WXekIhpew3fLQ6DhowxwrCjzQ4zVR2ltEWc8q7jh7ZNsDOV7_EFasHke4smhQ9XcapKApZQK1xBACTDRHccS4jWQnLqg0IvmcBU1cI6_HdK-z1KkrAuVxn9ndykkcELKShhSA-ox4rsXgC9xmAxjeXg0xp5D1EAV4HldJFSYTTo1efbSTVzhTt5rNFzT9UgJedSHHh3ax7csLbJXBUFGFaQBKvUML6W8Y4SWXs_XfYMiwIvc9ZPEky58yR1JX_8L9My6-RluIi221bSi77BuipiBxdrTnvX4QZ8Dng5pzCQIN5_H3JeE8Qlj-PdwseDhN766txBQcFtd7KEEE9-h-sEhz4ysuf5fKKakCD7Jpbqc-eU-pnb-TM9scSarF0hZNTHjNi9YoCNsCw1fxEJH_Aj5UT_OYKuvcm6Sf5UmHA18nvq_D6PQ9MGT-dv_aHJZlcKhwYdupCGnGy5kGuIOgPy6uTKF4GIJjwYIJ29VbRdFWWOnFsvHieYAafDiCXQaGBoEusU1Hf61lvONc4C0hG6O1Wd_0Q2MfiymF9I5HZZdF7F-Wdds_EifEgKKX9HetJ79PVfhSSXmwH720UrNMrQ-qY_8tgxBMgMF32Yz9eMkk3ctE5oIRgtjt23UtNqhomIJ364rM2mjZ0pR33SfX266PxyMfcPl87aH2DVhGeId_I626Tj5VzF76K_J3nj7l_DYNTbNMUkZD1FeUw4-lz04isW7oCFopIQ6YcDf2H1Apx-5ebamSTHU_QWjiwM63esqMbHKySvBckQbQkLVqH4Zvch7TiLGx94q02cRDrIzoqLTxSHzduKH-e74jMgiBjYnHWngllkjz6rH7wZ3vzjVC3q28ByuIelKV4IxEhq2am3BfalD6cfNXj2EklNo9wqbAtyQ75McIS05fbRV_WSFVW8jQX6Pu5wA0s-HA1PrXAhxlcTAt97Diapv3Xcae2s42_teE3QtFaZV4qmuNY2QOGYeOCcX4bkr0Pq8SZqypGFmO0c52B-jeQib_bMy7px4ZbzhnLJ4ia1Gk6vsQChbw4ZcSctIrajvOYG_AjPxq4fMG6gX83mpk8eCOc-Ga4wg&sai=AMfl-YTmtZ-O2YRJc30TnB9ocZmwsOdPz2LbC6D69X9mQI436GpFS8wrO1awdRLf3IwWmNlO5RlBfYYO615EJag5Aa1wQRq-CVmSjdtoKw3c98055OKpLR7jEAmmOTuykOuY_FliquTfT1bjUt5pjYvjlZXs7vgmXO-Wwhxrev2UTGsrjJZ0xWHWBnvVWAuWVhAo0EnpyddhEY801fL4ZV2UiFTTG_3LRbinO-LIDuDq7h1BEx9if2rhPpdXPCXAwkgLdEZqh8VvBib2PJ5vo0xEW0U2mHhRYIXxfZnj-bhjl4ukVd-TeAPHYP4xeCiOpNc&sig=Cg0ArKJSzF_Eh2abloJeEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=310&vt=11&dtpt=179&dett=3&cstd=128&cisv=r20231207.28187&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rectangle.js Show response
cdn.revjet.com/~cdn/JS/03/3.5.2/modules/ Frame 5A35 20 KB
7 KB 136ms
21ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/3.5.2/modules/rectangle.js
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA2) /
Resource Hash: dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 15:25:13 GMT
server: ECS (amb/6BA2)
age: 382
etag: "64e381d9-4ee4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 7263
expires: Wed, 03 Jan 2024 17:24:44 GMT

GET
H2 200 sync.html Show response
cdn.revjet.com/~cdn/JS/03/ Frame D74B 2 KB
1 KB 129ms
20ms Document
text/html 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/sync.html?origin=https%3A%2F%2Ff760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: 71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 449
cache-control: max-age=600
content-encoding: gzip
content-length: 942
content-type: text/html
date: Wed, 03 Jan 2024 17:14:44 GMT
etag: "64e382fe-744+gzip"
expires: Wed, 03 Jan 2024 17:24:44 GMT
last-modified: Mon, 21 Aug 2023 15:30:06 GMT
server: ECS (amb/6B83)
vary: Accept-Encoding
x-cache: HIT

GET
H3 200 Logo.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 5 KB
5 KB 28ms
27ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/Logo.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70857504e246762877461c8aa20de02df0d734bb0ad14dde07cb0e02cff8fb91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5264
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta1.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 1 KB
1 KB 42ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/cta1.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d1cfbd7ae18df9c9209bb170d4afb2da336b7e44edba6e0c5fd74d24dc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1336
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Preis1.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 4 KB
4 KB 46ms
44ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/Preis1.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ae902c2676e8ce8208278700fca8927dc77f08c801aba031342b25f7e097c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4345
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Prod1.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 12 KB
12 KB 43ms
40ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/Prod1.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a522bfb9539053e6bcb4a0f8ccf2800067162cbba3c01d51846562939ce79be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 1 KB
1 KB 47ms
45ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/cta.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bee63950f57ab4431465af684c98ebfea4ed8db873cc77278799f31a751e78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1201
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Date.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 2 KB
2 KB 65ms
63ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/Date.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb2c75caceae4b8904d423d292cd107cc2a844c4249ca53b82c57ed67d72164e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1628
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 HL.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 3 KB
3 KB 66ms
64ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/HL.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c94d01da35ffb87b034d4d7e2994b1eb07b71eafbf6f0211737916ad557f7247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3079
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Visual.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 6 KB
6 KB 47ms
45ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/Visual.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64459a7d59a485cd4c32b7102551fc11e0e71a433ec267c3e9176f595629cf76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6086
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 BG1.png
s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/ Frame 0D9C 16 KB
16 KB 60ms
58ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/BG1.png

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc6e1b90fa8967d5e7f353159295988e38036e4750ee7400dd7f77facffe2d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10513605732279263466/300x600/_export/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 11:00:01 GMT
date: Tue, 02 Jan 2024 11:00:01 GMT
x-content-type-options: nosniff
age: 108883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16628
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 09:11:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame FB8C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1898970/77442864/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015630378&ias_pubId=pub-8203385927523536&ias_chanId=1&ias_placementId=20903658371&bi...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=

17 B
465 B

32ms
31ms

Script
application/javascript

2600:9000:223f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 03:21:19 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8517206
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: d1AdiRQH5776NyCB3jWy7_xzIx7nYfrdMw1SklrL4YR_YB8OXWdtKA==

