www.neoldu.com Open in urlscan Pro
2606:4700:20::681a:628 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://neoldu.com/
Effective URL:
https://www.neoldu.com/
Submission Tags: analytics-framework
Submission: On April 22 via api (April 22nd 2023, 5:35:32 am UTC) from US — Scanned from DE

Summary HTTP 218 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 25 domains to perform 218 HTTP transactions. The main IP is 2606:4700:20::681a:628, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.neoldu.com. The Cisco Umbrella rank of the primary domain is 153995.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2023. Valid for: 3 months.

This is the only time www.neoldu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 63	2606:4700:20:... 2606:4700:20::681a:628	13335 (CLOUDFLAR...) (CLOUDFLARENET)
31	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
17	185.7.176.221 185.7.176.221	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
1	2606:4700:20:... 2606:4700:20::ac43:4a79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
4 9	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	85.111.6.48 85.111.6.48	9121 (TTNET) (TTNET)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.102.243.38 34.102.243.38	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8 16	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
14	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	52.46.130.91 52.46.130.91	() ()
7 9	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:bc92:520b:1528:ac03	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.122.74 52.95.122.74	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
218	37

63 2606:4700:20::681a:628 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.7.176.221 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)

static.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.imgiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ng2.virgul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4a79 (United States)

ASN13335 (CLOUDFLARENET, US)

s.neoldu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.253 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.90 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.111.6.48 (Turkey)

ASN9121 (TTNET, TR)
PTR: ns2.ttidc.com.tr

cpm.programattik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.130.91 (None, ) 2 redirects

ASN- ()

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.165 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:bc92:520b:1528:ac03 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.122.74 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	neoldu.com 1 redirects neoldu.com — Cisco Umbrella Rank: 138541 www.neoldu.com — Cisco Umbrella Rank: 153995 s.neoldu.com d.neoldu.com	743 KB
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	441 KB
26	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	239 KB
15	virgul.com static.virgul.com — Cisco Umbrella Rank: 67733 ng.virgul.com — Cisco Umbrella Rank: 56336 ng2.virgul.com — Cisco Umbrella Rank: 62599	222 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	595 KB
12	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 677 eus.rubiconproject.com — Cisco Umbrella Rank: 798 pixel.rubiconproject.com — Cisco Umbrella Rank: 447 token.rubiconproject.com — Cisco Umbrella Rank: 795	15 KB
11	gstatic.com fonts.gstatic.com	317 KB
10	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 acdn.adnxs.com — Cisco Umbrella Rank: 806	35 KB
9	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 361 s.amazon-adsystem.com aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994	63 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	6 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 130 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2078 www.google.com — Cisco Umbrella Rank: 16	90 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 imasdk.googleapis.com — Cisco Umbrella Rank: 520	127 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	20 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	654 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	98 KB
2	imgiz.com c1.imgiz.com — Cisco Umbrella Rank: 110415	131 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3716	1 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2474	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	127 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 733	649 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	620 B
1	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 2866	257 B
1	programattik.com cpm.programattik.com — Cisco Umbrella Rank: 64006	146 B
1	pghub.io pghub.io — Cisco Umbrella Rank: 2795	5 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5261	531 B
218	25

	Domain	Requested by
45	d.neoldu.com	www.neoldu.com
31	pagead2.googlesyndication.com	www.neoldu.com pagead2.googlesyndication.com 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
17	s.neoldu.com	www.neoldu.com s.neoldu.com
14	s0.2mdn.net	www.neoldu.com s0.2mdn.net 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
13	tpc.googlesyndication.com	1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
12	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
11	fonts.gstatic.com	fonts.googleapis.com
9	ib.adnxs.com	4 redirects static.virgul.com googleads.g.doubleclick.net acdn.adnxs.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
7	static.virgul.com	www.neoldu.com static.virgul.com
6	ng.virgul.com	static.virgul.com www.neoldu.com
5	pixel.rubiconproject.com	3 redirects
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
4	token.rubiconproject.com	4 redirects
4	googleads4.g.doubleclick.net	www.neoldu.com
4	fonts.googleapis.com	www.neoldu.com s0.2mdn.net
4	securepubads.g.doubleclick.net	www.neoldu.com securepubads.g.doubleclick.net
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	static.virgul.com c.amazon-adsystem.com
2	eus.rubiconproject.com	static.virgul.com eus.rubiconproject.com
2	match.adsrvr.org	static.virgul.com
2	ng2.virgul.com	www.neoldu.com
2	www.googletagservices.com	1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
2	c1.imgiz.com	static.virgul.com c1.imgiz.com
2	adx.adform.net	static.virgul.com
2	script.4dex.io	static.virgul.com script.4dex.io
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.neoldu.com www.googletagmanager.com
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	acdn.adnxs.com	static.virgul.com
1	www.google.com	tpc.googlesyndication.com
1	imasdk.googleapis.com	c1.imgiz.com
1	pandg.tapad.com	pghub.io
1	fastlane.rubiconproject.com	static.virgul.com
1	cpm.programattik.com	static.virgul.com
1	pghub.io	static.virgul.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.neoldu.com
1	neoldu.com	1 redirects
218	46

This site contains links to these domains. Also see Links.

Domain
doviz.neoldu.com
www.instagram.com
twitter.com
www.facebook.com
www.cmbilisim.com

Subject Issuer	Validity	Valid
*.neoldu.com GTS CA 1P5	`2023-04-03` - `2023-07-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.virgul.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-24` - `2023-09-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-08`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.programattik.com GeoTrust RSA CA 2018	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.imgiz.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-27` - `2023-09-09`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.neoldu.com/
Frame ID: 9E675590FA5D27BE7275CCBEE636ED88
Requests: 122 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 8D2E8ED02EE077C86653E0FB007D4D8D
Requests: 1 HTTP requests in this frame

Frame: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Frame ID: E92E8C74EAD6933A8ED343CBD8DF7BC7
Requests: 1 HTTP requests in this frame

Frame: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F10A92D10E02CCD8C4CE3156CEE72632
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fwww.neoldu.com%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D
Frame ID: 83181418D6445DA6BEBB94C2444B0B48
Requests: 1 HTTP requests in this frame

Frame: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23D6373BB97662987ECC1444F3CFB324
Requests: 21 HTTP requests in this frame

Frame: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C2BF37F2899152F17BCAD6A0DC89A13F
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNUuUiBK13kmzPCcwpaGiMaxaWzu_5-gcw3VT4NzKy9JYQJR3fEw2iO6i8GB7Ru8feoWQ3_O0KPBQcx-EQinXLPvCvGksBulVM6YpoN_N8RMCQ0S2pFPDmHfalXwX2b2CqWFnt34_m9ne7DUL8p6KE7PDQlkrqGTG3VhiBycucbmLGI562A
Frame ID: 7A75AC15F97BC539158FA409F68F5749
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNXofm6PJhMQZ9Gb6AMAVB-PJm8l67zuc1uoMv2ec-l_szCDK7Ed4H5wzMmt19BTQN9YV9dFGPGIGBEYuMRDWmDNc5pDL4e2DsUlZddKYIm1Wv5JUGJnXg3QuOGalLYL8mQrZ8FOgLNwbXNPy-QJBePcjsEbYq9tm72gznrNOGSkyv7va5o
Frame ID: BB965BA1DBA09EFEABD5A27D3CC0BAEF
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5ED7B4F395E69F65F3A6ECDCEB410B9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
Frame ID: 9594DF1BFF1D3E460DE603F4C9E3C270
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 33C6A1678AF421B98047681991533986
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
Frame ID: A2CED4D674AE9E1680B3BA9C7A10613C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 8545CF631C7100E1DB7E92F0895C2324
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: E3068E5A7EB23295854AF4E48011D1B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A7058CE6119504F938F792643638DC7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38B3AEFA5CEFC04DE0C9C666A5E6B9F7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6B2C8579138665AEC319C3B4BA81DC0C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8AC2E689C7BA0DC15B1CBD7F52A53A09
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NeOldu.com / Sosyal İçerik ve Tavsiye Platformu

Page URL History Show full URLs

https://neoldu.com/ HTTP 301
https://www.neoldu.com/ Page URL

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

218
Requests

93 %
HTTPS

59 %
IPv6

25
Domains

46
Subdomains

37
IPs

8
Countries

3286 kB
Transfer

7426 kB
Size

28
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://doviz.neoldu.com/
Title: DÖVİZ

Search URL Search Domain Scan URL

URL: https://www.instagram.com/neolduhaber/

Search URL Search Domain Scan URL

URL: https://twitter.com/neolduhaber

Search URL Search Domain Scan URL

URL: https://www.facebook.com/neolducom

Search URL Search Domain Scan URL

URL: http://www.cmbilisim.com/haber-portali-20s.htm
Title: Haber Scripti

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://neoldu.com/ HTTP 301
https://www.neoldu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

Request Chain 132

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENyH7X-F-Nuc1VdfddzTgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1

Request Chain 134

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzMzU3OTU5OTA5NjIzMDkwMw%3D%3D

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

Request Chain 136

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENyH7X-F-Nuc1VdfddzTgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1

Request Chain 138

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0NDkwOTY1ODY1ODk2MjY4NA%3D%3D

Request Chain 210

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lKnxaG7mTByC2prrp_FNxw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lKnxaG7mTByC2prrp_FNxw

Request Chain 211

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/w6hmmFxHDBPKs-Pmi_GsKcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fbCjFvtE2oJuATgnX7TBdNrXbiZ4SefEDSHKRA--~A

Request Chain 212

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU0YzRkZjY2YzY5NWJhYTBjYjgzMDMzMjBkMzE4YWM3NWJkOWRlMA&us_privacy=1---

Request Chain 213

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdSSlIzS0YtMTktMUxDNQ==&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECIBul-Al-teyfST2t4hSl4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSSlIzS0YtMTktMUxDNQ==&google_push=

Request Chain 214

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uT8WYiRhSNmV2z1Mg5gyMQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uT8WYiRhSNmV2z1Mg5gyMQ

Request Chain 215

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGRJR3KF-19-1LC5&us_privacy=1---

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJCybRYcMomzRIa-dk9T18Q&google_cver=1

218 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.neoldu.com/
Redirect Chain

https://neoldu.com/
https://www.neoldu.com/

58 KB
14 KB

117ms
96ms

Document
text/html

2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4fb86cb9b97c6dfafdcbaa990b79dd5952613799ea5838a6f720289c094112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
cf-cache-status: DYNAMIC
cf-ray: 7bbb80dd5bc2bbe3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 22 Apr 2023 05:35:26 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X3FdegVOnGzg%2FRT9FClHsCchQKVLLwIhKfyANOM6eJcONfjnk8BbDhaAr1%2Bp4%2FaWP%2BiUJVdCyTNB7nAj9hVF75IWcrsRW9RaNndA57zaINmZ8%2BPZg8qtI5a%2BxYq%2Fpgwg8FP1CKP8VmyLUEfi"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding

Redirect headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7bbb80db6996bbe3-FRA
content-type: text/html
date: Sat, 22 Apr 2023 05:35:26 GMT
location: https://www.neoldu.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2keo5f0MjOpwPp9rDZUqKl3tisz7xQFljc5PmTBWx9mA8xrr%2BiIl27CUf4%2FVx09m%2BA%2BePcPcWeIo5T8HLxCZ3ak0jogoLWmcmsuzsScvuUv2WzDz%2BNE%2BNHunGUTaRPkJktfh6gSA5SI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
50 KB 168ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8203385927523536

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4169599c22d0e443c36a20c80cdbd56c314bcd84802f90f638e4c8e820f283f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50264
x-xss-protection: 0
server: cafe
etag: 17179925029788139321
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 200ms
100ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a740b611a45258b64c1c6b44a4a3005ca696e7fd1ff571c46fe06b5ea833624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25055
x-xss-protection: 0
server: cafe
etag: 273 / 19469 / m202304180101 / config-hash: 6342739278968460252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 146ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97203200-1

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1dabfbfc921009aa403677a1512c042e21418e7368d97013f4f1272fdb2041c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45082
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 style.css
s.neoldu.com/ 143 KB
28 KB 38ms
20ms Stylesheet
text/css 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.neoldu.com/style.css?230317.css
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0903de78ea8971fdf6a9dc18f63015245d450577829138abf0edd423bd26d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3098529
content-length: 28126
last-modified: Fri, 17 Mar 2023 05:47:47 GMT
server: cloudflare
etag: "6413ff03-6dde"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2XwpPKVQWybL074EcBLmdR2FIqTaFbhek3StfoVxSHjaQpsrASuLkpmduzPuLQvWufj0n8ELMyNYnetGjcKqKEPrBy4bdwRagtD12tVMVZGfuYYxY3g5dSUj4fsxX9iXX8ecV%2BWg%2F08CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de1c8fbbe3-FRA
expires: Sat, 16 Mar 2024 08:53:17 GMT

GET
H2 200 logo.svg
s.neoldu.com/i/ 4 KB
2 KB 20ms
18ms Image
image/svg+xml 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/logo.svg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd3dbfbd4e59c88ab5073a45a7f31a96443db557342f6e42bd897441034ca93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 21 Jul 2021 05:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6662873
etag: W/"60f7b6b2-e48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RnjoZPMGPgJ9A07xSXNT3QEBr8WHgiddZXE2J2PU1gveCbjkhcsQN2YcDajWzZbxP%2F9wW9oxWpuT6e7hMBzcthZFg5yaohTjF%2Fbnxlch7B859noOqB74OVYbjU46rbymDWngXSOzokL%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7bbb80de4cd0bbe3-FRA
expires: Sun, 04 Feb 2024 02:47:33 GMT

GET
H2 200 86141.jpg
d.neoldu.com/news/ 30 KB
31 KB 43ms
32ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/86141.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ab5250bf9b1da5eabd02999fd5e9eecf0bd7418d24e3677ebef8daf99e33322

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6684232
content-length: 31136
cf-bgj: h2pri
last-modified: Tue, 03 Jan 2023 13:38:00 GMT
server: cloudflare
etag: "63b42fb8-79a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak8p7dlOjTV08%2FjdUuX80YcbBRoqzLrMKBVKitImW9EffY37p28JFsP1K8itVxDUQL99QQ2fhVMHU9RkEiJu8kxiiJ50wYFfT2pTIP2zSqN3Fh62PlYibdOxem9owTyVCrxK7Glh6CtgYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de5cecbbe3-FRA
expires: Sat, 03 Feb 2024 20:51:34 GMT