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame E42C 91 KB
23 KB 17ms
17ms Script
application/javascript 2600:9000:223f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9047134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: GhOJ5yfyyBSH1-HnmDPNixgLdBX3rjDE3P98yHLoNJoP_f2nmoioEA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FB8C 43 B
216 B 560ms
177ms Image
image/gif 2600:1f13:800:7780:3623:fc9f:7e19:58ab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=83271810-94de-ab72-22a6-88bb6e2d79f7&tv=%7Bc:g8EI7,pingTime:-3,time:247,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:189%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:247,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:189,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B80~0%5D,as:%5B80~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0jXRkk+11%7C12%7C13%7C14%7C15%7C16*.1898970-77442864%7C161%7C1621%7C163%7C171%7C1721%7C173,idMap:16*,rmeas:1,rend:0,renddet:na,siq:194%7D&br=c
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3623:fc9f:7e19:58ab Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FB8C 43 B
215 B 557ms
178ms Image
image/gif 2600:1f13:800:7780:3623:fc9f:7e19:58ab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=83271810-94de-ab72-22a6-88bb6e2d79f7&tv=%7Bc:g8EI9,pingTime:-6,time:249,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:249,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:189,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0jXRkk+11%7C12%7C13%7C14%7C15%7C16*.1898970-77442864%7C161%7C1621%7C163%7C171%7C1721%7C173,idMap:16*,rmeas:1,rend:0,renddet:na,siq:194%7D&tpiLookup=ao:www.neoldu.com*&br=c
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3623:fc9f:7e19:58ab Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312070101&jk=1232890412357495&bg=!ra6lruHNAAY3kmNgF5I7ADQBe5WfONpTRK9m0E3g-iJkdIRGOwAOZHHa-PoLFHoqYM73HjCGR9wdt2WUL5POav75k35KAgAAAFxSAAAAA2gBBwoAJ2p0WAJDQdn4XB9tg_EdH-zNiYCq78ZvWY_X5CcEKytIsFEPywwePZkC2rVWq3wNhXo6lULuaiYwuAD0wwHKxIbgNhyd8ae_lIoZs_fOd7ShWa0blxkmIdZHEH0MfU8txeBcdc3Q9RyUwaanA_rXfO7lggLseoR5RLY8itrYLg4MU-ZWnO2rpbbBTNMBk4Ft_9xvVMtmdo3WC34yi1_fSLP_e9t68NOSMxCxk7GXWfMyYuVacd2xGFrtP7HeMQ8-vsO45KB4euQtCYkpwAR_ggUSYPclQx_PFe1sbQR-gik1Vm4YBLzJisPTcpYf-XWm0f2VPQss7fA1ZxnkHTkCDphS4EKN_VVI-muP2H6KB06rVcc7KeAxfD-AkAIAIOsZ-92oZ4bphquDAXRa3p7tQv8EpOs3imE-QircnZjGPIJ6zobyGbmaAwhMa3kIouoja6ENM8mEIL307jsgdrjo8LLk5uSc5clu5SmsPbTr2_9LGqq50OED_CUIHxpvWOooHX6U8d7_vRjKkkz6MK8B7s5DKRquv24s0H1TjIMZQAqv69y4lHWlld2mqgYnymcJEte4HBl2d1kMQjaM-x5YK1lO_U5rJTz_uZlohRGdFB4FLXgCzX3pBJP-HlTaUZt50rH5aNDw_GrOsYObtRMqLKFW64s42N8dqw7xioz2iin1o3YvQXyOM_neGUttGWXG8i6q0ka_kWxR2RUn7P-nhoBi6lLBs-IeijAPd37f5U5SEaWdIUS6tXrhtN-jTXaCvsIVdJs0qgSZzpTotr_jeEQjIjB79Z3oRWicfQeIaA1tEGo8-Wal_Jxek_RtjtOnlqoY3sSCdd0aTQL5nVdrZIRU6kB-UeNnSX2S6w1OnHGLE2M-7YNFCyQFixZkyQCJ5kvydAZVlCPG4BJCwgDTy4cpUy336LLFxjUri3WKO-93WAJiC391wazKOepDIzCBLTQyX3AvwaYJKB4UzBhkoxU15ZYfSP1V9gb8tmEDUjtn95u9T7_-HdybHofJOSSFL0seWU0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FB8C 43 B
215 B 526ms
179ms Image
image/gif 2600:1f13:800:7780:3623:fc9f:7e19:58ab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=83271810-94de-ab72-22a6-88bb6e2d79f7&tv=%7Bc:g8EIG,pingTime:-2,time:282,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:588,beZ:589,mfA:751,cmA:753,inA:753,inZ:757,prA:758,prZ:771,si:779,poA:783,poZ:802,cmZ:802,mfZ:802,loA:836,loZ:840,ltA:870,ltZ:870,mdA:590,mdZ:704%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:189%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:282,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:189,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B115~0%5D,as:%5B115~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0jXRkk+11%7C12%7C13%7C14%7C15%7C16*.1898970-77442864%7C161%7C1621%7C163%7C171%7C1721%7C173,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:194,sinceFw:87,readyFired:true%7D&br=c
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3623:fc9f:7e19:58ab Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 tag236629 Show response
ads.revjet.com/ Frame 5A35 250 KB
40 KB 37ms
37ms Script
text/javascript 168.119.0.148