GET
H2 200 82002.jpg
d.neoldu.com/news/ 61 KB
61 KB 31ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/82002.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66ba1e911e11afe7dc1f9aa5b3cb944261e7a7db22c06fe8ff391123f6aaed2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340103
content-length: 61974
cf-bgj: h2pri
last-modified: Wed, 29 Dec 2021 11:44:06 GMT
server: cloudflare
etag: "61cc4a06-f216"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laksLooWd%2BWCrQHnaawvBeVIlACIw1b%2FG%2BkJ5BEERVAkSb%2FOsX8pb2c7kC1ZhxBPPSqWV%2F1vneP0%2B6Lorrs0UzPk2h6v63crTEkLSs%2Fa9kZyApEIsvF5Zu9qjjF4ZVd3e%2BSQstLksbxQsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de5cedbbe3-FRA
expires: Wed, 17 Apr 2024 07:07:03 GMT

GET
H2 200 85767.jpg
d.neoldu.com/news/ 22 KB
22 KB 43ms
32ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/85767.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875ca4905886a4624b06b39f62ab571328ebb52a3ebe245a02559b58fffdd030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 388041
content-length: 22550
cf-bgj: h2pri
last-modified: Wed, 14 Dec 2022 14:15:41 GMT
server: cloudflare
etag: "6399da8d-5816"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3bDZ17NB5r1F%2Fv77h4pQXEeix8fp26qrVCDN4XT5%2BrWoLEtMCE8MGYHmcAw%2FCy4IXWsW0QRAWSv1nuaRY58q%2BuzPEqxA7W2GaTZLmR96P39yOvXhJ1OagmztS%2BmZ5tBs3qjSmSEJUFXrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de5cebbbe3-FRA
expires: Tue, 16 Apr 2024 17:48:05 GMT

GET
H2 200 79824.jpg
d.neoldu.com/news/ 19 KB
19 KB 42ms
31ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/79824.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ade426e3163096a165233835a791fca9c1b7df5a2e57a717512564085e17a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340102
content-length: 19096
cf-bgj: h2pri
last-modified: Sun, 26 Sep 2021 12:44:40 GMT
server: cloudflare
etag: "61506b38-4a98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqUNez8VsGleZUFx1sKap8XK%2BVcOgyHRjsCzJrrXan2ABtyVtlgI1RWzNaUJS9%2BO9%2FCHcQmkZvhCKW8gpCFJYuinF%2Fw2dctbn2jnedSs2Ty8nrb%2BuKe38SIf7e%2BEfiKyGrOkC5JG4Yv8WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de5ce9bbe3-FRA
expires: Wed, 17 Apr 2024 07:07:04 GMT

GET
H2 200 81323.jpg
d.neoldu.com/news/ 12 KB
12 KB 40ms
29ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/81323.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b21c27a05f4fd46c9e98efa3cf7b0253dd317ce5fe94522dbc6ef539020be8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340103
content-length: 11808
cf-bgj: h2pri
last-modified: Sat, 27 Nov 2021 10:12:02 GMT
server: cloudflare
etag: "61a20472-2e20"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kSVXufpfU4fwxzvkq89nI32F37MDL%2F9DDvuk%2Bjhxb1KrAlzkmsPeFVEBD9sPNUVDZzZpfa6VeRLaAtFqTFTnkS5Yuz3Y0aZFRkkiwEsA5mTyRAt3H5WW%2BqHEmU%2FBeeLPRn%2BA68oR4l7YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de5ce8bbe3-FRA
expires: Wed, 17 Apr 2024 07:07:03 GMT

GET
H2 200 80034.jpg
d.neoldu.com/news/ 45 KB
45 KB 31ms
31ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/80034.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8343f1e2b72304b989d03b348058acf35ebcff6f0df2751df7cfcd09d5ec101f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 338468
content-length: 46164
cf-bgj: h2pri
last-modified: Wed, 06 Oct 2021 12:52:49 GMT
server: cloudflare
etag: "615d9c21-b454"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHHBBSkvWEWVuxT2KKczB8oEy0bSKbahjecq5gCm3jasy%2FNGDATcHeuqXfN%2FRYwk6ik65sKjeyEVuE5u9ov8pQKsoNcSp7BP65jwFgevWDjcCBgwMdc1ESJBg0y6fxTlmgh%2BL5DGw4Luow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de6d02bbe3-FRA
expires: Wed, 17 Apr 2024 07:34:18 GMT

GET
H2 200 661.jpg
d.neoldu.com/member/ 10 KB
11 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/661.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77871a2d0c71a16aecadd8cd2f9934d2cabef8fc089f3978a75dedc66943cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 10395
cf-bgj: h2pri
last-modified: Wed, 25 Aug 2021 11:23:30 GMT
server: cloudflare
etag: "61262832-289b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2uskJm%2BM3q5RbRWbNjcebSpqwq%2FM74UU8jmPORLAyNXc6S1B2TEzeRJu6zWIhTmUvxdVTB96xEg73mH9nNCeZGb3sJTysi2nLgxjLEd5rJbKNg50F0QPcq4BEcMutngUb%2BoPCpmP5%2B5gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d21bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 674.jpg
d.neoldu.com/member/ 8 KB
9 KB 27ms
27ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/674.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf2ebd796ac6537d97c4cca1b9723122bea6253736f35617aabec4a223274a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 8556
cf-bgj: h2pri
last-modified: Mon, 30 Aug 2021 13:39:49 GMT
server: cloudflare
etag: "612cdfa5-216c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gc7zWwSEifxDIhk5ydzTTC6PrrDr47k7qPAmD0VOZqAKpddawqPtcGo8%2BdMV4xwLFBa1zOoHzo%2B729u%2BFjljrlC6lXuqNHpfTUbojy0AUSi3GcKrU8GTsilHt%2BGgqVxyZ4gdG5%2FW1DoVww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de9d40bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 663.jpg
d.neoldu.com/member/ 8 KB
8 KB 20ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/663.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea808dabbaba0b295d7a7bce33fdee9471a84ef352c6769b97cd27b41be66d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 7884
cf-bgj: h2pri
last-modified: Tue, 31 Aug 2021 10:39:27 GMT
server: cloudflare
etag: "612e06df-1ecc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJLNrwMuASAbGh32DZ%2BnhGzPgSdjU4COPKO2rWLEYtqo%2FYXECE%2F9ofoM3Q1ZSOvdvmOdC5iIQOqRxqp4uzXCiaY4eO24ELGf6I7FTN%2BJeuphC6EAa2me0qcoHVaNWjyQfkv1biYb88peoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80dead46bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 660.jpg
d.neoldu.com/member/ 9 KB
9 KB 21ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/660.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd29d64976cf24d279d394f90e21ae38920273c4e7fb172f846238d4758294d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 346882
content-length: 9136
cf-bgj: h2pri
last-modified: Wed, 25 Aug 2021 11:21:32 GMT
server: cloudflare
etag: "612627bc-23b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwCJSETfKjv0QQBvQPzAQLe4MaZfwEG%2FyJoynIK1ekr3kATRx71DsjjroZeQSpWwd8fkykFWyCdyHwco2L9bscUNKWGGkSr%2BR8aL%2F2%2FqEr2f0e1ocRewysK53Ljz16%2BbUShfgmV%2BJkLkHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80dead47bbe3-FRA
expires: Wed, 17 Apr 2024 05:14:04 GMT

GET
H2 200 859.jpg
d.neoldu.com/member/ 23 KB
23 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/member/859.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35e5c1b2d49ec29744142ee8c59bd18c961575bf232f8237b6f62616d464975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 23174
cf-bgj: h2pri
last-modified: Fri, 18 Mar 2022 10:17:21 GMT
server: cloudflare
etag: "62345c31-5a86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygkCjmu9e5cG59rXCNUXLjhIIcO0AP%2B5e6rtcVywcTXlII2aF0NcO%2FRuerkxuOlxmFKUfHnBoubv6a49pjdRrblUvAn8xf1DEMxyzM31IFCxv1NNJs04Demj4y31XJzTDq9KGauorKsfzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80dead48bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 1x1.gif
s.neoldu.com/i/ 43 B
511 B 22ms
21ms Image
image/gif 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/1x1.gif
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6672437
content-length: 43
last-modified: Sat, 18 Apr 2015 02:03:28 GMT
server: cloudflare
etag: "5531bb70-2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bov2m%2B0Pj4dbV%2F%2B0rP%2FxnZ%2BHuKZ71vAzB1D3rsXYAKLYXSxvEqChjImIIRvV4gViO%2BJguzKepDC0N778C74P%2Bo57yZKp6mVhzjKpqeCPV%2BPIsx3KuhyXx65rq7I6RGTbwjGRp4HdTG3Mog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de7d10bbe3-FRA
expires: Sun, 04 Feb 2024 00:08:09 GMT

GET
H2 200 function.js Show response
s.neoldu.com/ 211 KB
69 KB 23ms
21ms Script
application/javascript 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.neoldu.com/function.js?200930.js
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc81b2a3f6d2a76a6019c848712b31233a157bf11fbb4b24600fc9070c7d367f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3098529
content-length: 70569
last-modified: Fri, 17 Mar 2023 05:47:38 GMT
server: cloudflare
etag: "6413fefa-113a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FczD0IT3rte8UIRqwUEN%2BCkLirqAQ7RdBvZEP92aaPRGVNA6CJ1RarikCLFWCjnbAgpACFZc7U6A2C42DZmPAJWIFD6ZSU8H5Y1GTK9s%2BFL3RnRhTD3dAd4563bjslx%2F9amVValVaY60HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de4ccdbbe3-FRA
expires: Sat, 16 Mar 2024 08:53:17 GMT

GET
H2 200 outside.js Show response
static.virgul.com/theme/mockups/adcode/ 74 KB
26 KB 226ms
46ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:37:30 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200

GET
H2 200 base-outer-bck.png
s.neoldu.com/i/ 109 B
470 B 25ms
25ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/base-outer-bck.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbcdb7efb1c3ceccde4dec40c04a14fda79fe5e33c0db39eb74053aabb2e8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6682219
content-length: 109
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6iQwNXIgZYDsMYJYEf8uVAIzssvwSZ8OgIytmo%2FipWvskcXewGB3rNakiLUyd8caJx26H9U%2Bmjpe8ddw0DGsMg5cShwp2%2F8cCLQDcsOOmLXwv3yc%2F%2FB4cR8ME87%2FZArkr94iqazMwKBqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de5cd7bbe3-FRA
expires: Sat, 03 Feb 2024 21:25:07 GMT

GET
H2 200 21.png
s.neoldu.com/i/emoji/ 6 KB
6 KB 24ms
23ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/21.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34a0aac1b882ba83f81bdc47d986abb8997184daee7c170f63a57f13655666ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6634841
content-length: 6141
last-modified: Thu, 22 Nov 2018 16:35:35 GMT
server: cloudflare
etag: "5bf6dad7-17fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tvzdtm7YQL7g4zUyBjdDAyrr9Wdu6sP8obxNj2yalzaSGvI2kra4qdl56Vj0St6Nm%2F3AK1hoAC39xqohrNXWz1MyeKJT6NE%2BTahR3ewRjflmXChViXSweenuzSocwQBhtHxb%2FPsjLNuygg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d23bbe3-FRA
expires: Sun, 04 Feb 2024 10:34:45 GMT

GET
H2 200 20.png
s.neoldu.com/i/emoji/ 6 KB
6 KB 23ms
22ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/20.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76867b3f148c7af846482f837830549d430d1bf31f29a66ef239b79e4604090c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641799
content-length: 6138
last-modified: Thu, 22 Nov 2018 16:35:35 GMT
server: cloudflare
etag: "5bf6dad7-17fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHUVMyYHq36sctNEWSvfe320PnYl8t%2By%2Fy4NJjjOB6dIfgfg%2BTY6cNS%2FzKVaLdi2BlErHwRQ2DuueT5cEBNDbkKJHxXx2D5ql19KsOW%2BbeJypRL%2B1cOOORkxNG2zBvstTDOXWrRZT1OdrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d25bbe3-FRA
expires: Sun, 04 Feb 2024 08:38:47 GMT

GET
H2 200 7.png
s.neoldu.com/i/emoji/ 6 KB
7 KB 20ms
19ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/7.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e78436512d3969dbd84e01c3253b0262b1e7e6fcbec0f7c9c2896e9dcb75466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2578017
content-length: 6593
last-modified: Thu, 22 Nov 2018 16:35:36 GMT
server: cloudflare
etag: "5bf6dad8-19c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECMWr0diAi0xwY4tNl2A7Q1iQ7tMOtwm7a1XmzUkZA5%2BSb2omLnhoAhvYpTdgi%2Fz%2F6rMQbkNPo1loOcD4EEIwdr0WViXGie0gRsm54D09EbGG0iedxWTxTGVAkE8Y3fdvxiy9efGIesIgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d27bbe3-FRA
expires: Fri, 22 Mar 2024 09:28:29 GMT

GET
H2 200 89.png
s.neoldu.com/i/emoji/ 6 KB
7 KB 23ms
21ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/89.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dce53542d32f32ba56c695b156e844916a71f73a7a824613edbd3de95015363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 6456
last-modified: Thu, 22 Nov 2018 16:35:36 GMT
server: cloudflare
etag: "5bf6dad8-1938"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45qb0BAHcMaG6vud08FJFAIWpaXj0UWweG8fEIqBTSkfSVTmiPoCOQ97f8kswN7GrpP%2FSRurJRRkoUzafUolWYjruNJiEcPbnNiPuLDL6%2BMKddAD%2FP6XrS8Bs5d85Lusl%2BNNaBlat8lKMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d28bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 5.png
s.neoldu.com/i/emoji/ 7 KB
7 KB 20ms
19ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/5.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359ff5ffdf78b3e3f761dc984cd8c84556f857306341fe22c1a963179efa0959

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6662873
content-length: 6702
last-modified: Thu, 22 Nov 2018 16:35:36 GMT
server: cloudflare
etag: "5bf6dad8-1a2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm%2FNZGna983PMUFCGc14ZXPWnRYt3BAUO5ImbY1BHTsku2FSUwXODK4Gq83uocTI1%2FGkbUZ0nUZFKMgBmlseY8sk82sus5hMY0LtA6ekGgaPkG5tUMHFcxTebFxxZch%2Br%2FKFzPthdrsQmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d29bbe3-FRA
expires: Sun, 04 Feb 2024 02:47:33 GMT

GET
H2 200 43.png
s.neoldu.com/i/emoji/ 6 KB
7 KB 21ms
20ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/43.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095ba29495364b521a5fab114a388f194f4b050d97498e717583d5d37d93d36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4811556
content-length: 6413
last-modified: Thu, 22 Nov 2018 16:35:36 GMT
server: cloudflare
etag: "5bf6dad8-190d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEpFXkdFUWbdTZQ2r%2Fe3Zn%2FLS%2BJk%2Byhp06q8WyoK63uodECHStMmf8cnngyzfvsdDM4qtCS%2Bsnkjqqj6L6qMySl%2FjIrJVBtqeH2fVg3tVCvO1xW%2F%2BYN%2FzzqMhc2aCrFvAPemobYfIpHG6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d2bbbe3-FRA
expires: Sun, 25 Feb 2024 13:02:50 GMT

GET
H2 200 52.png
s.neoldu.com/i/emoji/ 6 KB
7 KB 22ms
21ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/emoji/52.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e259b02b58967b572d806292de37f887f5073e8384423f624d1d8bd1ff795e63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2438318
content-length: 6484
last-modified: Thu, 22 Nov 2018 16:35:36 GMT
server: cloudflare
etag: "5bf6dad8-1954"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnPiBd3Z8SkCQCPvVT8Iro%2BfrOzAuZ2WzfES84oBRtzAAWeKC%2F121RFh47XlgWzCsqGhosJATMCDf0ONujy%2FaWMSv5nw9aPWpi%2FmhDBszeTk4ikekBvXSy%2F8DCHIJqhEV4slHxKAvz9%2BFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d2cbbe3-FRA
expires: Sun, 24 Mar 2024 00:16:48 GMT

GET
H2 200 blog-slide-bck.png
s.neoldu.com/i/ 12 KB
12 KB 23ms
22ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/blog-slide-bck.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fa54ab76eba77a3dcd2d8ee1c407b3718e2408ca71956dd37628fc376344f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112918
content-length: 12108
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-2f4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtq%2BQIC6uVOeFwgdsWGcUzgVhyrycjELHGqJAlvN5gs6gXnP7n90Ru1grsaTtJgzrCnrjMGd%2B5tmSbYkyQuKFBMhak7eR39HTrNPlvg63ionwcXmUj6Pkbq3InzCE9ScKjOLnuhj1aLRDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d2dbbe3-FRA
expires: Fri, 19 Apr 2024 22:13:28 GMT

GET
H2 200 blog-slide-item.png
s.neoldu.com/i/ 170 B
517 B 22ms
21ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/blog-slide-item.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65df2e1f238caeb22b2db1f3e3ca029f2b308b3a4e6f988c5ac676154f13c80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112918
content-length: 170
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zegxTgdMYBcvdQTomiWQ27pjJSO7M%2F0asXCiA8VpYCY0IDJI6EBU9o7b4Tv9mqoB5M2Tkp9JBOagBhdiIuPmO2IlY4D3cDv7xXHYHh0YQxVHckWzrVAKblmYR9X%2F0BDD7hwAT7crFGp2Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de8d2ebbe3-FRA
expires: Fri, 19 Apr 2024 22:13:28 GMT

GET
H2 200 gazette-slide-pager.png
s.neoldu.com/i/ 196 B
520 B 30ms
29ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/gazette-slide-pager.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4ab387a8bff4052837f004ea8c973a4891d6b3ec260989b6c4d7be8d20bf0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 196
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86K7Kzxy1QZVrIiP8vSSzcxqNWi%2BAn4pfJPufzhFn6cJAh5xSsE992li1LnNicT9nMWDFaLKHKX92DiTi4TbX5SleecMKdel5Z2eoNIKCft4n8fxd4EDgJ5fJwilPDF1JxMJ8YXzseouTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de9d3dbbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 gazette-slide-bck.png
s.neoldu.com/i/ 13 KB
14 KB 31ms
30ms Image
image/png 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.neoldu.com/i/gazette-slide-bck.png
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 885c6b0b1d8a8f4508e924b7a6e8b7a95533201420bee1b72f0e5cea97d7d510

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.neoldu.com/style.css?230317.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 13795
last-modified: Thu, 18 Oct 2018 07:57:47 GMT
server: cloudflare
etag: "5bc83cfb-35e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eItlK02v2pv6MXkV35KRE7hKcwazxRANFwp9g1GATtPabmzDbteAPzY26DYRPWcVvvW01CMz6%2FmGFyZFn9IA0btS99n6OSJAMM7ZdRqH5%2Ft1V%2Boa%2BtxMRQnCvptsTy4P82GeXoD%2B2uGlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de9d3fbbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 cm-icons.woff2
s.neoldu.com/i/font/ 39 KB
39 KB 42ms
23ms Font
application/octet-stream 2606:4700:20::ac43:4a79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.neoldu.com/i/font/cm-icons.woff2?87789116
Requested by: Host: s.neoldu.com
URL: https://s.neoldu.com/style.css?230317.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccd1dba2361724375bfe0cc75deac06ac94758f9ee3b39b3572a92e91120e8b

Request headers

Referer: https://s.neoldu.com/style.css?230317.css
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6685189
content-length: 39588
last-modified: Tue, 01 Jan 2019 06:10:54 GMT
server: cloudflare
etag: "5c2b046e-9aa4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXZxJGLQTf7QBBgWccycKZYJ9ExyVAD2bxQC0od1Wnmo20RFfy846XV6xTMZET1LIFmUAuA5L8lSeEQCP5DfG0f69oYRdG6yUmoe1UB4onkpEG9lXKoSGoZGbWONrfrhkcRqy43xqGiVkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80de7ecb39e6-FRA
expires: Sat, 03 Feb 2024 20:35:37 GMT

GET
H2 200 83638.jpg
d.neoldu.com/news_t/ 7 KB
8 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/83638.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c55ad98747f09576b28d1b22a330511a29640075aa85246a0f6141d00cbfa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95563
content-length: 7611
cf-bgj: h2pri
last-modified: Sat, 10 Dec 2022 14:41:10 GMT
server: cloudflare
etag: "63949a86-1dbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0N0ZSftajDbbV5fBrxTcvp4uLGYjYmnuy4QNKygz77rIdsoN%2FdGURhfdNdjAoEb%2BDmv4uSaCnzXDh5UvRDIT3VUQ%2Fwlw1hujTf7lwimjh%2BJ%2Bg8IFnAfNAGHpQtlUYGjLnpzpWUO5yVV74g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80dead49bbe3-FRA
expires: Sat, 20 Apr 2024 03:02:43 GMT

GET
H2 200 79188.jpg
d.neoldu.com/news_t/ 4 KB
4 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/79188.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 447ed0185376decd1dc6056b5d2e56532d0ffce227322407f7740aa45d8b062c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 3738
cf-bgj: h2pri
last-modified: Fri, 20 Jan 2023 06:38:12 GMT
server: cloudflare
etag: "63ca36d4-e9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9h6WcpfEsb6ms0b6xcE7EDqGFA%2F9mnamUp%2BXM9KxIdbS6LtiehhpN%2FvgQZifXJGkHQ6DAlS7eGtQDGMr9oB4Yo5xZenGdqbMZpqgi0BQIwC%2FzMd9utuif99fhPnLip1sxA10NfteT8OqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80debd61bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 81479.jpg
d.neoldu.com/news_t/ 7 KB
7 KB 22ms
22ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/81479.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08584929d2a355cc7d75498e6041e7ad31c9431dd13e42e17ad7ed7d7a2965a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 7106
cf-bgj: h2pri
last-modified: Thu, 02 Dec 2021 10:48:07 GMT
server: cloudflare
etag: "61a8a467-1bc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt6mw%2ByaRJjwIO26S0nLJ9Ra864dR7i6d%2BkwuR4p%2B2CIacZuRy6UzHzRwG9kvtEcArfphdwTVHXCI5XZ%2BSYYVoEaPJakKtxJPJnaVRmy7rvEpH4pS31GuMTqN1Z0xJk57f6ygS8v6F8oiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80debd6ebbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 84047.jpg
d.neoldu.com/news_t/ 5 KB
5 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/84047.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da721476bce09d79d6d4a096c48a7be6a4858499b4d3921a3c6b0119627803ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 4925
cf-bgj: h2pri
last-modified: Mon, 23 Jan 2023 12:42:23 GMT
server: cloudflare
etag: "63ce80af-133d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhBWaanVf0FOSA8OzsJg7zGeKpOdOq0jDHWizLfUMOl4IMg9uuHSawY%2BtdB71yInU%2FZ9y5crIKBKXWlQAMEJDeNgBAJP712qaX1peAdpCPtoD275DrwLnF786d8c7w2CEuwKO3iUopzdBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80decd76bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 81981.jpg
d.neoldu.com/news_t/ 8 KB
8 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/81981.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39803f2f02b91a0a1e354b966601db111c3155e553d4005330ee6a2d38bdb2fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 8094
cf-bgj: h2pri
last-modified: Tue, 28 Dec 2021 11:30:05 GMT
server: cloudflare
etag: "61caf53d-1f9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9kI0O9leM4YgQrL8H3BbUbW0CjGOmJ%2FGbnVNr7j%2BEeEf%2BhmGPc%2BQkIqU30LvVkwvyqqSMZocZM4GBsRFgQwzCS9PcTBT6WcOul1yndaM%2Fc4EVGF0JAyCxksmt8AHlmvC%2FVQT7mNHMDl3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80decd78bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 83519.jpg
d.neoldu.com/news_t/ 7 KB
7 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/83519.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b8de7028607384002ffbf1be71a0d9720fa4e8798036d82f0fe5d41c7bf929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 7088
cf-bgj: h2pri
last-modified: Thu, 19 Jan 2023 06:45:04 GMT
server: cloudflare
etag: "63c8e6f0-1bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF%2Bxx1syknZCzCFW7w8MgE07F3RGzGfqtek4IFNHOh7%2FmAPLVhTOehSwCEyB4mcR6BHS0ODCepDBgF1Ay7bgFND3Y80nUmvTozcjokk6chB5wtJsp6l1xN6O2ukleuywmt7zvwXCGUC6gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80decd7bbbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 86292.jpg
d.neoldu.com/news_t/ 10 KB
10 KB 18ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/86292.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20750504def8caeee1474d01af5de38dfcb5bbd4190ffc438745d312225c6f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 10191
cf-bgj: h2pri
last-modified: Fri, 13 Jan 2023 12:50:34 GMT
server: cloudflare
etag: "63c1539a-27cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbXX2ozlwBgijV%2FFsJvoluuOAQltK8JaEuAsoyv7bVDQUa4fJztsZ5DDbiWqeTtDEM1f4u%2FoPRBiubH071Iv13AsJS%2Fsi563qBsDc%2FcmGSpfISgymcVQvZUUHMtqWHIi9vIkqbru9cP2hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80decd80bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 75714.jpg
d.neoldu.com/news_t/ 7 KB
8 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/75714.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89efb9fb3ff1b1758822aeedab183db9036cd860cab286670a0b7284f32f8874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 7372
cf-bgj: h2pri
last-modified: Wed, 18 Jan 2023 14:45:19 GMT
server: cloudflare
etag: "63c805ff-1ccc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOxrw2CEtGxhDPF2ZtIMJRifzhr8EjLQN%2FcUTWQihU6WNHoV8fPwrAn%2Be6jco2s9e6qYL9PbGveTa%2FhvEeGDQoue5WMrLjvJiAk94wmIV0TZStnd49Z66y9iFmS%2FF8wX0%2FpTkJf%2BjXOEXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80dedd90bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 80288.jpg
d.neoldu.com/news_t/ 14 KB
14 KB 26ms
23ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/80288.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f8f506f1f34ff6f96d4485a2c0d8f218e6e066c68decaa6545f0feead030a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 14200
cf-bgj: h2pri
last-modified: Mon, 17 Oct 2022 06:20:04 GMT
server: cloudflare
etag: "634cf414-3778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF%2FpObpNlL7IaUaQn4GCd3Yon8u3%2FC%2Bd7sKVICoFJgvQaSIyD1X63iDG4gqvB9FrQJvmssdHsEAQT68RMz4wV9eJAiou39KyWhtYRj76tmaPnKvT9q0r8uoZB7IpL%2BaG7MJehKdib1aMbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80deedb9bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 85372.jpg
d.neoldu.com/news_t/ 10 KB
10 KB 24ms
24ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/85372.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddbe31e8c0f756f29d4662d86114a4a407cea9e69573c403e3e2ff3365b7cd7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 9902
cf-bgj: h2pri
last-modified: Wed, 25 Jan 2023 12:42:54 GMT
server: cloudflare
etag: "63d123ce-26ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdZK9bYkJGkTtZuc916h97%2BmwbeaXETYO9O398971OnyW%2BT2ksq%2B%2FvFU8hMG2%2FJ%2FS21vN%2FOJwb3EkEIzIRUHo1dSd9pJFYzUs3YrotN0bXzRcTp6SEwH8Gc5scjc65eAkC4ouVwg87qBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80deedbcbbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 81979.jpg
d.neoldu.com/news_t/ 8 KB
9 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/81979.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a6467f49716af22548568a19067a2ada865ad243c1deb4456004e274ae807c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 8377
cf-bgj: h2pri
last-modified: Mon, 03 Oct 2022 07:43:01 GMT
server: cloudflare
etag: "633a9285-20b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19cOiYCb8xVpFdABYx32RcVL0qawgJhHcA5Jymi%2FIBifkHBMQ1vbSc5MygXk%2FKMeCMBhkxL85O0KJzY%2Be6nbjQDGtELjRMkmdtIfaqEZP9Zdgu%2FCk6IY3FAEUzqKM8NfFH%2B3Chd47QE%2Fcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80deedbebbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 80810.jpg
d.neoldu.com/news_t/ 5 KB
5 KB 25ms
24ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/80810.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bb2dcbbcce33e23312cee09996a4169e43fcb14e7bd2790c990f5ca4d82dbcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 4820
cf-bgj: h2pri
last-modified: Mon, 30 Jan 2023 07:18:38 GMT
server: cloudflare
etag: "63d76f4e-12d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uM%2FNogBfbCg2FRxrEP7UHxM7uVwRjr80YnHygOlQQy3Z4%2FGxZ7pukpZNb3IlUVTRTLUp7vSJpb7DA0oUnllq9HmKu1%2B2Cy6AHuJa5v%2F7ZFqSv0xhu2FCkZRc3DogmUG8Yar%2BssSqBdRJ2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80deedbfbbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 86200.jpg
d.neoldu.com/news_t/ 12 KB
12 KB 26ms
25ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/86200.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44df2ee1589ed5e1c1da6ebb98b94a80f2d46e3973afcc21ec769798d7e0d983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 12306
cf-bgj: h2pri
last-modified: Mon, 09 Jan 2023 10:40:44 GMT
server: cloudflare
etag: "63bbef2c-3012"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFJRO5VnZGRYDJNqlVJaE%2B3ifcjYjazjYPwa8yOdaCdosRxu6ZGuR0mdx7OA15yzwNmbIMWVsy9bSCi3lmKyuisxNrQF834ycTZoRiZY5U8C8MB2%2Bi43rQdw%2Bn5jwizzmsuUHaGV9Gmzdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80deedc0bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 80655.jpg
d.neoldu.com/news_t/ 4 KB
4 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/80655.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe824a33666fe428e574fccb8175724f674fa7e0acf76cf3a41906b9ff1c0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167803
content-length: 3669
cf-bgj: h2pri
last-modified: Thu, 09 Feb 2023 07:51:53 GMT
server: cloudflare
etag: "63e4a619-e55"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHDm2Tw89W6C4YPYZ3lC5xZ0DriPvnvXVIXd4INOs2TexeEDD1k%2BRP4FOHm%2Fsr53Ui98MVZ%2F0kprWWjFUTs5XUuPA%2FdqV%2Bew%2FvI03ae0j2iPMY97YaXE0viwWsnZAcDkpydpwI7Ns7G2KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80defdd1bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 79425.jpg
d.neoldu.com/news_t/ 7 KB
7 KB 24ms
24ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/79425.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72f2d36899a4ac37dc1f8f7cbbdb8c9ace07cb8ad853b2072d9577ccc44d3773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 6971
cf-bgj: h2pri
last-modified: Wed, 11 Jan 2023 09:03:56 GMT
server: cloudflare
etag: "63be7b7c-1b3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdWlkDJIyR9NmG4fZFMWKIPOs0pEx0K9CODY0F8wCgbV%2Fr2m5J24LOohw1u%2BP5VMaXt4rGrx%2F49aC4zmckIz8qitvmuBTMotil%2B43TjnYg3bPPLoqVTLC5WBWoGbfBtvRLWIeTXG%2BWzYkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df0debbbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 82189.jpg
d.neoldu.com/news_t/ 6 KB
6 KB 20ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/82189.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d335d975f17b078fd495876dc5dda990703f103bf18d240a950474df9dc3a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 5993
cf-bgj: h2pri
last-modified: Fri, 20 Jan 2023 15:02:48 GMT
server: cloudflare
etag: "63caad18-1769"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcRD3WB30dXDdAzgcldFl5AlP5DeOkVNvzw2OL9aO3QOadEsmrpvhZ4l01aHLbBoCe5kSYU3hX1QrN9cROGP9GRz8ZZNyb9Ryf7CUaDpk4wyphn22xIcLFUZ%2F9oi7THvBLXq4y%2FJrOVZXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df0df5bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 79404.jpg
d.neoldu.com/news_t/ 9 KB
9 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/79404.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fadda48554f092ef63c7dfde30b0908fbe9e4aeb50326f0f025aacf7744dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 8732
cf-bgj: h2pri
last-modified: Tue, 10 Jan 2023 15:00:53 GMT
server: cloudflare
etag: "63bd7da5-221c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAbiRKxdjb7i1O7g%2B81mJV65PQHJwzcB9%2FRP0NfN9GiQ5rK64rYmhib6wk0BIxqVL%2BWx8iZozjnTaXAfbKF0CzfCDXd6%2Fadm0kU%2F1OGFbNpgkMRHWsff%2BhCgEA1pLCZJQZS7ZDM3BfTBAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df0df6bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:43 GMT