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.revjet.com/tag236629?_plc_id=111757028&_key=76c&ct_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCaa6xA5aVZeiVE4Wo1PIP_fih0AqSvIC8dIeeoKiSEtiJhZ4LEAEg0YjMKWCVkp-CsAegAbmskIspyAEJqQLiGDfFY1OyPqgDAcgDmwSqBJ4CT9A58bCE37GJIT82DR5dAmXBqKIh-VtDikMjUgntHQIMZGmcZMXfeeTRG_9zypFpErkAF9pF3pOnT4pO5VeOwyQkCpsWb3d0J9X4gv1zUPmPghIH8-SWBdDp1IdBkzEjlKjyr9jTLzy1BjOAwyJu-U8dnl5sb49ugAQYVc1km4UGY24_86B23-f7PCglePFBO5MCc63GloMobkFuc0xvIAj2zTrqR20qpGwu_ISFJr2zSOnBMsFQc9L-yHwbPzM9DWrphAKZggGoJanrTxE_JLJJZsb8pKrnEOnS87wt3p-hyTh8wkXE_-VnfvJqV2_F_HTp1Kt21TVWX8D3RwokMWlzsf5V9LfLjFjdJqoZLfTdQg9bv5Yovb6bhXQAFMAEvsvR178E4AQDiAWJ_aLYS5AGAaAGTYAHueTg6gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlix0I6C3MGDA4AKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAqoNAkRF4g0TCIuZj4LcwYMDFQUUVQgdfXwIqrAT27yXFtgTDYgUBtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_27Y43HO5M8MXERF8enoV2amFEypGdHzBspLJICiHS7L5s9KKGBgFC6bCbZhts_tcDJZuBzOPdHxcbgYNE_5P5HjIarVN8wmC0RgB%26sig%3DAOD64_1mfTdE-lfC1ry-QGB7If3u2A35dg%26client%3Dca-pub-8203385927523536%26dbm_c%3DAKAmf-COGqaMZlDLuMV5sx2fxFVNdfAl-PlfoquSIRxAd7bHr5J8lGp6NUXbdiiSSDL0E3OrnJPxW1Di2V5aEfivKkfXKln4mCXmBe0Shc-g4J49WznokUIzO4tbnGTQELHMJMOfUZPXWlfqoS8Xom4Z9CTUgMJOewlOAwKCPLRSvPPD3RHHhoU%26cry%3D1%26dbm_d%3DAKAmf-DyWgUBs3h1SpJlWn47j2c2tkeLT-NdmjDNzQQcim6mM43RQEbtTYhKPzqZ83SMli0wy19Jo5S5MfflT8vNE5YXSCsSjWy_pNPP79eLOXlamrAG7TgiYf9MIgbbgRegBi1eg6rrQ4ZQB98CAq4bKTIBCu_S2fuxBoWlhmx-maHW610SJMdMnp9F9por4NcUq9Sc8WUjeyjHY41H4qeWaHxYH3ejLwBDE3lB__xycxaDlUDJtWByPq7ZC9M-pb3oXei8mpeDLzbaKkfzbp_SwUps34uk-TRhtz7Fu_cswwEA0t12M8B_UR5ZqIu7_jRcZwQKHvDitJBbDNQ_tQiPDKonjiNAr-sORaFvHnHW71m3hUQoRD7UE2bp3C7v862_lD8y8QVMM12F8P2_foFFLVpZ3HpXED2t7Pd_XBoWSbdGGFWii8riBhxyjqQhoksfGlfuXR0_7Usvkw4IN4cjLx_eZeC-SfC7UZwYkLbS_WBKmXDuYsJjZ50EHXCQC2MsjenAQKmSI0MLnIb5Jngpcpsc5kPbw1c-qTL-D11cN69hk9Kltok%26adurl%3D&dv360_cmp_id=20317781641&dv360_li_id=1013520331&dv360_crv_id=467101141&jsonp=REVJET_TagObj_1.onLoad&_js_site_page=https%3A%2F%2Ff760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&_js_site_ref=https%3A%2F%2Fwww.neoldu.com%2F&_js_device_w=1600&_js_device_h=1200&_js_gtx_id=b81e1c3074423ba2c41f_1704302084533&_js_tag_freq=1&_js_vis_type=8&_js_measurable=1&_js_imp_banner_number=1&_js_imp_offsetx=0&_js_imp_offsety=0&_js_imp_vis=1&_js_sf=0&_js_fif=0&_js_imp_banner_topframe=1&_js_embd_tag_id=revjet-tag-0&_js_ao=https%3A%2F%2Fwww.neoldu.com&_js_imp_banner_creative_attr=banner&_js_imp_tsver=3.5.2&_js_tstamp=1704302084548
Requested by: Host: ads.revjet.com
URL: https://ads.revjet.com/bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 168.119.0.148 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.148.0.119.168.clients.your-server.de
Software: nginx /
Resource Hash: d32fbd266df9fc490b6f80b1e9573fdd18e7ca4bab89b66cbb7b0e1157840690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
server: nginx
p3p: CP="CAO PSA OUR"
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-transform
x-server: ip56798
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F571 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BxsAbA5aVZbPvOc_hx_APq5mE-AIAAAAAOAHgBAI&bg=!aWqlaiXNAAY3kmNgF5I7ADQBe5WfOFOQOCYLLVaJqOFcX--Pfkc5lpSI0iUsB9r9aK3B9GuBjizwTI9B92gBuDqgAaY7AgAAAPBSAAAABWgBB5kDVXPg25jIq6TxQqxfLP1bYXBUXBZQkzUoqnhs_fvEaX5JOIxbyc5pbDyo3KxrZ6-X4uaCh2SERD-smCc9V0ZZycuWgSY-5JkBCtSBHmghTaK_WQ8s9tpqH8VJbo6JWxHvsUYD7AINi-nh9yaof6tsRK3lFA8AJFUA2fmSF-d8UhA7oBWy6jsDmvcn_v3kdPVRU1Yti-oQAJu9WsE4Tbybm1JHATXZt27EEb_2toesV9Kk10T3oRhV4Kp7m_2ODI8yVvSe36R3_bkiBbND2Z-Kp5LpDjGfHdUR1YqyPxjw-H9ieyPbUGhyTAAC-La7B5shQ3BQPKHcov0qDDRAOxTMH19z-05gxkBvbuRjeoZ80rOt7NzsUCNKJ4KMWjQY2U4AQjjI0ikTI8WtQg4zKqn_fOGoNXqSxU8zVZbhKuZQlhaY35A_YKeg8-OScI0k_WRMyZd7jWeof3Z0xSo2xeB1jURoENvcMaDC5K8D5FqBkRlIgUw3IQ_bt9mNHabFX5yxY8r2p6j7xhFoCRUWoUOBwCTb7S9wua1XOEds8nnRac4VURm_AyrHlhObXBH89WbkIC8HMBcnZnHYCLHvFZT7VKXxD7LLegRZjd2lA6tEVzr-2-btNnmTuo7FaYUKU3ZZ8qjAHfhAGIE1Jq0VUQKXLpT5L_Nm6Dr4BLeCJ4ofi1GtnHRuPjWSTHkB9EjuXQVfXsyLzYSyBVLZl9nvYCy7a5VR4_fdPrXob5owLQfarPz7jdIFQKUojbhSdqGc_HCg5x-QE-cgZTKTS7_LpkzTEJs7zyTjkyg8UcXGLbMI-UaKYwcWAKDDWBQjMZDP05fX1zDFjA-BfYT5qTRD42Hz29rXNjphxf5O361v_Zugdj72ElORcoMJTUGjm2ZWTjANSIaqKNYyqdIXnpRQ-4MldROm9a0bJz4WmtBR6SzHpY9VCiPymCnEr6l2WyJ4D8Iu_S_5vLupf6FhTp3XfBROH6AuwAYpBpYVKmg_MKuzyX4Wmh2ol1AcykFI0TVISxXh_q7XAaPZbE1ML2FTc6g-2Cd0Wz6IM6V9ElbjVryxJF1zvmFPKMkq3Jc3HZ0JMvwW_x0FF48lTwzE5gmgWfNaeBVWK6Qp5gDMYGV14cdi5ZRVG59kBJs