GET
H2 200 78817.jpg
d.neoldu.com/news_t/ 4 KB
4 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/78817.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07012b7bcf822eb25eeafcf2f3e5c2971ebf48b274714b75485eaa4a2b185178

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 3666
cf-bgj: h2pri
last-modified: Fri, 27 Jan 2023 12:43:45 GMT
server: cloudflare
etag: "63d3c701-e52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2Bx6DdjIA2g%2FoHjr0brVDT9hQk%2FFIurhje%2F%2BvQ6M14WBCpwe%2Bh2j5V5bK2Duw7duLWXD6JD89Pp2OYrLrpWQXZIAWgfPTvSLRE7uVmU1KtDoiMXGg2ygKSJqoFTf0%2F4qEUMbJudCo59eBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df1df7bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:44 GMT

GET
H2 200 87318.jpg
d.neoldu.com/news_t/ 8 KB
8 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/87318.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18fae8dd3100c633bdd50b2b58a346f1d2341a397dff7a603993bad225c06bed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 8009
cf-bgj: h2pri
last-modified: Mon, 06 Mar 2023 08:47:02 GMT
server: cloudflare
etag: "6405a886-1f49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpU055k%2B0gvtiC%2BpfiJMChqnAjYoqhv1sykUIeB6%2Fkd5TmXqO1fh6dt1n5SjDCUuH%2F%2FIJRgKgvaDfGV%2BnyAqrf%2Fl8%2BgP4NuL%2BDz%2BuV6Xkx%2BByFD3WJEygH2f5jiz852ienUjv4iujlNtbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df1df8bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:44 GMT

GET
H2 200 79130.jpg
d.neoldu.com/news_t/ 4 KB
5 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/79130.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98e64c3761840bfd7472e7697eaaf68ec6bc2518d0ab1b4c845417023d6334f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 4572
cf-bgj: h2pri
last-modified: Thu, 19 Jan 2023 08:16:20 GMT
server: cloudflare
etag: "63c8fc54-11dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlyLY2jxJz%2BGFvGZkY15ucWgPvdlRj0P861L162BA6dnU42YjfP72ETeuxa8bu5vhUdK4VLg%2F4uZNK3YjeOFkxNXzQ12tpNkmmQx0Cr7q8dMI5eEZi%2Bn3voj21dCTmoyzUG8VeM%2F29P8mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df1dfbbbe3-FRA
expires: Fri, 19 Apr 2024 06:58:44 GMT

GET
H2 200 81395.jpg
d.neoldu.com/news_t/ 9 KB
10 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/81395.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bee3eb18ab9737d3893abd9969a1986e7764daf027346107e04966f075b5ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 9654
cf-bgj: h2pri
last-modified: Tue, 30 Nov 2021 11:56:58 GMT
server: cloudflare
etag: "61a6118a-25b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F3YC3dozvDPyAjrQc8F2qaU%2B%2FVzkg3dz375mRYkpsVmlsR5nbUFRHcAgRvj2vB5jLZu8keogoZCVgXiF0aY%2FyJ7k0clcGvTimhtMJ%2Fru9YqSYfLjVOoNCCyUW%2F%2BXM1zhve3%2Badr0dN9fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df2e1fbbe3-FRA
expires: Fri, 19 Apr 2024 06:58:44 GMT

GET
H2 200 82322.jpg
d.neoldu.com/news_t/ 9 KB
9 KB 21ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/82322.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ad503c8aeaeb63ae14ea7190d971243d946e4f4ca4c1e8393f3f73d6dd93c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 8748
cf-bgj: h2pri
last-modified: Sat, 04 Mar 2023 09:29:06 GMT
server: cloudflare
etag: "64030f62-222c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dw4992%2FrXoI6guUklAiwsckxiYiUW3JD1DkfPZ6X3%2Bve3Bi0DW%2FWLwBSg3qlW46QyszFaaAw57TgoDzoSyk0mgpHfabvTHW7U15IyrmeNLJH3NRAaM9cdDfqw2Zc%2BFGSrgAqJvGbVc4FUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df3e29bbe3-FRA
expires: Fri, 19 Apr 2024 06:58:44 GMT

GET
H2 200 79771.jpg
d.neoldu.com/news_t/ 4 KB
5 KB 23ms
22ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/79771.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a242ed5318e0d42e90a94b6e4733837e236f652a7b11535a48533fb3c1d6f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 167802
content-length: 4205
cf-bgj: h2pri
last-modified: Tue, 17 Jan 2023 14:53:38 GMT
server: cloudflare
etag: "63c6b672-106d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsCsAI7bjziU5u%2Fdugh5tT21K%2FiRyUH2ab%2BSXXLQ921o%2BvHFhb4EEP%2BJJeAiHebYvVmaDH7c4H7IqqiI2NoeT7JLFnergj%2FbxSJXdHlximZsWSGRmOdXEbHxTJvw8KxCSX9yGXlWAR8Njg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df3e2abbe3-FRA
expires: Fri, 19 Apr 2024 06:58:44 GMT

GET
H2 200 86383.jpg
d.neoldu.com/news_t/ 12 KB
12 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/86383.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8323a5d3c35f557999853f79e81131cc450f4832bf9bbe26add00abd0c6b53a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 131125
content-length: 12148
cf-bgj: h2pri
last-modified: Mon, 30 Jan 2023 13:07:07 GMT
server: cloudflare
etag: "63d7c0fb-2f74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhI3pkXBCfSebtUz3fCMkOyNVpI1dADsxGhDwLKHfij5P0XiH6nNiER5%2BS%2Fond%2BxmrRPWEug5NyU7DpStMjweqqmYptIRP9CyyqGoS8qCJkInjILtHvrDfqotRsXNfUMFINmih8gTnHK2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df3e2dbbe3-FRA
expires: Fri, 19 Apr 2024 17:10:01 GMT

GET
H2 200 79144.jpg
d.neoldu.com/news_t/ 5 KB
6 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/79144.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b00354bd7ede951fb667e6d45787c1940bc038d6552cf1bb364d366eba15fba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336380
content-length: 5281
cf-bgj: h2pri
last-modified: Wed, 15 Mar 2023 13:32:13 GMT
server: cloudflare
etag: "6411c8dd-14a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtehhUL%2BjGjxV1EhdEhc%2BsjBgTO%2FYJQuVq6rp4ChDJFVM4AqIy%2BYohPz5V5AEHOgnfRby%2F12CMgGg11DHltYEs8CluHjs4Ez4vNxkUm%2Bbj1tGFQAr8XcRWtODdF5LLF8Yxq%2Bf%2BQe2q9E%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df3e2ebbe3-FRA
expires: Wed, 17 Apr 2024 08:09:06 GMT

GET
H2 200 85258.jpg
d.neoldu.com/news_t/ 8 KB
9 KB 29ms
28ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/85258.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f6a22a28d2927a5365fd9d975e3c08473a397a4aeecc9cc4ee9f8abf07ef78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336380
content-length: 8648
cf-bgj: h2pri
last-modified: Thu, 08 Dec 2022 08:35:52 GMT
server: cloudflare
etag: "6391a1e8-21c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8bHTwd80Pp5ISm0MJV4WGwRQEKwpu63yACRfMxEFBBfXlH03XvpSQj%2BLxTntp%2FoRq79IgR34XXJvCkxQpLNOLk1CtEPb2eNqx8zLzZ03eFtGCkhRFnak%2Bz9DzYpFW2xc65vOS8YcEAXcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df3e30bbe3-FRA
expires: Wed, 17 Apr 2024 08:09:06 GMT

GET
H2 200 78836.jpg
d.neoldu.com/news_t/ 5 KB
5 KB 18ms
18ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/78836.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b089c97cc6036148c830e5097f7e1406c2b56c028a596fa4a912b054107cc33a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336380
content-length: 5090
cf-bgj: h2pri
last-modified: Sat, 28 Jan 2023 08:49:48 GMT
server: cloudflare
etag: "63d4e1ac-13e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wSzNJqrfNkasc9iT52ykMkEIfPw2KvhQJq2IVFVoUiQNNLRhypUwFWaA3AEdGeXDA5d24RZTdZtor7IyGTI3XgOlZKxE39RMUnI8%2BaQfAroUZ%2Fw26biLY3c2SPUeUC020pyfGccI4Jj7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df4e52bbe3-FRA
expires: Wed, 17 Apr 2024 08:09:06 GMT

GET
H2 200 85550.jpg
d.neoldu.com/news_t/ 8 KB
8 KB 21ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/85550.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fc9e10c0e73e076a343f9d2f242c30efb2ac8cc271c2ee3a37374e255a90b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336380
content-length: 7863
cf-bgj: h2pri
last-modified: Thu, 26 Jan 2023 13:10:27 GMT
server: cloudflare
etag: "63d27bc3-1eb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBHK0OG5MppaubZv4YRy33RNK8sBo21J0dHXyflJPa%2FEq7yW8YSvlx32zcz3R2NIv6d3sWiBf6VHPfXwADvnj4fQjnlWBKtKKCsM%2BsWvi0bL9L65FGBhRtqU7RXjJO2FYCJRTAIfg2u63Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df5e60bbe3-FRA
expires: Wed, 17 Apr 2024 08:09:06 GMT

GET
H2 200 83630.jpg
d.neoldu.com/news_t/ 8 KB
8 KB 20ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/83630.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d396dba345334365f3c4a95ac610112fd90c2d8599f45419da2a4c1c82483de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95553
content-length: 7910
cf-bgj: h2pri
last-modified: Thu, 16 Mar 2023 21:53:15 GMT
server: cloudflare
etag: "64138fcb-1ee6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yT5IqXeBCbtiJ1mU2S2Y8LVUSVVitIc3QEucrxNWocndZGPyh%2B%2ByCb7brsRHJx4xJworjrn1TyChT16%2FSxFl1ImoeGLfajGevUP5FOSWRJ3%2BHLeVipvxXKsex4kNVZEhcueh8sIDuww82g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df5e61bbe3-FRA
expires: Sat, 20 Apr 2024 03:02:53 GMT

GET
H2 200 86372.jpg
d.neoldu.com/news_t/ 5 KB
6 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news_t/86372.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b60531f76684817e380366295fb5f58ca4cd89682243a81be9cdc226d18bd8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 336380
content-length: 5464
cf-bgj: h2pri
last-modified: Fri, 27 Jan 2023 19:05:26 GMT
server: cloudflare
etag: "63d42076-1558"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjFfJWz2e%2FAf8aKzwa7lZbU3qEULadIGvHhvH7TX01Hztb7UuKydyxojrtXmrArSd0mtCxnKosgsZZ2yL%2B96Vtu31t2drMTaG6SdnzMGZQR27fCeOAmTGiNqs1RZklUO9CYT7qsHjKH%2B2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df5e62bbe3-FRA
expires: Wed, 17 Apr 2024 08:09:06 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 125ms
45ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 03:45:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 14_t.jpg
d.neoldu.com/newspaper/ 8 KB
8 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/newspaper/14_t.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8401d5a22470c24ec58164470fd14360853b166d846772e5af6827913e22c78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 8029
cf-bgj: h2pri
last-modified: Sat, 04 Feb 2023 04:32:02 GMT
server: cloudflare
etag: "63dddfc2-1f5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MB1%2F9OpWgjNj%2FzRf4IbY9695mO09diLtyVLH3iUFmcMcUZf787OmI0MQrwNmnxf6qjmSAFHQfzO7uFNtJGxQgGC%2Fa5u41MoteNpqF7jSNboUWBgFGcrqkZiVvRTVZVZ4xdQ3cTgaDpMxOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df5e68bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 19_t.jpg
d.neoldu.com/newspaper/ 8 KB
8 KB 21ms
21ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/newspaper/19_t.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e272e56ed022741f1cc064654096065d5d8344de451fcd258ff132f0fa379057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6641948
content-length: 8022
cf-bgj: h2pri
last-modified: Sat, 04 Feb 2023 04:32:03 GMT
server: cloudflare
etag: "63dddfc3-1f56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBWta%2BxKmXzmyGOLRnr6rKy2XD3ciFMJR1QMs0DOuhZa7oA8oLqLjFJn%2BJwxVN4PhL2K%2BnPI9uY00ZJM%2FsHb3cWTdQRdGKTsutccseWGEVevcqonvKGy3zDHGHVMiHoNBs0m8f0u0d9hkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df6e73bbe3-FRA
expires: Sun, 04 Feb 2024 08:36:18 GMT

GET
H2 200 23_t.jpg
d.neoldu.com/newspaper/ 8 KB
8 KB 19ms
19ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/newspaper/23_t.jpg
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa7bb64ec06fc6358400a0a0230cf6e052d67e2abf5906480f0533de9a4901ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 684641
content-length: 7682
cf-bgj: h2pri
last-modified: Fri, 14 Apr 2023 04:32:04 GMT
server: cloudflare
etag: "6438d744-1e02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeTW1cFOnJ8jbAIjM11vp85evBmOsjUsfidBk%2FAz4XIyCCvfFUrmcPupq6SR3VR%2B%2FX%2FMH9V4ywV5ZJPefM%2Fip9amLhdxsNFGLOrN1%2BaRFekqZ3Gg7LtS8jYcEcfVpHNbDA1PoW94H73F8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80df6e81bbe3-FRA
expires: Sat, 13 Apr 2024 07:24:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/ 350 KB
118 KB 185ms
108ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8203385927523536&plah=www.neoldu.com&bust=31074024

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8203385927523536

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51c474874da5159b2645455115d24c4bbaace5fffd7c5f092cab29507f128765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120619
x-xss-protection: 0
server: cafe
etag: 10143516998734306221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 8D2E 10 KB
5 KB 122ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8203385927523536

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 16:07:18 GMT
etag: 2378337311435320485
expires: Fri, 05 May 2023 16:07:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/ 398 KB
124 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:34:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28878
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126571
x-xss-protection: 0
server: cafe
etag: 16530882680372410927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 20 Apr 2024 21:34:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 592 B
310 B 142ms
70ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.neoldu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77ca4c270f48b38660943c6fc9ca944de6a52d1bff10bb98dabb4e12012ca560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 285
x-xss-protection: 0
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97203200-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 22 Apr 2023 04:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3582
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 22 Apr 2023 06:35:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
82 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8XPP9T2J47&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97203200-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec7588f7d30cb393afac850acef7260344a723ff995ae9ada87265176d6e5127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 22 Apr 2023 05:35:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 121ms
37ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 185434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 158ms
78ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 122419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 126ms
46ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:00:13 GMT
x-content-type-options: nosniff
age: 239713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 11:00:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 165ms
90ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:55:20 GMT
x-content-type-options: nosniff
age: 175206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 04:55:20 GMT

GET
H2 200 ads.js Show response
static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ 120 B
306 B 43ms
43ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/mockups/tracker/imp/collect/adview/ad/ads.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
last-modified: Wed, 21 Dec 2022 18:47:42 GMT
server: openresty/1.15.8.3
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000
accept-ranges: bytes
content-length: 120

GET
H2 200 str.html Show response
static.virgul.com/theme/mockups/outside/ Frame E92E 891 B
1 KB 44ms
44ms Document
text/html 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/str.html?v=2
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=5184000
content-length: 891
content-type: text/html
date: Sat, 22 Apr 2023 05:35:26 GMT
last-modified: Wed, 28 Sep 2022 10:07:57 GMT
server: openresty/1.15.8.3

GET
H2 200 prebid7.38.0.js Show response
static.virgul.com/theme/mockups/outside/ 489 KB
182 KB 49ms
48ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
last-modified: Mon, 27 Mar 2023 14:56:06 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 226 KB
56 KB 68ms
8ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:15:15 GMT
content-encoding: gzip
via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront), 1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 20:25:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 1210
x-amz-server-side-encryption: AES256
etag: W/"d0373f28cbce103f094bc2631a9c8dd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: _vsCTraqC77mmAQFDHr0-WEXD8Wa9Dbp88aNopDAv1vk860Fxg56Qg==

GET
H2 200 pageview Show response
ng.virgul.com/ 17 KB
3 KB 164ms
56ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/pageview?c=site_geneli&mt=1682141726809&v=https%3A%2F%2Fwww.neoldu.com%2F&r=neoldu:site_geneli&userId=&tp=&os=&call=noktaad.ads.vvad&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc0,hf1,vv1&info=&ref=&rdmt=0.22747616367433987
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 05b6b1a584d46b13278a6ca8669bb3c321fc89e695389974c4f44e4d3659a628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.neoldu.com
content-type: application/javascript
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT

GET
H2 200 neoldu.js Show response
static.virgul.com/theme/mockups/fallback/ 8 KB
1 KB 44ms
44ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/fallback/neoldu.js?dts=19469
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 2c09b01417cdaade6c48d24f1ad8a6dfd78aa943318974846a6f8ccc31b03a87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
last-modified: Tue, 18 Apr 2023 08:56:12 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8XPP9T2J47&gtm=45je34j0&_p=1374640692&cid=953317964.1682141727&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682141726&sct=1&seg=0&dl=https%3A%2F%2Fwww.neoldu.com%2F&dt=NeOldu.com%20%2F%20Sosyal%20%C4%B0%C3%A7erik%20ve%20Tavsiye%20Platformu&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8XPP9T2J47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 136ms
44ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.neoldu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 127ms
43ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.neoldu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
11 KB 604ms
604ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1585927202109702&correlator=1194784122101974&eid=31073829%2C21065725&output=ldjh&gdfp_req=1&vrg=202304180101&ptt=17&impl=fifs&iu_parts=21647185140%2Cskin&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x600%2C300x600&ifi=2&adks=2285532191%2C4177763976&didk=1865754208~2675297495&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1682141726906&lmt=1682141726&dlt=1682141726401&idt=438&adxs=-45%2C1345&adys=80%2C80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.neoldu.com%2F&frm=20&vis=1&psz=300x-1%7C300x-1&msz=300x-1%7C300x-1&fws=512%2C512&ohw=0%2C0&ga_vid=953317964.1682141727&ga_sid=1682141727&ga_hid=1374640692&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8410d287a2aa8839dade3ad3ac8bc1de5725b385e055f9c75fe0b6c154548a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11527
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F10A 6 KB
3 KB 136ms
43ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 05:35:27 GMT
expires: Sun, 21 Apr 2024 05:35:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 hb Show response
ng.virgul.com/ 13 KB
2 KB 48ms
48ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.virgul.com/hb?call=noktaad.setHbParameters&site=neoldu&dts=467261
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6740ed7cacfb43c0884b461f80c29bbace03ec1d5a06834825b9865163a8566d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:26 GMT
content-encoding: gzip
server: openresty/1.15.8.3
vary: Accept-Encoding
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
access-control-allow-origin: https://www.neoldu.com
content-type: application/javascript
cache-control: max-age=3600
access-control-allow-credentials: true

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 43ms
42ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1374640692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.neoldu.com%2F&ul=en-us&de=UTF-8&dt=NeOldu.com%20%2F%20Sosyal%20%C4%B0%C3%A7erik%20ve%20Tavsiye%20Platformu&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1777352838&gjid=990247859&cid=953317964.1682141727&tid=UA-97203200-1&_gid=32885835.1682141727&_r=1&gtm=457e34j0&jsscut=1&z=2043478267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-8203385927523536 Show response
fundingchoicesmessages.google.com/i/ 132 KB
45 KB 169ms
63ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8203385927523536?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304170102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8203385927523536&plah=www.neoldu.com&bust=31074024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbac95d112623d2e319645346f205572e684a88cc57345e4af85874a36cfe5e2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-plvv3__WjTZQxU2K9022ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-plvv3__WjTZQxU2K9022ZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-97203200-1&cid=953317964.1682141727&jid=1777352838&gjid=990247859&_gid=32885835.1682141727&_u=YADAAUAAAAAAACAAI~&z=1752236404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 8ms
8ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.neoldu.com&pubid=e0a76a78-9ad1-46f2-a337-886c2e24ac91
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 01:08:08 GMT
via: 1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 16039
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.neoldu.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: gQ0VmHbdNMGNIJlbl5lY2ZzD51cEMvJ0ai9GKfOAItFK1Wadk6H2ww==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
7ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
date: Sat, 22 Apr 2023 03:03:13 GMT
x-amz-cf-pop: FRA2-C1
age: 9134
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: -30pXA063WCa_zRRuFrWmohhHx2_Ug4S3LMZhbtm0l4JC39Y6zhffA==

GET
H2 200 empowerwebplayer3.js Show response
static.virgul.com/theme/mockups/outside/ 9 KB
3 KB 44ms
44ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 09:38:48 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1020 B 49ms
19ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 05:35:27 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 390969
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02PG0BRhEOPCCUbiexEGyznyPS%2FKymJ3tUHFVYG4ua2YlUgEtqtLQ895mz%2Bpd%2FHPfouCW2tIc2M7OVMegnbCqs6lgY8LVQO9L7ib%2Fl0KOIjjAixFVY96ANZi1AncoKvJAH7nXoGoMGm6AsyQ"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7bbb80e2683e2bde-FRA

GET
H2 200 neoldu.js Show response
static.virgul.com/theme/mockups/sites/ 7 KB
3 KB 44ms
43ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.virgul.com/theme/mockups/sites/neoldu.js?dts=467261
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 8c3e7ebd042535c8b0c62ecf313a479512997a1f225137391fd8095439c7e956

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 13:07:54 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 17 KB
5 KB 55ms
14ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/adcode/outside.js?dts=19469
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:13 GMT
content-encoding: gzip
age: 14
x-guploader-uploadid: ADPycduIUut4zgGZphqPENaEcwpDLeFqTTWVO4VDknSjebpQIjV2ch4xtxlakPaQom2BAGBZyDeboZEdIwJziA45aZl3IA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
last-modified: Fri, 20 Jan 2023 18:31:19 GMT
server: UploadServer
etag: "b3517e216253857ea8c4209cb84004df"
vary: Accept-Encoding
x-goog-generation: 1674239479122517
x-goog-hash: crc32c=rClt4g==, md5=s1F+IWJThX6oxCCcuEAE3w==
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 4955
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 44ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1682141727071&v=https%3A%2F%2Fwww.neoldu.com%2F&r=153789@153791:neoldu&userId=vnet2a316103-148c-4a11-a48c-36196833c2d7&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.2174158542972353
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Sat, 22 Apr 2023 05:35:27 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
531 B 235ms
93ms XHR
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 17 KB
9 KB 751ms
717ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ee1c1926d637bd71d964044d9e488530e5edd1e6068fb2d43d648d964f79a50a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 22 Apr 2023 05:35:27 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9d8be452-ef45-4a70-a8e6-27ecb39e4c75
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.neoldu.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 hb Show response
cpm.programattik.com/ 0
146 B 169ms
51ms XHR
text/plain 85.111.6.48
TTNET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.programattik.com/hb?zone=107&v=1.6
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 85.111.6.48 , Turkey, ASN9121 (TTNET, TR),
Reverse DNS: ns2.ttidc.com.tr
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.neoldu.com
pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
cache-control: no-store
access-control-allow-credentials: true
server: nginx
age: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 137 B
947 B 52ms
19ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

adf85afad5150d09843ef2698c6f1f780d5b5389a97f205c7149582859b11631

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
AN-X-Request-Uuid: d75a22ca-cce2-415e-a436-0d95246dcc76
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.neoldu.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 222ms
84ms XHR
text/plain 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

s1.adform.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.neoldu.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 411 B
960 B 315ms
246ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13760&site_id=367796&zone_id=2000770&size_id=15&alt_size_ids=1%2C13%2C14%2C16%2C159&rp_schain=1.0,1!empower.net,6049df71e4b044a765374795,1,,,&eid_pubcid.org=cde58e75-94ef-4395-bce0-c97343865683%5E1&rf=https%3A%2F%2Fwww.neoldu.com%2F&kw=nas%C4%B1lyap%C4%B1l%C4%B1r%2Cnedir%2Ceniyiler%2C%C3%B6neri%2Ctavsiye%2Cmakale%2Ceniyi%2Ceng%C3%BCzel%2Cr%C3%BCyatabirleri%2Cg%C3%BCzels%C3%B6zler%2Cdoktorlar%2Cfilmler%2Cdizi%2Csinema%2Cfilm%2Cs%C3%B6zler%2Castroloji%2Cbur%C3%A7lar%2Cilgin%C3%A7bilgiler%2Cbilgi%2Csa%C4%9Fl%C4%B1k%2Cneiigelir%2Cbelirtileri%2Cdersler%2Ctavsiyesi%2Ctavsiyeler&tg_i.page=https%3A%2F%2Fwww.neoldu.com%2F&tg_i.domain=neoldu.com&tg_i.pbadslot=div-gpt-ad-1455783126174-15379121728129623web_neoldu_icerik_detay_1&tk_flint=pbjs_lite_v7.38.0&x_source.tid=339789d5-c7a9-4c5d-abee-ff0ec8c14a94&l_pb_bid_id=126d972ac890699&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5593919861619345
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5bfc5621b4b01dd38028d5bfc55a89434b0b573e2e33b9261223abfc5291515a

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.neoldu.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 411
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 NoktaNpmPlayerApi.js Show response
c1.imgiz.com/player_others/html5/ 7 KB
3 KB 237ms
46ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19469
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/empowerwebplayer3.js?v=19
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: 0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 11:58:21 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 29 Apr 2023 05:35:27 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 32ms
17ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 05:35:27 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 479137
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BxGIV6eYL9CefEtCWF0hTURQLH04WDG%2FReE3obGJRr2X1%2BGNtkft7PfMbMfbEr6tD%2B3AWVwaSoN1wnao3r2Q3WgJI6cLj2LkEVPCsjXGng8%2BQWmTyRzi5dYDsW71zS6louHlFA4J971qtjLf"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7bbb80e2aac63a96-FRA

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 8318 13 B
257 B 59ms
23ms Document
text/html 34.102.243.38
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?referrer_url=&page_url=https%3A%2F%2Fwww.neoldu.com%2F&owner=P%26G&bp_id=noktacommedya&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22site_geneli%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type: text/html;charset=utf-8
date: Sat, 22 Apr 2023 05:35:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 AGSKWxXQgAiJSP45Irrv02F8tvKm8FwXrEU_MbmgEmmopknjOLBR_ivyvJhIIbyQg4Re1S00FYFBbxH0VmkNbLu4MDo= Show response
fundingchoicesmessages.google.com/f/ 293 KB
44 KB 118ms
118ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXQgAiJSP45Irrv02F8tvKm8FwXrEU_MbmgEmmopknjOLBR_ivyvJhIIbyQg4Re1S00FYFBbxH0VmkNbLu4MDo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgyMTQxNzI3LDI4NjAwMDAwMF0sIjVBNkRDNEZELThBRTItNDI2OS1BRDdFLTdCQTQ3RjlFOERGOSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3Lm5lb2xkdS5jb20vIixudWxsLFtbOCwiOTJLMTZ3dk5TTk0iXSxbOSwiZGUiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.92K16wvNSNM.es5.O/d=1/rs=AJlcJMzJQihQ81m8t8rBmmxi8ad-DHJQTA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1a6bed1007f6856159c3d2d4c4817da4565c267724e0c0679aac1bd778d2be5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-puCc-VmPkKILVfKb2JWgHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-puCc-VmPkKILVfKb2JWgHg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 360 KB
121 KB 171ms
44ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19469