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elements-2.12.0.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E02F 169 KB
50 KB 66ms
20ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBC) /
Resource Hash: 0cac1083f68a8fa2260865fd338d8eadf4ce0cc48417f1dab12bbadc900d5cce

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Origin: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 15:55:13 GMT
server: ECS (amb/6BBC)
age: 295
etag: "65845fe1-2a30b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 50969
expires: Wed, 03 Jan 2024 17:24:44 GMT

GET
H2 200 999
pix.revjet.com/interaction/ Frame E02F 43 B
170 B 66ms
13ms Image
image/gif 167.235.39.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/999?__ads=901da8abbe69aed8dd59c3489689fa18&__adt=8240604254626913995&__ade=1&vid=5111286530577662414
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.39.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.39.235.167.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 gallery-2.1.9.js Show response
cdn.revjet.com/~cdn/JS/03/ Frame E02F 56 KB
15 KB 15ms
15ms Script
application/javascript 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/JS/03/gallery-2.1.9.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
last-modified: Tue, 17 May 2022 16:32:04 GMT
server: ECS (amb/6B9B)
age: 573
etag: "6283ce04-df39+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
content-length: 15443
expires: Wed, 03 Jan 2024 17:24:44 GMT

GET
H3

200

B29255022.357506037;dc_pre=CM7-4oLcwYMDFQJK5QodBPILOg;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704302084571
ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/ Frame E02F
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506037;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17043020...
https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506037;dc_pre=CM7-4oLcwYMDFQJK5QodBPILOg;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_chil...