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123415
x-xss-protection: 0
expires: Sat, 22 Apr 2023 05:35:27 GMT

GET
H2 200 NoktaPlayer.js Show response
c1.imgiz.com/player_others/html5/ 399 KB
128 KB 51ms
51ms Script
application/javascript 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.imgiz.com/player_others/html5/NoktaPlayer.js?d=4/22/2023
Requested by: Host: c1.imgiz.com
URL: https://c1.imgiz.com/player_others/html5/NoktaNpmPlayerApi.js?dts=19469
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
last-modified: Mon, 06 Mar 2023 16:42:16 GMT
server: openresty/1.15.8.3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Sat, 29 Apr 2023 05:35:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 65 KB
4 KB 52ms
52ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.92K16wvNSNM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzJQihQ81m8t8rBmmxi8ad-DHJQTA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b18a857259a705a842cc2a41cfffbea62400997ef90653de4f075b2ec6b9fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 05:35:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 05:35:27 GMT

POST
H3 204 AGSKWxVnvc7-ElHM6Xh_4RSRO-8aHLIl210Hd1iGhvdjJsK727sqCjGYv2kYowPmzwu9Tne0nDYDhgcwtBxt3UP_9IALQ7MTml-QbU6Qcw9HBpvrK3NoxSvgS5bQuM053e2KhsjSZxwyMg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 123ms
51ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVnvc7-ElHM6Xh_4RSRO-8aHLIl210Hd1iGhvdjJsK727sqCjGYv2kYowPmzwu9Tne0nDYDhgcwtBxt3UP_9IALQ7MTml-QbU6Qcw9HBpvrK3NoxSvgS5bQuM053e2KhsjSZxwyMg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OxD9MdXhKwNBkwPUcXD8FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-OxD9MdXhKwNBkwPUcXD8FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.neoldu.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 358456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 82ms
82ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 99004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 99ms
99ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.neoldu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 99004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 container.html Show response
1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23D6 6 KB
3 KB 37ms
36ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 05:35:27 GMT
expires: Sun, 21 Apr 2024 05:35:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C2BF 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 05:35:27 GMT
expires: Sun, 21 Apr 2024 05:35:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7A75 624 B
538 B 84ms
81ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNUuUiBK13kmzPCcwpaGiMaxaWzu_5-gcw3VT4NzKy9JYQJR3fEw2iO6i8GB7Ru8feoWQ3_O0KPBQcx-EQinXLPvCvGksBulVM6YpoN_N8RMCQ0S2pFPDmHfalXwX2b2CqWFnt34_m9ne7DUL8p6KE7PDQlkrqGTG3VhiBycucbmLGI562A

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 05:35:27 GMT
expires: Sat, 22 Apr 2023 05:35:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 23D6 78 KB
27 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23D6 42 B
63 B 73ms
71ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BonlLHlxfEarr1AcF_E5ysgcfRUwEIs-qobSNsTJRXaaBvltqcUP5opTnTJqmjoubZuYWQn_6Zs8XaVidssDFfXRysBfE0odh6Qaqt6nKkpkJSXmA

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23D6 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12534450208194193455&x=1&ct=119

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 23D6 3 KB
1 KB 55ms
46ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 23D6 19 KB
8 KB 44ms
36ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23D6 159 KB
49 KB 144ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:27 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BB96 624 B
506 B 80ms
79ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNXofm6PJhMQZ9Gb6AMAVB-PJm8l67zuc1uoMv2ec-l_szCDK7Ed4H5wzMmt19BTQN9YV9dFGPGIGBEYuMRDWmDNc5pDL4e2DsUlZddKYIm1Wv5JUGJnXg3QuOGalLYL8mQrZ8FOgLNwbXNPy-QJBePcjsEbYq9tm72gznrNOGSkyv7va5o

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 05:35:27 GMT
expires: Sat, 22 Apr 2023 05:35:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C2BF 78 KB
27 KB 177ms
176ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2BF 42 B
63 B 72ms
71ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CoVsQ4qDdlJav43PpooIqT4Yhxk-1sm1BA5M8YVdu3x3No7I9_9S6phR8Zk16XHCCDAuPutuLKaRjn_HXMzWBG-oB54l8hpK5NfbJ6FTvIsStCf_4

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2BF 0
20 B 73ms
71ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6550342877537862826&x=1&ct=119

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C2BF 3 KB
1 KB 51ms
48ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 21:24:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 21:24:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C2BF 19 KB
8 KB 44ms
41ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:45:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2BF 159 KB
49 KB 177ms
88ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7A75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

43 B
766 B

15ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNUuUiBK13kmzPCcwpaGiMaxaWzu_5-gcw3VT4NzKy9JYQJR3fEw2iO6i8GB7Ru8feoWQ3_O0KPBQcx-EQinXLPvCvGksBulVM6YpoN_N8RMCQ0S2pFPDmHfalXwX2b2CqWFnt34_m9ne7DUL8p6KE7PDQlkrqGTG3VhiBycucbmLGI562A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7A75
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENyH7X-F-Nuc1VdfddzTgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNUuUiBK13kmzPCcwpaGiMaxaWzu_5-gcw3VT4NzKy9JYQJR3fEw2iO6i8GB7Ru8feoWQ3_O0KPBQcx-EQinXLPvCvGksBulVM6YpoN_N8RMCQ0S2pFPDmHfalXwX2b2CqWFnt34_m9ne7DUL8p6KE7PDQlkrqGTG3VhiBycucbmLGI562A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7A75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1

43 B
1 KB

17ms
17ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNUuUiBK13kmzPCcwpaGiMaxaWzu_5-gcw3VT4NzKy9JYQJR3fEw2iO6i8GB7Ru8feoWQ3_O0KPBQcx-EQinXLPvCvGksBulVM6YpoN_N8RMCQ0S2pFPDmHfalXwX2b2CqWFnt34_m9ne7DUL8p6KE7PDQlkrqGTG3VhiBycucbmLGI562A

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
AN-X-Request-Uuid: 822994bd-2f4c-496d-8b8c-d7d5b404b603
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7A75
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzMzU3OTU5OTA5NjIzMDkwMw%3D%3D

170 B
232 B

90ms
47ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzMzU3OTU5OTA5NjIzMDkwMw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Apr 2023 05:35:27 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 40a41993-bc8c-460f-b8f3-fee9fb0e8cf1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDAzMzU3OTU5OTA5NjIzMDkwMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

43 B
632 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNXofm6PJhMQZ9Gb6AMAVB-PJm8l67zuc1uoMv2ec-l_szCDK7Ed4H5wzMmt19BTQN9YV9dFGPGIGBEYuMRDWmDNc5pDL4e2DsUlZddKYIm1Wv5JUGJnXg3QuOGalLYL8mQrZ8FOgLNwbXNPy-QJBePcjsEbYq9tm72gznrNOGSkyv7va5o
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB96
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZENyH7X-F-Nuc1VdfddzTgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNXofm6PJhMQZ9Gb6AMAVB-PJm8l67zuc1uoMv2ec-l_szCDK7Ed4H5wzMmt19BTQN9YV9dFGPGIGBEYuMRDWmDNc5pDL4e2DsUlZddKYIm1Wv5JUGJnXg3QuOGalLYL8mQrZ8FOgLNwbXNPy-QJBePcjsEbYq9tm72gznrNOGSkyv7va5o
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELcZFYPUHKjN2wJu8DFMcJo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BB96
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJLb8f8CEPiFm4EDGPiVw-UBMAE&v=APEucNXofm6PJhMQZ9Gb6AMAVB-PJm8l67zuc1uoMv2ec-l_szCDK7Ed4H5wzMmt19BTQN9YV9dFGPGIGBEYuMRDWmDNc5pDL4e2DsUlZddKYIm1Wv5JUGJnXg3QuOGalLYL8mQrZ8FOgLNwbXNPy-QJBePcjsEbYq9tm72gznrNOGSkyv7va5o

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:27 GMT
AN-X-Request-Uuid: 763921e3-9cc2-44b3-88b2-157e0aaa41ac
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEAhDpFirSPnmK1h9ezgbsA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BB96
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0NDkwOTY1ODY1ODk2MjY4NA%3D%3D

170 B
243 B

86ms
45ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0NDkwOTY1ODY1ODk2MjY4NA%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 22 Apr 2023 05:35:27 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 26831868-c1f8-4abb-b5ed-c45b907e3d2f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU0NDkwOTY1ODY1ODk2MjY4NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23D6 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4229641909906&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23D6 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4229641909906&version=m202301230201&ct=119&x=1&cor=12534450208194193000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 23D6 85 KB
35 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnrLJ2Hr6kvg_aKZ0_XgQjWyVoL2QNs3UCCePVF5tZGoBlNDLvFrbhvC9edf1ue4CbYylL12IBu8-P3sy5BtYZqh7jtnJeNrsmBLT4lNQg1HxAlejlitizsTn3fnPI28vkioIz3dNvLhCxczIkYQlAYl9w12IO6jn47pX07gbL7O0JEAY&cry=1&dbm_d=AKAmf-AlyiePl192LufBUk_LSPpWz5tvQ9-sZlni9aUvkIebgKanScs4f1l3P7dxUaUpPzGQzTGRpHrkKHRqVPyYTyG5nr8tMwCGa9u5SgNaeJQ-4E_hjwuH_AWAoQXqpOhhXfzMmD-QMyhGg_ynVuCbs41DIruvCc-8Y7-bG_6g7N3Cysos81270-yEWudf299RL6pq8Vw0G_icsNVJE4lRMDB7bBGl0-uhAB8WensRRjYFQfGOSnvilw0z6AZpJtqovCnQL29kfaxtqjuC2UYpgPDGSRnakmvpMXLIvfB4euORobetvJaf59_0YgVIGtg-of1JtArX0zw4d-9-JAvJ_Zl5Dm7IIWap7YPdwCkBPYH3aoUgSPWOajpPVS9Feb5Z6GSxpLeEE5NcC_fIfAKvY1RcL4GTcaoGOhluf8fjIJPspA0eWjH-OSdsgLw-TzXqZzv9-LOMDclX_hOMS3JDv9BsmxtRrN46vCjv1kyLiO0f1ZCMsCuyg7ounUzJdeWe84LUyWDdCQKrbdUaNbnu5gJraS-9lRZK1C-WNXJaiLOHTauiPH7Jx5PM6tzuyU4m2ZSXqTdxHMXmTws77hkB9VPjNF7KhBEdb-YvmFfUgaCjXFVf8jI8PAsR8G7hj8nvfdZ-Jc1ORI-mYl_ifWlTDekUmkBSuz7LePNT3xKpAQhftmCDvdjYbOC_PgkROfyMdTGmnKwDafIiVFGscqi5cPNZbphFdRjckVIrNuLy__LlnxsANEd2TrbgrxlhYImpq5te26TxWqAxCPqE5qxyEWPRDXvPnuzgqnEqPRAT4SZV7dabpbfe-HA8Qh2IEBDTwvmaVMmuoL0ine9-CCoYInmZjmh7K4u7WdDTPMPNUYtqIJOXRd8vuxydne3rpv9oOM_bGT5AxW8H6NSYJDfKtpnn_ujgLsRmvrISGo2cgz-qng67Jm5Q3HmDJ_QLnvoVW3w8fiANiwcG9YK7bF_CJ22dEa2oFWhzM-dJUGE_EYKdG5lS7Pi2k12Z5btO4krR7mX29JVQ0I84MVjNAnt71yvxFAKItu-vh70x8hEnrGxEw0htx5k-C_0yen5byuc4hAB49U67kFga8xfjSeQwgAvYCeM8MAft2-uh1MrW_pDQAnRU40p0s9BEw0miyrlZFIbya58hpfJcmAyYOfEofJa-mOkzujMO7kz9RfMXpVSvhLgayaarufzoWSePEGNOEUPr0XKaQQZ4IRNMLlnipiiWn22yGB9MJNDSanpEhjtjn8Jdc2HrgGIJHUsdBysahDNaSKnNmM_XbMecYd0vwa25v0OMm5efxaMhsSj7Gfg1zITGuh4qg-Smpqph7I5kvi3YUj2HlaueCQYxrpsc9RPIFGpli93kmg6-_uPKwYjui6UYNG3NISYGQsdkDxxpnVsrnlCXAcVD6WNW0y0BbYDwEqVtVyqtVb8X_A-XyS-nL6kn5GBX15xebvNllWFvRMsHbP_MxhjXZHS02VgzUwsUA54oPTEZqeDxEx5nZkIAB-KejZBm2qtJbwNvoDdmkKG_1viK8RE5OYjFcfwqfYY0DTuFCz4v_am6NBCup3JUeJ0KOGdZdT-WERD6JqeB9_m2AH-vbBpIRaT_pqjRQR50yd6FxNgQjRcyXKC2AgvAznPUlk9wzpJXbEPGsBUKG6OdvMycGUzxFndBM0dm6e2aou_tEgQT68LIkanSD2HOw--oco2c8P7oNYNeAQ77eVjX-TOGUhobn_6wn_4EWkhyPiZd3aaO4l0l0p-Vhn6tedyjvkW1YbkNQEEfUDBEcTP_Bb2qwG0ib1NwvfY7I7igc8ufbqrx0iNloVHklwZpO_L-Uk4fCC3YcEKfjCTskx5HU801aAvbDuysVpjQBhSlXuYZhID0fjSwPJQ3HNngo8_nEhrCiVR4n5gK8PYFXLk-RdJBPXz7kKuF1wnAZDYjGmayy-G4cZFG6ih0PmDseDb9caNfA_rWgOhbvply5uXAs4fFEblWFmcuHuHXFYXqXkyT9lzZ5i6RezbA1AAGkApI-5yBMb3ec_xOm_5vkxG1O3xeS5OOdJtCsZx3a6jsvPA7CIMzQKMRoMbnOXbUrOxitRbdzIVniJCmpeysHs6Ewg9dKyrvbOts-Bx7YaVyRVypxh-B9d0NQiAvW-abYXYxfJT699eEM8FpMl5-T3GE1hxJbO5rx88WoylzVTS7e0jHd-G1ovRKXtVRjr-sEKlIl5fzDXRWzYnN22j9XHntgu_urCCsVdhbT4gdVkLYtAAj0WYpJOh4Aed-zlp4uEyaKFoiOWe6aZuFS8aqbhA-QoW2uNTuVw_0i2GjbWNTK_8RDR3jHB7IId9zpyQy0LWGNDbO9PADeKhtOXuXHAhOcrUEBMUq6QxUH15gsxi1e6rxskFzytgD5Ewsj4imUaaaNUG97MRbfGQa7DSjgDlzYzIRJ_oUFRjayOQrH2PrlQ4i0GvWxsqDJlWP3WEjtlJekVbHeFVQIK1xbFi3f1bLQMGr7NPjhbsxQnckyOwa-mrSXUuIvrML1BDZSVCdu2bU44GffHFlHyqQrgAAwwAAWzkScgaIfGgze1kg4otExmuXMbjJL54CVf1EeUWbQsPXEwMLYoKido0546sCCH-9Iyidjc-lXAUsOH6qf5klG4bLwM9kxucnZTvUIicZsH-5ytwNPWuc0wsB9hwV33kQ2Lwt0X0ouM6YFKdXC2xNuvL6j_4cIfRlg2pCV37EtvMyBqWymtCkZqotlYjeoGesFE3YlzHbHAknCmuiVtF7Q_ZtYlPRYHmuM4irKrrX-ZRxAC_ZAPSF9a8czxIBsEXKSDO5JUFyU1JUouPpFJdKdfYSIFBt5BLYeUKx-f6MTqPeZYTrkG1KlSpXjLcEutHPFizD79dSDnYxgreBxxUt68x1xq0OL3FaiFeWrAnOk5UFhiaAoKVRlPOu5Q3DbT_Zx5MmFKgTyAT9moC6_nMjsFlJqqFy9QLaWC2iPSW25lN_QFZiNlP1ucSdqoG76eNhwsD9HxYj0g8q8j6gk3hibNzgd1b4m-hv5f31_X1ptRrZkhW2SYhV7F-yT5gCY0KaxXWToTnRBBAQeF7knhgytnAdGLUNKD7WSFVvNU3O8W_HGtQEXJrTjDi1EQlJ8VyGcIw7F4ep3WnMuHL1BpMEo17cPMJBtifZm_amUelGNB7TVVPbAZt9iN_BwfngmkVppZscNEMx6EAEiTjsIyxCQ_E-D75RFWSE2dv99trC-bmsEAw6nlF_jp05bpT9osHh4Aa7IbF74S13IY3ZBYdWMPX9oo7i36DE9L6NYMLD1fVluzAYRiFOJs5cZWXI04VJvgPqJ9YJhgZH1F0qYNJaMOIXqMqA15zPsJF1Ypc3efYPclQ2UMLoR85zDC74T7bk8_EPt9DDM5oXZp3961VhHQW41RGPOd1oq4Kzcvk2_T5_CpkTyXm4MWsIBvVw8ebxTKLmDpDsYn3Z2DecZhdIb68HiQu0DRvg3uc7jqOn_bICq0Ti3MAG7HTUJhwy3g_IKIEN-3pBom-tHM9TshF2Dgdsp6WUv24sUcL6dr0-CWoTADqsfapqZna0sqEGAdFzK5llJlcL3ril9-d6sySn4IksIj4pJuNTfZJ8r8n7NVrrerw3OTgF3y2lQ7g_hgpmz3opgUXamjy3oay7dMSwENMnRwJp8mPItsYHIef54UiB4Ejr7qz-0CLq5HJtI-Ux2pAqCj1iXy7afbyM0ftQvi0dZcRMxGwC1lzPwPKNfqd9vFH95wZUsC42uwfPts3MRuzFarpiWm3YnRsewOysJQPupFvcNPdX4c-F1YGikQ36tdY5tkvclPRF9gebzay-10mBBhaPc9tIJktzU4H5tnRcdbSmnXXzuxh7Fz_-4FmajLRyAq8tanLcO0gWCb1x3fSEkg0hyi5x8asm8OatePygSWKQzAAw3aAj2RG-XvFDL6jbg--J32OvudwzErecmLUCIr74u46StriWzw9L2JSMdHhZsUp3AVkU-wS8imKQ6vLE_2Ul1VwJeVOPHyctU_-W&cid=CAQSSwBygQiDYZSlKmgA2yRn2LiPLotgfzFFrqjI9-AvpPfvXGyVWGFAv1ZAkjbE1Mfyagumud7Cqp2-bHR9AJ-8T3iwVVd29QqogIog-RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=12534450208194193000&adk=943508955&idt=89&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5562a02b2f95fafb46e48209900dc304947798be3f92a3d31aaf313fbf75dda7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35979
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2BF 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9426118115323&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2BF 0
20 B 74ms
74ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9426118115323&version=m202301230201&ct=119&x=1&cor=6550342877537863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C2BF 85 KB
35 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWvL5ce_NczGElv-gdQ-0JgllAbL33qx-9OHqRSxafFEfrg7JHwChvpiADdk6H_Kww0yy0xFZic61fFrOmy0zVXGYWCHEGhmsRpmOn2xcwRfPwN5oHIwxeIj_sUTm88JJn6BvogqB6j159PDthlLqtBDBtJuyjJBjhQFmxjNpH8Ll7uqA&cry=1&dbm_d=AKAmf-BdZR1KuYc-HrXnM3603VoZksCNx5v0p9n8h_lYcA4JysyUq2BzpU-uXa5taDMawRedmPW5dcjOhuSng9GMv0euGBswoGZb_cSnwm2qbWCI3s6Jo1FVKONt1yI3vfB8tL90WahEPSHLckDVZzvbDgLPsJsPuteIWCXl1Vmh1Mm2REHxw1yZBaUfddbfnbdq907WqAIb8IW2PTsR9w-gkto8KzD0-uWekI3PqiR8JTb2h5Z_Zv3NAz1h4brtKpdEKOieldsLJuQTajBkS-AcsxHqVB9g74Qas6wba7KSTtNpKG4vV7i1_t8B3I241YHLZRK0RuZqCgnzt5WO_oM2JVsReVO-ppieJoijiCKs1-z1uloHsy2w-YU8kY44gpjtPjnm_oUA7deQIEPjzTqqTKKKhCcY53IPcNqLVHZdpGEZHlnBVB0aTmOiCEjHucJakAFiUIQly9xpACH4mWffYbO8lOLLvPn1Q7Zv2kVX_z1HEfoSAFEoJ7KQVmXAAviA1zwd3Q7GH_lmA2skhWCQJ32gMS6BxCqt-vTFcXQBDqSplksVm84FArOxxxuwpBUcjqPwMnBxJo0ls_VnZ0-irgC2AparoLMHliSS8kOpiSRqiNysOlZxLACimiSKVpYZu-GNjVgQGC-QdimjFbtL7nYibBMg_KiGWj8iSIB9tcyZoeb5Qj5SZqbijpjbEPOS5UX9irYXXpf6vyksntRbc0tzJpTD14INiRPyiFd29INrXaKIvGXZB2a9cEbJjHa35PRuc2rIJmOtaoAp6DfHWsFjPOvp_D4XF1SY4ZoOB9yslu8b8EE0SYlWtd8bR1tpeZR8RPLktD-0ygs-m3EM0dgAknVD3BsRCmmzELCivike_bwsVJpWB1NHSeOFX4RmgHLxYZHyxxieVHSUp7_bLDhCzd22WG44RPKTq8ZANTVgOKqHrTMZhgWS2vjt-gYUDfXB63Lf7MOgxETRSjxh93lBlV-VyypFShrf7iapeXwr5KFyrvyWGXE5gOGseOHt0vJKcSU3BDQuyAJpUkzTtvhWe_s1vg_lNseRFJzvmZYilhy7u5RYCp3XKDumLeYeCloaHSdZogpqujgrb39l1lXE2VinZw2dWLvzF3QwoaWNIvmi-ZV7_zKJv4zZhLGdJhBkq-tnVzc9GbkNwKTClRNXzWvrwU1mh6cijeYu1uOM3suoBM2MdS9RVad_fz4949-AOQ06HxVuuPnPmQhsQyLXDnXV6QEjoh-V0-_1ecRTnm2Oclr5_xRXPLa-NLljYysFQGv1Lo27IlOgEDcX_jnPp34PyoD5saMle_faLpkZKBeyadwWoE5-R3swvK1xLMGh_FeKNNFPAJ4NnC7w92J-d839yK2z_O49YkJmf4zIkGG6sXcdMJRYlEJd2VnMB9-vb3ts-1mB2EOGMcmjpyTAQl5mRWLggz27aszJF195aZZYK2B4gEIzWy07IWqUibx6tzq7C0YwQP6cJTLWHyI0t0rIX4UqT8Qq1QdaE8ugUBJrHiwYQXlPUQZvvvL_7j9GEGgSijGAiMKwNi9AB8RSujrhFK5WI4RtFlrNUreKkHp7sE-2pI6zGf2gGxdZl6PxBF1mcbyeUOPrCpKCE1GXoIbi3Bv8zWb8JbaG6wqJ7Vr2ADn8AEtRwd2OJm3ufDWbmVW5OmqiVFJOCIIzLggOGXtumZ_7CvYSJamSUOibmnV8soYRMK62iSFV9Ruz3kPkKOqEr8q7XlfiLiVxT9ggTQXOSMxq-CFDKaRFlkWx1qR7fKJh6CrZpFzxTOG6PbS2mn7Lw60VLVmCXG3d0eItFl3tn9bXECkj0RZiKe9PWpeUZtCnVWqG74WC6NDp7shKEl_X7mMHqf5ycdMkUutk7xjQzilU6b7fQ9uGZNL7rhoeN6H3eNiEng_l-Z_mvRi5L0stWFnQbD3FFLRpVWRIWF2hD3FPudcB4zsYwE2NOD_UtBzcj9ia6GjJU6AXzQv6gX3XjnuWf8wroPW-6dTABMq4TdbhlU80XTq02SPzL-v6H0J9esOkja13ABcYFZYQ9rdF9TDFvbCX4O2Vkrg2XnXOHkgjqkTntZ6kBbmCVFGZTxt8CtlK-iwDoE_1TKFyS1ZrAx0wOLBHEreT5zwY3yYMiSV3MdpH0eKNzDKoJyYcGFepvdIB6nsxWBZy2BgbTHeEciCmuGUnlUOxgAQBBiru8UUrGL4eV7VFegyAp7cn-WDQQXxYM7HCrRB1OwHHonGXoNqeyNqgLNMKF2fB9jMpunyxEWF7JOzhnNp8OivyM1jDxE3k5GPX8P8lv4tOTdzyBnOHY6e2aDsNR_ygbruauSpdxD_CfTEPi2ztigKlsX_-J0_1zAms6Ei39N6vkxG8AEKWM35Y3m8_MxCshE7J8v4r6bZ4FFXjEoMcwx3jwrxzsHcBg8jp9BvzahYPdfqFTpclQuvzqQWZvfpGXaoU19IlOYn7TCorDCP3APPcEe1zpe6qX74j8dH8ToRB3Dyqmmja-Zum9lXU27Uml4SMUihbFjkqCBKsJEQnhvBIuolz6ybW_5wJz5kUsLhrzqO6aJJqvmesyJExiZ-Y3zyltG2Uk2k9ZGa6pUkkUbSKuV2lNz3ypMlwVLwEHXZBtsdC4Hv8rUAOmHcJNChJuHQs10KmgTjM6dsPqD9l5o5gNknN8ULtDSQisEhfDwun0d8PsteM64d7NGWrXO4g77YYAZ_s5uFSawl7PN40qozaJzUtDLMnTJLt2X5Y1k7AkeRC_7y_rmPASZY7bX9IHk_x0kT3GNHLSzamLz_m9HQaoS6pgVlMHu520IOEVD-sL-Ow_oG-UzGt39T1ghWWEHQ-kzI1sFf1j_xCjoC-AL_iQyCowcZ3HWDNP_yDyueQr8bOq6E0S77YIQ9ysX2VyjmoBY08m3rYcWmHcb3uH_9taMSdJMz6K64i4a-Blqvc65ChEPdPENGEbwG_8abe_lpIJrI_Rd6pb4CYRsjryx5mB5hn8CHoJefkE1drevom9QLpZWCcLyFqhCYRZiY2xITIQ4RUNvND-c0QDLfLOhefAf3uhdzjdTMaYuCzCv9HL4l928i6U_sx8BZP1yXkcvC88wQK6dqgB7j9eTxZJrHsNAbHkF4zlJvjf2T8EXyj0FJl22X_HDpNgYXkfGznJHySaUyTd1MKv_jvPk2b_OEtCLoKowtpmW2Ckl9PSrUBug9t3VGAlbZWTvo7cqxkIVCdnlZd5Hh6rJQmVDfH6tsjllB5vIkzil76FZ9JGbaVW7przD-GOwwd-VZXPT76ZIy1HW04AnzxSId7gbQnxIdDjVWxtxoWpEls0I_B96y_ggW_ffJg4sRSQGlUTo4cQkIT_Lk7S-icY7WhJnhiGICjHhdVV_ZTgOKKqLhNv2cvuyVHIGyhLJr8MSs75Xbz_zZYcKL0Rje4lPurrCzbwWljCP9_SROTzkJi4ximjadv_LUQeg1OyYqeajfR8uK4fjVncJqO3G4BfO1Fpu6PG1f2L-FkztWh42ZYdUyAwZOh80-fIi9mUHhOeGoUU4gWMyWClqdYXNTEFFPEr90hTqrNKV9l3wKU5g8GOFYEiUW09Lfzlugc2HUl2VlW_QDktpA9138dG1TRN1TiW5kVWZyemstHbg5vG_e040dzb7p4NW6DfcTYtZaOF-zICF-KXCl9YXiZRePj5K5z9pVJrU1oXL_QSdRYz6pllfub9o3D7Ds1g7hdiqs9VjOeTgoz4RNy-WjReRZXsuJ4-yDtKs3CU1wDGjR_KSxETSoXozM0t5Z7WzDlEqmJ509DZD6ei9VYHkzo4f6qMOUYhMiJ5XzGaHiESdkwA_t_e-xBIAsrQrmUbA47-IBzs5OgflrIaNISoD-I2WFuOBUCqKtMe3uS0x0oDKiZRuvWGIvwiP_ZndwosXv6Fc4FsMnfqNoM2Bs6n0wkXF1zM4Q09BbhP5ZKS3YGKw6TmhovKy9ZsswEMRks-REFINYua2zTiIHvZbo1rbaUnuCEqPs2IbWU6t_ykrRCZBJN0BMHT0m-kHDx1l4dwxM9sdjoJJ31Anq3tJzHDg&cid=CAQSSwBygQiDYZSlKmgA2yRn2LiPLotgfzFFrqjI9-AvpPfvXGyVWGFAv1ZAkjbE1Mfyagumud7Cqp2-bHR9AJ-8T3iwVVd29QqogIog-RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=6550342877537863000&adk=3690638929&idt=184&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a70594cc269274fef3002ddfa982854975b72d5d1b06c2c7683de14649592c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35938
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 23D6 119 KB
42 KB 132ms
36ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Origin: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Apr 2023 02:05:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 23D6 11 KB
4 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnrLJ2Hr6kvg_aKZ0_XgQjWyVoL2QNs3UCCePVF5tZGoBlNDLvFrbhvC9edf1ue4CbYylL12IBu8-P3sy5BtYZqh7jtnJeNrsmBLT4lNQg1HxAlejlitizsTn3fnPI28vkioIz3dNvLhCxczIkYQlAYl9w12IO6jn47pX07gbL7O0JEAY&cry=1&dbm_d=AKAmf-AlyiePl192LufBUk_LSPpWz5tvQ9-sZlni9aUvkIebgKanScs4f1l3P7dxUaUpPzGQzTGRpHrkKHRqVPyYTyG5nr8tMwCGa9u5SgNaeJQ-4E_hjwuH_AWAoQXqpOhhXfzMmD-QMyhGg_ynVuCbs41DIruvCc-8Y7-bG_6g7N3Cysos81270-yEWudf299RL6pq8Vw0G_icsNVJE4lRMDB7bBGl0-uhAB8WensRRjYFQfGOSnvilw0z6AZpJtqovCnQL29kfaxtqjuC2UYpgPDGSRnakmvpMXLIvfB4euORobetvJaf59_0YgVIGtg-of1JtArX0zw4d-9-JAvJ_Zl5Dm7IIWap7YPdwCkBPYH3aoUgSPWOajpPVS9Feb5Z6GSxpLeEE5NcC_fIfAKvY1RcL4GTcaoGOhluf8fjIJPspA0eWjH-OSdsgLw-TzXqZzv9-LOMDclX_hOMS3JDv9BsmxtRrN46vCjv1kyLiO0f1ZCMsCuyg7ounUzJdeWe84LUyWDdCQKrbdUaNbnu5gJraS-9lRZK1C-WNXJaiLOHTauiPH7Jx5PM6tzuyU4m2ZSXqTdxHMXmTws77hkB9VPjNF7KhBEdb-YvmFfUgaCjXFVf8jI8PAsR8G7hj8nvfdZ-Jc1ORI-mYl_ifWlTDekUmkBSuz7LePNT3xKpAQhftmCDvdjYbOC_PgkROfyMdTGmnKwDafIiVFGscqi5cPNZbphFdRjckVIrNuLy__LlnxsANEd2TrbgrxlhYImpq5te26TxWqAxCPqE5qxyEWPRDXvPnuzgqnEqPRAT4SZV7dabpbfe-HA8Qh2IEBDTwvmaVMmuoL0ine9-CCoYInmZjmh7K4u7WdDTPMPNUYtqIJOXRd8vuxydne3rpv9oOM_bGT5AxW8H6NSYJDfKtpnn_ujgLsRmvrISGo2cgz-qng67Jm5Q3HmDJ_QLnvoVW3w8fiANiwcG9YK7bF_CJ22dEa2oFWhzM-dJUGE_EYKdG5lS7Pi2k12Z5btO4krR7mX29JVQ0I84MVjNAnt71yvxFAKItu-vh70x8hEnrGxEw0htx5k-C_0yen5byuc4hAB49U67kFga8xfjSeQwgAvYCeM8MAft2-uh1MrW_pDQAnRU40p0s9BEw0miyrlZFIbya58hpfJcmAyYOfEofJa-mOkzujMO7kz9RfMXpVSvhLgayaarufzoWSePEGNOEUPr0XKaQQZ4IRNMLlnipiiWn22yGB9MJNDSanpEhjtjn8Jdc2HrgGIJHUsdBysahDNaSKnNmM_XbMecYd0vwa25v0OMm5efxaMhsSj7Gfg1zITGuh4qg-Smpqph7I5kvi3YUj2HlaueCQYxrpsc9RPIFGpli93kmg6-_uPKwYjui6UYNG3NISYGQsdkDxxpnVsrnlCXAcVD6WNW0y0BbYDwEqVtVyqtVb8X_A-XyS-nL6kn5GBX15xebvNllWFvRMsHbP_MxhjXZHS02VgzUwsUA54oPTEZqeDxEx5nZkIAB-KejZBm2qtJbwNvoDdmkKG_1viK8RE5OYjFcfwqfYY0DTuFCz4v_am6NBCup3JUeJ0KOGdZdT-WERD6JqeB9_m2AH-vbBpIRaT_pqjRQR50yd6FxNgQjRcyXKC2AgvAznPUlk9wzpJXbEPGsBUKG6OdvMycGUzxFndBM0dm6e2aou_tEgQT68LIkanSD2HOw--oco2c8P7oNYNeAQ77eVjX-TOGUhobn_6wn_4EWkhyPiZd3aaO4l0l0p-Vhn6tedyjvkW1YbkNQEEfUDBEcTP_Bb2qwG0ib1NwvfY7I7igc8ufbqrx0iNloVHklwZpO_L-Uk4fCC3YcEKfjCTskx5HU801aAvbDuysVpjQBhSlXuYZhID0fjSwPJQ3HNngo8_nEhrCiVR4n5gK8PYFXLk-RdJBPXz7kKuF1wnAZDYjGmayy-G4cZFG6ih0PmDseDb9caNfA_rWgOhbvply5uXAs4fFEblWFmcuHuHXFYXqXkyT9lzZ5i6RezbA1AAGkApI-5yBMb3ec_xOm_5vkxG1O3xeS5OOdJtCsZx3a6jsvPA7CIMzQKMRoMbnOXbUrOxitRbdzIVniJCmpeysHs6Ewg9dKyrvbOts-Bx7YaVyRVypxh-B9d0NQiAvW-abYXYxfJT699eEM8FpMl5-T3GE1hxJbO5rx88WoylzVTS7e0jHd-G1ovRKXtVRjr-sEKlIl5fzDXRWzYnN22j9XHntgu_urCCsVdhbT4gdVkLYtAAj0WYpJOh4Aed-zlp4uEyaKFoiOWe6aZuFS8aqbhA-QoW2uNTuVw_0i2GjbWNTK_8RDR3jHB7IId9zpyQy0LWGNDbO9PADeKhtOXuXHAhOcrUEBMUq6QxUH15gsxi1e6rxskFzytgD5Ewsj4imUaaaNUG97MRbfGQa7DSjgDlzYzIRJ_oUFRjayOQrH2PrlQ4i0GvWxsqDJlWP3WEjtlJekVbHeFVQIK1xbFi3f1bLQMGr7NPjhbsxQnckyOwa-mrSXUuIvrML1BDZSVCdu2bU44GffHFlHyqQrgAAwwAAWzkScgaIfGgze1kg4otExmuXMbjJL54CVf1EeUWbQsPXEwMLYoKido0546sCCH-9Iyidjc-lXAUsOH6qf5klG4bLwM9kxucnZTvUIicZsH-5ytwNPWuc0wsB9hwV33kQ2Lwt0X0ouM6YFKdXC2xNuvL6j_4cIfRlg2pCV37EtvMyBqWymtCkZqotlYjeoGesFE3YlzHbHAknCmuiVtF7Q_ZtYlPRYHmuM4irKrrX-ZRxAC_ZAPSF9a8czxIBsEXKSDO5JUFyU1JUouPpFJdKdfYSIFBt5BLYeUKx-f6MTqPeZYTrkG1KlSpXjLcEutHPFizD79dSDnYxgreBxxUt68x1xq0OL3FaiFeWrAnOk5UFhiaAoKVRlPOu5Q3DbT_Zx5MmFKgTyAT9moC6_nMjsFlJqqFy9QLaWC2iPSW25lN_QFZiNlP1ucSdqoG76eNhwsD9HxYj0g8q8j6gk3hibNzgd1b4m-hv5f31_X1ptRrZkhW2SYhV7F-yT5gCY0KaxXWToTnRBBAQeF7knhgytnAdGLUNKD7WSFVvNU3O8W_HGtQEXJrTjDi1EQlJ8VyGcIw7F4ep3WnMuHL1BpMEo17cPMJBtifZm_amUelGNB7TVVPbAZt9iN_BwfngmkVppZscNEMx6EAEiTjsIyxCQ_E-D75RFWSE2dv99trC-bmsEAw6nlF_jp05bpT9osHh4Aa7IbF74S13IY3ZBYdWMPX9oo7i36DE9L6NYMLD1fVluzAYRiFOJs5cZWXI04VJvgPqJ9YJhgZH1F0qYNJaMOIXqMqA15zPsJF1Ypc3efYPclQ2UMLoR85zDC74T7bk8_EPt9DDM5oXZp3961VhHQW41RGPOd1oq4Kzcvk2_T5_CpkTyXm4MWsIBvVw8ebxTKLmDpDsYn3Z2DecZhdIb68HiQu0DRvg3uc7jqOn_bICq0Ti3MAG7HTUJhwy3g_IKIEN-3pBom-tHM9TshF2Dgdsp6WUv24sUcL6dr0-CWoTADqsfapqZna0sqEGAdFzK5llJlcL3ril9-d6sySn4IksIj4pJuNTfZJ8r8n7NVrrerw3OTgF3y2lQ7g_hgpmz3opgUXamjy3oay7dMSwENMnRwJp8mPItsYHIef54UiB4Ejr7qz-0CLq5HJtI-Ux2pAqCj1iXy7afbyM0ftQvi0dZcRMxGwC1lzPwPKNfqd9vFH95wZUsC42uwfPts3MRuzFarpiWm3YnRsewOysJQPupFvcNPdX4c-F1YGikQ36tdY5tkvclPRF9gebzay-10mBBhaPc9tIJktzU4H5tnRcdbSmnXXzuxh7Fz_-4FmajLRyAq8tanLcO0gWCb1x3fSEkg0hyi5x8asm8OatePygSWKQzAAw3aAj2RG-XvFDL6jbg--J32OvudwzErecmLUCIr74u46StriWzw9L2JSMdHhZsUp3AVkU-wS8imKQ6vLE_2Ul1VwJeVOPHyctU_-W&cid=CAQSSwBygQiDYZSlKmgA2yRn2LiPLotgfzFFrqjI9-AvpPfvXGyVWGFAv1ZAkjbE1Mfyagumud7Cqp2-bHR9AJ-8T3iwVVd29QqogIog-RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=12534450208194193000&adk=943508955&idt=89&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 23D6 28 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 03:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 03:00:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 23D6 41 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:50:01 GMT