43 B
64 B

33ms
33ms

Image
image/gif

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506037;dc_pre=CM7-4oLcwYMDFQJK5QodBPILOg;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704302084571

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N6698.4753384DV360REVJETZALANDO/B29255022.357506037;dc_pre=CM7-4oLcwYMDFQJK5QodBPILOg;dc_trk_aid=548519611;dc_trk_cid=185777394;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1704302084571
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E02F 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A9E 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMDQBBJaVZZvpCLyXjuwPjuaYuA4AAAAAOAHgBAI&bg=!XF-lXxDNAAY3kmNgF5I7ADQBe5WfOL02PWvlkOXiZ2yyCn16cK4xFygETtbd-3aIPwo1j-nivOlj5UcOlJ2ytnV3EtGYAgAAAOdSAAAAA2gBB5kDTMMbQKv8qlT-sbMcw9OB7cjycwZh93bVf9lLMsbzQ2PluSkcqZZpbw5J-nW7OinV3vfnF2cPK7sNC-9GMwNAlv1fdAbRTmp-pvSSIr3fj0ZiCgmiNP_1AGsc3rcL2FnL-Xr9fuVqrVrbHDwYUe95gBoqLFJ1xaQ8Qygu3V8UJdLWK1I5pbSuUSGA2x87oAidwR6O7jgvdQz60Aoy6PXpt6pv4OwejRkG2C_UkZG9HSaTBfNzxY_XjPtHB-bSv0DDERyDJ_zhZmhEs8G6Fcgf95GeyQVwdMrhdjKVs4HDvngfTW0zahHVjBwJ3UxkV2fRsbNAviLnw_iXVQDpFd4aJc3tddX8c2UboG2XmmJuc0GCpg5nC2tjItddKKBqNVNBdhxeyICEMPlKNRrDIElTwQ5dApu7r-ljrTibtuUQhI3OAd8DQnSxAoJ-UKMzBl7UaVIS8ixekAz16K75p-IVBm2UpNbEOssGZodxvF3CSuGNV8yqDkrAZeihMrPkqghst2dnAi5wpERqeivm23-RsJJMiQ_vYfebX4i1J_MyoOuAx3RwmIzcITzhFbCOVD5tVbI3Xd_PBncl_0AEWX52sabMqkeTSvDkPkG6VmEr6WwXXjhd4SyreC6KFuVZRvOuSXDpmHAe-TP4Wmog_To8LWmlrVV_h_0v_1RIgnwgySD2OE6HW1khn6bNOIpaJWG7rW1pOkfC6m9dAFNWrRlfI9U8VO0ps4hYpZkkdH84DjSdbCdgGlcAdXcHx-JNIgqhzkhByALfnPVPyefBUhrYjlYhHJ4ri_J9FuMQChMp9DEnSRf1KCBVOE1fmxocSOKKnC5q4lx5mttEO_ZoLPZBy60AJ0DcoJZHqr2CDoL4EfGoTUqbxPKY8iMnQq1QKHJIIe1TDWvVF8TFgdIHPNSvWnZ1fDez7FsfEFhgkFq8y2sU0auCvixO-uqGn09OipKtSrAtG2-894oX8lIMWJdrMlZoreHUP4_pYT78b9cFffMTleVq0Xm927e7X2wLX2c_5v-mLQBNUiV4neT33KHHWcQYxGsz3ln7ru_ED9wdjeGKsqcJlHmJX-O7mv4xkAf0wTVFcPR9zmGGXOM4-FySzsyFDVsLnwAI9IYeKP4

Requested by

Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GeorgiaW01Regular.woff2
cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/ Frame E02F 33 KB
33 KB 44ms
36ms Font
font/woff2 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/~cdn/Ads/ad_shared/fonts/Georgia/GeorgiaW01Regular/GeorgiaW01Regular.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Origin: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
last-modified: Fri, 04 Mar 2022 15:24:09 GMT
server: ECS (amb/6BB1)
age: 77
etag: "62222f19-842c"
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 33836
expires: Wed, 03 Jan 2024 17:24:44 GMT

GET
H2 200 162453298.woff
cdn.revjet.com/s3/fonts/162453298/ Frame E02F 13 KB
13 KB 22ms
15ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162453298/162453298.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B88) /
Resource Hash: 489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Origin: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
x-amz-version-id: .Is8JR1jYDeMhMM7ZjPhsnsyUTdaBiJa
age: 84184
x-amz-request-id: H4ZCH1Z92217RH8R
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 12940
x-amz-id-2: IKNvW6hx7TZU5YxRIEaEJMPtWmy+MJlfjeaLqD7u9vhXS/gkkJWP22UUZqtTop22VTReeDeHRVE=
last-modified: Thu, 16 Nov 2023 19:31:22 GMT
server: ECS (amb/6B88)
etag: "31b663ffd91c821398bdd07236df4b22"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 arrow_grey.svg
cdn.revjet.com/s3/csp/1662732236308/ Frame E02F 286 B
563 B 15ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732236308/arrow_grey.svg
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9E) /
Resource Hash: d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
x-amz-version-id: xvWQ2m3sdbfn_7tiBj4ob78SzYdaK8j7
age: 66995
x-amz-request-id: K13D0MJN7W49ADJD
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 237
x-amz-id-2: Hfsr7i71myCzAXqJPI+142sGRin7Xjt8uo8S1V5q7GFW6VhG3m/WJ+teeTXx5UOSNR7J+DxpvD0=
last-modified: Fri, 09 Sep 2022 14:03:58 GMT
server: ECS (amb/6B9E)
etag: "7744a5e73070172a2534ddcbd966d020+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 162455845.woff
cdn.revjet.com/s3/fonts/162455845/ Frame E02F 470 KB
470 KB 42ms
36ms Font
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revjet.com/s3/fonts/162455845/162455845.woff
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35

Request headers

Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
Origin: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
x-amz-version-id: kVq59ccinPiVDgarv_TkFQgofQrkf2s4
age: 4792
x-amz-request-id: JPAVKC4X46QDB0M3
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 480984
x-amz-id-2: rGJoSXWPxUUhHQv6JhhDBwpl4gjJEh9mivUDmVNLYXksSflUNfG2Q9A44tJ2j+EGgRvRkxe0TGk=
last-modified: Thu, 16 Nov 2023 19:47:31 GMT
server: ECS (amb/6BB1)
etag: "a7d9ee6baf67661e8e26d1e5c04f7fd5"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 731812692_uc
cdn.revjet.com/s3/csp/1702543119129/ Frame E02F 35 KB
36 KB 16ms
15ms Image
application/octet-stream 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1702543119129/731812692_uc
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B92) /
Resource Hash: 8e30946cb86de04bf46ad1254e7811d6d919b4014309e4a58f046ca287b41b22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
x-amz-version-id: qCH8C7r.CPWEvVoq2bZ95u4ey0EjZ.kg
age: 63216
x-amz-request-id: WYEY3JB6AX76EMX7
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 36066
x-amz-id-2: 6QXiNzsO/JDijuTt/hYKVnNuyyuOTM1kxZ2FnMnnyzczwkUr+lGAXnCKXYzcfoYHfSku59F0Rkc=
last-modified: Thu, 14 Dec 2023 08:38:40 GMT
server: ECS (amb/6B92)
etag: "7df1d99a7d670d55cae20b63737755a8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 1000
pix.revjet.com/interaction/ Frame E02F 43 B
169 B 13ms
12ms Image
image/gif 167.235.39.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.revjet.com/interaction/1000?__ads=901da8abbe69aed8dd59c3489689fa18&__adt=8240604254626913995&__ade=1&vid=5111286530577662414&__clstampdif=175&__stamp=1704302084799
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.39.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.39.235.167.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2 200 logo_mark.svg
cdn.revjet.com/s3/csp/1662732637087/ Frame E02F 632 B
649 B 15ms
14ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637087/logo_mark.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBA) /
Resource Hash: b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
x-amz-version-id: zSXLBJjIwslgGmxmaRmaJDS_oPpkgt8F
age: 65908
x-amz-request-id: MDFKSD8K9Y8EMSSP
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 427
x-amz-id-2: xqr5klLrWCUe+fqBKTeC2wuIWRYOWJaQeRhMv1JrkJccp/9XxUT088ScVxeelfVJeRSUg84arR4=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6BBA)
etag: "e55996d0b9b8b1e1bba2e8168cf0d3a1+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 logo_word_black.svg
cdn.revjet.com/s3/csp/1662732637080/ Frame E02F 3 KB
2 KB 16ms
15ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1662732637080/logo_word_black.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B89) /
Resource Hash: c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
x-amz-version-id: 6dP9WoKtkjdaRlsO3V7DUipbqdCKLzpR
age: 40134
x-amz-request-id: KG36E0FE8F24XMX6
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1556
x-amz-id-2: kQ1/30U8zgGnJAVT2zEgORp2ss4jFUEev3WovRSM9k1mrsS7bDN7N79UxyG9YXuFSRTuEiGIh9A=
last-modified: Fri, 09 Sep 2022 14:10:39 GMT
server: ECS (amb/6B89)
etag: "4e3f110ca066e6b8dc4a9827ae6e6f50+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 Logo-Wordmark-White.svg
cdn.revjet.com/s3/csp/1680256735421/ Frame E02F 7 KB
4 KB 16ms
16ms Image
image/svg+xml 192.229.233.6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revjet.com/s3/csp/1680256735421/Logo-Wordmark-White.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: 63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:44 GMT
content-encoding: gzip
x-amz-version-id: AwNg3pZ_b3UTO1Gv2fLqLaH_CNFtNLJM
age: 66996
x-amz-request-id: 5V222S1HJNXWVXX5
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 3628
x-amz-id-2: 36yJA5ayu7BjbgOXIilMf1IzStGD+XOYxzKMryAwGRg6ED92mOqS2yKu4tvhKGmPSkURX2qo+64=
last-modified: Fri, 31 Mar 2023 09:58:57 GMT
server: ECS (amb/6B72)
etag: "6802dc95d8e5a742e4e3e3e09650a7c7+gzip"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
expires: Thu, 04 Jan 2024 17:14:44 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FB8C 43 B
215 B 192ms
180ms Image
image/gif 2600:1f13:800:7780:3623:fc9f:7e19:58ab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=83271810-94de-ab72-22a6-88bb6e2d79f7&tv=%7Bc:g8EO4,pingTime:-10,time:616,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1704302084864%7C%7Ce44b067e81181631cc2d9f2a48afd3ac%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7C946f004b55298741210d0be8d871059e%7C%7C75d9ecaf17c4e56861750b6bf6be940c%7C%7C3ef933475493fb4f06fcb952c9bbb9f7%7C%7C151b95254b395b7b995aad8ff6372ad9%7C%7C3201235a2ed627da565ae6d8f2d78962%7C%7C1663701684%7D
Requested by: Host: f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
URL: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3623:fc9f:7e19:58ab Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:44 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FB8C 43 B
215 B 176ms
176ms Image
image/gif 2600:1f13:800:7780:3623:fc9f:7e19:58ab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=83271810-94de-ab72-22a6-88bb6e2d79f7&tv=%7Bc:g8ERH,time:841,type:e,im:%7Bpci:%7Btdr:631%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:841,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:189,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B674~0%5D,as:%5B674~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:195,fm:u0jXRkk+11%7C12%7C13%7C14%7C15%7C16*.1898970-77442864%7C161%7C1621%7C163%7C171%7C1721%7C173,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:194,sis:325%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3623:fc9f:7e19:58ab Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:45 GMT
server: nginx
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 8637d945375b405ba1a0785411dc4a68.jpg
img01.ztat.net/article/spp-media-p1/2d2f5be7361e4c24a29a9ebd4628f708/ Frame E02F 18 KB
18 KB 79ms
17ms Image
image/webp 2600:9000:206f:7200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/2d2f5be7361e4c24a29a9ebd4628f708/8637d945375b405ba1a0785411dc4a68.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7e084b540e1faf3f5f07e79f416fd6797c5f2b3e80209d510218d5c1f9b4da4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:10 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
age: 3176016
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18092
x-amz-expiration: expiry-date="Sat, 02 Mar 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Wed, 22 Nov 2023 16:48:29 GMT
server: AmazonS3
etag: "93da718b0a11715679cf1ed17c22be2f"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZT-fNJVcYEGpCKQgWMe27EEOSDTuKiCOnNfypiJkpil8YiTxfADjqQ==

GET
H2 200 48e14b3d9cb54a6a86f71ec95f4561b1.jpg
img01.ztat.net/article/spp-media-p1/f1d69c992fbd44d5920db0050e30e2e1/ Frame E02F 7 KB
8 KB 88ms
27ms Image
image/webp 2600:9000:206f:7200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/f1d69c992fbd44d5920db0050e30e2e1/48e14b3d9cb54a6a86f71ec95f4561b1.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfaaacb3d9c8d39fe4e356ec199f8977f9afee58e7daf1164b307f93fd90e1c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:01:10 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
age: 3176016
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7538
x-amz-expiration: expiry-date="Sun, 03 Mar 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Thu, 23 Nov 2023 12:17:53 GMT
server: AmazonS3
etag: "6ae97ff6e06adb9821c1e69c24da6238"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Ih59nKTYTYAy7Fa661cQ6tdNDYeuZBI5kH5nXhN0fewHuFisbvVjeA==

GET
H2 200 9369ab429c334c34979de073619032bd.jpg
img01.ztat.net/article/spp-media-p1/32cf72ca51224462bbc8ca96a672300d/ Frame E02F 5 KB
6 KB 79ms
17ms Image
image/webp 2600:9000:206f:7200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/32cf72ca51224462bbc8ca96a672300d/9369ab429c334c34979de073619032bd.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2945bca5886e0fb3a656699e7d69fd4f84b189d34f47c2ae8a55476c44abaf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 03:39:52 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
age: 653694
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5594
x-amz-expiration: expiry-date="Thu, 15 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Mon, 06 Nov 2023 21:26:41 GMT
server: AmazonS3
etag: "151ad0dfa19295ffb15727ef7bfcd1ea"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gozdMMjrJZS92wSlJf6DL8ALwFhMyTYJt-MaZgPfW0Z8QDhneldGuA==

GET
H2 200 0c9fed33db924cfc8dd7ce5b372d41f7.jpg
img01.ztat.net/article/spp-media-p1/89cef946639343d08cfb84717737b11b/ Frame E02F 10 KB
10 KB 87ms
26ms Image
image/webp 2600:9000:206f:7200:15:157b:ff80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ztat.net/article/spp-media-p1/89cef946639343d08cfb84717737b11b/0c9fed33db924cfc8dd7ce5b372d41f7.jpg?imwidth=350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:15:157b:ff80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4148b88bab24fdc5ab6b4f4ec0baf0ad091f6b7427d5c436c4b80b98c0bace0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 23:00:11 GMT
via: 1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
age: 238475
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9750
x-amz-expiration: expiry-date="Mon, 05 Feb 2024 00:00:00 GMT", rule-id="Expire after 3 months"
last-modified: Fri, 27 Oct 2023 07:04:36 GMT
server: AmazonS3
etag: "81ee3842fda8fea9314390b7a1e194bd"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=7776000, immutable
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: umISuWgiQrsLr2XLsGeauKJwsMJONFteivoK-q93WXPPvxDMIzNIxA==

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FB8C 42 B
174 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsve5yS5B97xELg0UDjT4fi6-3DSxeCfN4nm53WhQuiz9yeP_wXIpW5T5c6-o1gauB0b7BHpmIleS-ZxNiyGQkobBHKB_Qg62BwjC0rYYokGFVckpTEhdDdy93GKLbzCWN2GkGFRC9SueuiFU5FhOWYZOVOK&sai=AMfl-YT2pvHpM5MdjCsYOumGd8CULDV-vXnjhnaU_ZVuOyFsg-xF51qcIp0FrGTc7ZfpckdJPFjatKyshuHTO-it9Wvr6UZA35mGPelPJEiNAwTZ69cTvO7x_hak5B6zCO8lL6AMlUYBkWPnP9STXOtF&sig=Cg0ArKJSzBr5TIreXF3yEAE&cid=CAQSTgAvHhf_27Y43HO5M8MXERF8enoV2amFEypGdHzBspLJICiHS7L5s9KKGBgFC6bCbZhts_tcDJZuBzOPdHxcbgYNE_5P5HjIarVN8wmC0RgB&id=lidar2&mcvt=1001&p=80,214,120,255&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=321644570&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704302083660&rpt=440&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 900
pix.revjet.com/interaction/ Frame E02F 43 B
169 B 12ms
12ms Ping
image/gif 167.235.39.43
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pix.revjet.com/interaction/900?__ads=901da8abbe69aed8dd59c3489689fa18&vid=5111286530577662414&__adt=8240604254626913995&__ade=1&latent=0&vis_type=8&__stamp=1704302085774
Requested by: Host: cdn.revjet.com
URL: https://cdn.revjet.com/~cdn/JS/03/elements-2.12.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.39.43 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.43.39.235.167.clients.your-server.de
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 Jan 2024 17:14:45 GMT
cache-control: no-store
content-length: 43
expires: Sat, 01 Jan 2000 12:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A35 0
20 B 50ms
49ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6899054047253&version=m202309260101&ct=77&x=1&cor=17953582728209099000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB8C 0
20 B 48ms
47ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2604413824898&version=m202309260101&ct=76&x=1&cor=12007996894803716000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame FB8C 43 B
215 B 213ms
212ms Image
image/gif 2600:1f13:800:7780:3623:fc9f:7e19:58ab
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1898970&asId=83271810-94de-ab72-22a6-88bb6e2d79f7&tv=%7Bc:g8Ff0,pingTime:1,time:2286,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:189%7D,%7Bpiv:85,vs:i,r:,t:1284%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1284,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:189,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1118~0,0~75%5D,as:%5B1118~300.600%5D%7D%7D,%7Bsl:i,t:1284,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:85,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~75%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:178,fm:u0jXRkk+11%7C12%7C13%7C14%7C15%7C16*.1898970-77442864%7C161%7C1621%7C163%7C171%7C1721%7C173,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:194,sis:325%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:3623:fc9f:7e19:58ab Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:46 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 90176.jpg
d.neoldu.com/news/ 37 KB
38 KB 18ms
17ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/90176.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f632bdfd09404dad2d5a2cb6ede78d2421bd5d99f4b2ae656411c682830aaec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 17:14:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 535299
content-length: 38250
cf-bgj: h2pri
last-modified: Thu, 28 Dec 2023 12:19:56 GMT
server: cloudflare
etag: "658d67ec-956a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDWXye8jxoU%2F2E%2BOo2JBqoYmFhBM5Lpb9XLOB1g3WCZFEn%2BpvceJ0XlD%2FHYqGUYSold7gLKEGJ6eAVSo0FNI35dFESczNe70cA14LP4ghsi1PJtXNLVSTCpK75tNwFfgWNyo7wgn5dy%2BcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83fce15238fd6ae2-FRA
expires: Fri, 27 Dec 2024 12:33:09 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 24ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8XPP9T2J47&gtm=45je3bt0v9102095739&_p=1704302082795&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1724041439.1704302083&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704302083&sct=1&seg=0&dl=https%3A%2F%2Fwww.neoldu.com%2F&dt=NeOldu.com%20%2F%20En%20%C4%B0yileri%20Listeler%20-%20Tavsiye%20ve%20%C3%96neriler%20Platformu&_s=2&tfd=6311
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8XPP9T2J47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 17:14:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.neoldu.com/	1969-12-31 23:59:59	Name: CMSesId Value: b3hce7puvrsae192f8i0p28mrb
.neoldu.com/	1970-01-21 03:01:02	Name: _ga Value: GA1.2.1724041439.1704302083
.neoldu.com/	1970-01-20 17:26:28	Name: _gid Value: GA1.2.1450443764.1704302083
.neoldu.com/	1970-01-20 17:25:02	Name: _gat_gtag_UA_97203200_1 Value: 1
.neoldu.com/	1970-01-20 17:25:02	Name: lotame_domain_check Value: neoldu.com
.criteo.com/	1970-01-21 02:46:38	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:46:38	Name: uid Value: 3e098854-08a5-45d2-a903-8fe2da5445f5
.neoldu.com/	1970-01-21 02:46:38	Name: cto_bundle Value: 9ldMvF9iSU1hbUdXOFltWTE4M3R2SW0lMkZ6bU5XOFFtdWpQZEliSHpxdGg0ZXglMkJETTJWYngzT3NmYUFiUkNKTkRZUTV5OVFPd1JNd0RUbjdPajBvSXZoOXloa1liRFUyVmd5dkxZJTJCRTVxc25PemhZU3JNeElMTjRkcjR4ZXBhMDFhTWdvNTBsMkY0OTg1czFsamlhNnUxZWNkMUElM0QlM0Q
.openx.net/	1970-01-21 02:10:38	Name: i Value: ec4956aa-465b-4040-ab8e-4e3f4ecd0495\|1704302083
.neoldu.com/	1970-01-21 02:46:38	Name: __gads Value: ID=128b9f27ac78e745:T=1704302083:RT=1704302083:S=ALNI_MZ-eBvNwVZ859KoNePKHSHp8nb_Eg
.neoldu.com/	1970-01-21 02:46:38	Name: __gpi Value: UID=00000d36461ae1cb:T=1704302083:RT=1704302083:S=ALNI_MaTL0lIuI6YmRsgFf7Z43I91Mq_Zw
.neoldu.com/	1970-01-21 03:01:02	Name: _ga_8XPP9T2J47 Value: GS1.1.1704302083.1.0.1704302083.0.0.0
.doubleclick.net/	1970-01-21 02:46:38	Name: IDE Value: AHWqTUm-B7-4cPRmhQLATx-Ekzxi-bNc59y1YamH2IbT2XdOlSE8EHl92vRjVd1f
.casalemedia.com/	1970-01-20 19:34:38	Name: CMPS Value: 5270
.casalemedia.com/	1970-01-21 02:10:38	Name: CMID Value: ZZWWA9ehKcwuP0Cp8dtxcwAA
.casalemedia.com/	1970-01-20 19:34:38	Name: CMPRO Value: 5270
.adnxs.com/	1970-01-20 19:34:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaRE)Mcm!@wnfH8K6pQK`!5=E<L5?%M74[trlXk-dieayvfB/@g1qJcl>s[-^`8Hg8%nugO%v4VB%nn'X*'ZH-
.adnxs.com/	1970-01-20 19:34:38	Name: uuid2 Value: 6463809764868992068
.doubleclick.net/	1970-01-20 21:44:14	Name: APC Value: AfxxVi4X0gh2PJjFCrE4sAMCofQc55epaG6ULwtp76bXnCU61GUHjw
.doubleclick.net/	1970-01-20 18:08:14	Name: ar_debug Value: 1
.bluekai.com/	1970-01-20 21:44:14	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:44:14	Name: bkpa Value: KJyNp1LvQY9xCKs73SlMtcCjuJ+KJWoG/WPvKFfY5cAIegITrxECkYR27h08KOMpyS7TX/HDOgPypWNVlgI+uDkyNs0goixY9m3mPNDWi6Ms2snIFlR0T/0kaN2dJmG=
.bluekai.com/	1970-01-20 21:44:14	Name: bku Value: ts6O99uVkVDlZR90
.revjet.com/	1970-01-21 03:01:02	Name: trx Value: 5111286530577662414
.revjet.com/	1970-01-20 17:26:28	Name: ads Value: 901da8abbe69aed8dd59c3489689fa18

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.revjet.com
bcp.crwdcntrl.net
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.revjet.com
cm.g.doubleclick.net
d.neoldu.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
f760f184fd6ac14ab7f382fa90256e46.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
img01.ztat.net
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pix.revjet.com
region1.google-analytics.com
s.neoldu.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.neoldu.com
142.250.186.162
162.19.138.118
167.235.39.43
168.119.0.148
172.217.18.2
172.217.23.102
172.64.151.101
172.64.152.89
18.239.18.33
185.89.210.20
192.229.233.6
2.23.197.190
2001:4860:4802:34::36
2600:1f13:800:7780:3623:fc9f:7e19:58ab
2600:9000:206f:7200:15:157b:ff80:93a1
2600:9000:223f:b200:8:48e:53c0:93a1
2606:4700:10::6816:3556
2606:4700:20::681a:628
2606:4700:20::ac43:4a79
2606:4700::6810:5514
2a00:1450:4001:801::2001
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::c
34.102.146.192
34.120.107.143
34.96.70.87
35.244.159.8
52.214.64.190
54.194.101.149
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
06224be901fb9886906d5401c2eca4467a7b102b78d4fde1468e31f974dbbec0
0ae902c2676e8ce8208278700fca8927dc77f08c801aba031342b25f7e097c14
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c885e778a37745ae3c183fbaf4b1e87b80c55a6fce5449aa4abbae65eee18c1
0cac1083f68a8fa2260865fd338d8eadf4ce0cc48417f1dab12bbadc900d5cce
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f632bdfd09404dad2d5a2cb6ede78d2421bd5d99f4b2ae656411c682830aaec
0fd3dbfbd4e59c88ab5073a45a7f31a96443db557342f6e42bd897441034ca93
1044ceea7297297b9308d3c185e12c78e00515881306e5720f820c6df247a123
1137defc8b0289e743a609d5d8e3807c2c8790b084b65dbeb7431b1f104de1d5
121eeba8bb5f858d75e2fc1d028486832d1d29c113e3555ad0ad54fda3fefe32
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17cf360bc6366de1c0dc855be430e81689ff2d3a98f8e605af9f13c07e3b33f5
1b16a5af84666feb9f8f195d3a8b74042f80439ca327b61f1c598f58072911ea
1b3af1dcf881223cd856379bf91cfb457eadb3d19700d77c2a55b6f10c44cd54
210d5609407dae7127a056a3ce413b946060d8f5d892cac87213cc6e6d1f775f
233c80e29834414f413575349c1bcd717cb7fc614ee4b78ed792dffd35fc405e
23b58e6d443aff4b3dd7cd5f34418abebe42d739bd6716479976773db44c3f41
27a1bd0c8558ae99e84600f9496e5d1785ca45b3867d1a72ce135fefb154ebc4
2becd7129f7065c8c57bf8f4b264cd76925f468384861d218b3d5a7936076723
2cc4f6449763c89371c9e72486bdd97ab2024d7b763b89512e72bf399c88a3e3
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3337f150c61ee89be64e0892af2b0fe002913d34d238fb942a991aa083750f17
3657b685752384c6278d3b65757b74cc5dd1d48e27f27b222c926923586d7d05
38ce282c141a9ec6ef508d7d442f8ad3d768cfd5a61cd28a255f38cbfa0249bf
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39352d5c00d932ff29e2857d2211717a0d38c55812bccd7e4db7a2a939c09ec5
3a4ab387a8bff4052837f004ea8c973a4891d6b3ec260989b6c4d7be8d20bf0f
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44d64d3e39a615a82f4cda7f2430b203eb4b182916434d8724ab03e9f1820ea5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4736b2c14b2e33beda655ca3fd1733fd10d72626ab276af206f5bcb06c1e7f80
489c8bd821038a9ce8f643de824f6a507c68e3a4e024fb56209d7b9464134036
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba7441454b993f6dc09527c8a03ab527e59496d04796dec6f7189208bd315b6
4d330637bd9accfa208a8bf1c7e2f56c872223cdadf3214876b98cb53af84ecd
4e0903de78ea8971fdf6a9dc18f63015245d450577829138abf0edd423bd26d0
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
56f25533b8ea6874f010eb489df9136ba79b15cb5a995e9b39a8b9a1966a3b0b
5bee63950f57ab4431465af684c98ebfea4ed8db873cc77278799f31a751e78f
5d89b3e9d55dfcce9b0a0b13b004d2433f4ab1c099d8f353575be57e538d0c8c
619be5487ecfb7b504f7147528a2c5f336297daff6a05d3c145f166fd3565ca7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63f7be1d0a480f22ca23ca1a147f759d5199f5a16ad731633cd3aa81f857ec5c
64459a7d59a485cd4c32b7102551fc11e0e71a433ec267c3e9176f595629cf76
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
66b4266f91d93d88e60c1feeb8a05c6ff94f8a04bc177db6765be9aeb47d1209
66ff6f11e4caac84a153c061bfed9d920bbae5a85df1423fa7fbfd62eef850b0
67ca4763243c8132c0720a6677c1e7dba0a6c459bed84d086d78533d73efc014
6a96450725a3bd73c1aca9f89def8deca91d24ea284e12d90fe228d5d7984b9b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7416c9352e4b00c83f1dcf6964c89586d517e10fe4806a9da14abd0af76f35
701916d6a04f89dbdb7bf4273fdfde4a35c12090bed9f4cdef4dcef938771119
70857504e246762877461c8aa20de02df0d734bb0ad14dde07cb0e02cff8fb91
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71afeaa2f8371d9b3f97e6a91b94b72b2eec42d37886a88207943877051187b7
7416cbeb64b23f259e5371f20f37151d013beb0a5b42f0b22c20a5e3eb4eb3b0
885c6b0b1d8a8f4508e924b7a6e8b7a95533201420bee1b72f0e5cea97d7d510
887f2b8672f7ad52334707edae182c6f796b6e8bdab40319f63ec2102452bc95
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8c621036064bb1fa56e52de72c4cfc8bdf434b0e0d7b7570b6df9c32b666eb36
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8dbcdb7efb1c3ceccde4dec40c04a14fda79fe5e33c0db39eb74053aabb2e8f3
8e30946cb86de04bf46ad1254e7811d6d919b4014309e4a58f046ca287b41b22
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9d1cfbd7ae18df9c9209bb170d4afb2da336b7e44edba6e0c5fd74d24dc668
92bd46acedcdb9f7c7ef7b5ddbb4cb6a57fd9477d5de057d3c6e4493150f6f7a
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
988d25d0fc5100d78313270475f9efa16a357bfa2ff48f4c61e87fe3cc0a6617
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9cce030a4fc657f68dd96791a44c290b586902e72aabc394c0c4d49a2b2bcb38
9fa54ab76eba77a3dcd2d8ee1c407b3718e2408ca71956dd37628fc376344f7e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a085e24c3848488e2d3d85c33d8de768e4e81ebc02719c2ab8d4d976f0f5febf
a170c28519ab163347c5f2148e7f71f9a93f933696e6458ab2760c117d7dd8e0
a35e5c1b2d49ec29744142ee8c59bd18c961575bf232f8237b6f62616d464975
a522bfb9539053e6bcb4a0f8ccf2800067162cbba3c01d51846562939ce79be4
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a77871a2d0c71a16aecadd8cd2f9934d2cabef8fc089f3978a75dedc66943cc5
a7e084b540e1faf3f5f07e79f416fd6797c5f2b3e80209d510218d5c1f9b4da4
a9a2c6761749c7e1c88d37fd5d6ed99bb77ee5833f32c10172207c55c9760b7a
ab99bbedd7d7c5b9437b85c209aaceadd13ccad4ed4b7f1d31689e7f7a72c32a
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b139d97a9012d835c86920887e867490265c309ae069a99e595fa697fb56e82e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b37e9c5a2b4c1ba0a890695dfca1babbb47bef8ddefacc5c966a604fdec2f6c0
b586d78bb34e8b3b0ce47419d51b4cc6b915a148273ea17baa7c66a6bfeb41cb
b6b7a983c66254302d022a449332d3ec862ae537f22860dfddf1643f6c06bfeb
bbaa8ef0c6968f0b1af48aca93d91795139d835ac541570a58bf56d4e60aabce
bc2fb5b1136bd0300d9d8c648f78f8efcdf7d312082c13374f5ecbf4220bd076
bc6e1b90fa8967d5e7f353159295988e38036e4750ee7400dd7f77facffe2d8b
bd29d64976cf24d279d394f90e21ae38920273c4e7fb172f846238d4758294d8
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf3b707ab259d7927864439589cca26345f6bf848a9db118ab37c18533ec75f0
bfaaacb3d9c8d39fe4e356ec199f8977f9afee58e7daf1164b307f93fd90e1c8
c2754c8058fdfdf9c8aef009eb9b3c25b93aeab0c7a0cbe5a4be020620ee4966
c2945bca5886e0fb3a656699e7d69fd4f84b189d34f47c2ae8a55476c44abaf1
c4d0670c9223b881aef9756ff0b8d9a407ddf23ed6486f3e15bd76bc9f894eef
c65df2e1f238caeb22b2db1f3e3ca029f2b308b3a4e6f988c5ac676154f13c80
c707d5798e40035ef5aa307db04e295703514d654b1e65fa62b04492c687c255
c94d01da35ffb87b034d4d7e2994b1eb07b71eafbf6f0211737916ad557f7247
cb2c75caceae4b8904d423d292cd107cc2a844c4249ca53b82c57ed67d72164e
cb97cba3bfeb396106f589d9f3d996acbf9fcfcc4690a0e98926da9f400887e5
cc81b2a3f6d2a76a6019c848712b31233a157bf11fbb4b24600fc9070c7d367f
cccd1dba2361724375bfe0cc75deac06ac94758f9ee3b39b3572a92e91120e8b
cd27758f6d9270a67e7e702e77579eede59da9c6db2873ea56370f1196902078
cdf2ebd796ac6537d97c4cca1b9723122bea6253736f35617aabec4a223274a8
ce6b01b52ec61baee536b101ee90779a46a8e6bf86ed0b8212bb93a55a2dd8b7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d144365863e6bb29da96e647c672152326639ed4bad9f7f4092eeb3698eba532
d23c35a9b9e47b1d001695eff256f1f2ffb3f29685ec895043a7545c3ddb683d
d2673c61130c81b9b52f3e3d698e40da07918eb8bf8c35aecad5ca5f5c437eba
d32fbd266df9fc490b6f80b1e9573fdd18e7ca4bab89b66cbb7b0e1157840690
d4148b88bab24fdc5ab6b4f4ec0baf0ad091f6b7427d5c436c4b80b98c0bace0
db62221e4ce05a6c6572787b9498a0b38ba0b1cd2e84e8c83b22803a4a9c5601
dce3111ede9ead68dbb0c6343255a1cc111060d98da86a7e96e0fa8510bb1a02
ddbe8d2cdd16160c193b1b1e81cbf7a2a24b8dfd0a1ce16b270c588ef2d2aae0
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a9242607c54fc131fc4a23c316a90282df4469326211d2b974103ee62fb5bf
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e92827b8239b59fd6efabd8dbedfa65f9926d599fa42989b7fd5b4bdcfde899d
ea808dabbaba0b295d7a7bce33fdee9471a84ef352c6769b97cd27b41be66d5e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0252ba8694b474f3b887ffe91c07341280451a177944d79ff2a94d877a07d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f071ebef2e1abf8e07b217c7cb3c4fc4a91915cbe8488bad8272057e43e19a57
f20f208397ed58df9a3c6d5b004bddbcc376e745e686e661aa47bcf9674bd142
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

www.neoldu.com Open in urlscan Pro 2606:4700:20::681a:628 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

93 %HTTPS

55 %IPv6

25 Domains

43 Subdomains

41 IPs

5 Countries

3172 kBTransfer

5986 kBSize

25 Cookies

2 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.neoldu.com Open in urlscan Pro
2606:4700:20::681a:628 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

93 %
HTTPS

55 %
IPv6

25
Domains

43
Subdomains

41
IPs

5
Countries

3172 kB
Transfer

5986 kB
Size

25
Cookies

184 HTTP transactions
2 data transactions