GET
DATA 200
OK truncated
/ Frame 23D6 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa1656b554306ee5c29052f56b07815ed62812f2d75963fe89d1106474d11cff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C2BF 119 KB
41 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Origin: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 02:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 23 Apr 2023 02:05:31 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame C2BF 11 KB
4 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWvL5ce_NczGElv-gdQ-0JgllAbL33qx-9OHqRSxafFEfrg7JHwChvpiADdk6H_Kww0yy0xFZic61fFrOmy0zVXGYWCHEGhmsRpmOn2xcwRfPwN5oHIwxeIj_sUTm88JJn6BvogqB6j159PDthlLqtBDBtJuyjJBjhQFmxjNpH8Ll7uqA&cry=1&dbm_d=AKAmf-BdZR1KuYc-HrXnM3603VoZksCNx5v0p9n8h_lYcA4JysyUq2BzpU-uXa5taDMawRedmPW5dcjOhuSng9GMv0euGBswoGZb_cSnwm2qbWCI3s6Jo1FVKONt1yI3vfB8tL90WahEPSHLckDVZzvbDgLPsJsPuteIWCXl1Vmh1Mm2REHxw1yZBaUfddbfnbdq907WqAIb8IW2PTsR9w-gkto8KzD0-uWekI3PqiR8JTb2h5Z_Zv3NAz1h4brtKpdEKOieldsLJuQTajBkS-AcsxHqVB9g74Qas6wba7KSTtNpKG4vV7i1_t8B3I241YHLZRK0RuZqCgnzt5WO_oM2JVsReVO-ppieJoijiCKs1-z1uloHsy2w-YU8kY44gpjtPjnm_oUA7deQIEPjzTqqTKKKhCcY53IPcNqLVHZdpGEZHlnBVB0aTmOiCEjHucJakAFiUIQly9xpACH4mWffYbO8lOLLvPn1Q7Zv2kVX_z1HEfoSAFEoJ7KQVmXAAviA1zwd3Q7GH_lmA2skhWCQJ32gMS6BxCqt-vTFcXQBDqSplksVm84FArOxxxuwpBUcjqPwMnBxJo0ls_VnZ0-irgC2AparoLMHliSS8kOpiSRqiNysOlZxLACimiSKVpYZu-GNjVgQGC-QdimjFbtL7nYibBMg_KiGWj8iSIB9tcyZoeb5Qj5SZqbijpjbEPOS5UX9irYXXpf6vyksntRbc0tzJpTD14INiRPyiFd29INrXaKIvGXZB2a9cEbJjHa35PRuc2rIJmOtaoAp6DfHWsFjPOvp_D4XF1SY4ZoOB9yslu8b8EE0SYlWtd8bR1tpeZR8RPLktD-0ygs-m3EM0dgAknVD3BsRCmmzELCivike_bwsVJpWB1NHSeOFX4RmgHLxYZHyxxieVHSUp7_bLDhCzd22WG44RPKTq8ZANTVgOKqHrTMZhgWS2vjt-gYUDfXB63Lf7MOgxETRSjxh93lBlV-VyypFShrf7iapeXwr5KFyrvyWGXE5gOGseOHt0vJKcSU3BDQuyAJpUkzTtvhWe_s1vg_lNseRFJzvmZYilhy7u5RYCp3XKDumLeYeCloaHSdZogpqujgrb39l1lXE2VinZw2dWLvzF3QwoaWNIvmi-ZV7_zKJv4zZhLGdJhBkq-tnVzc9GbkNwKTClRNXzWvrwU1mh6cijeYu1uOM3suoBM2MdS9RVad_fz4949-AOQ06HxVuuPnPmQhsQyLXDnXV6QEjoh-V0-_1ecRTnm2Oclr5_xRXPLa-NLljYysFQGv1Lo27IlOgEDcX_jnPp34PyoD5saMle_faLpkZKBeyadwWoE5-R3swvK1xLMGh_FeKNNFPAJ4NnC7w92J-d839yK2z_O49YkJmf4zIkGG6sXcdMJRYlEJd2VnMB9-vb3ts-1mB2EOGMcmjpyTAQl5mRWLggz27aszJF195aZZYK2B4gEIzWy07IWqUibx6tzq7C0YwQP6cJTLWHyI0t0rIX4UqT8Qq1QdaE8ugUBJrHiwYQXlPUQZvvvL_7j9GEGgSijGAiMKwNi9AB8RSujrhFK5WI4RtFlrNUreKkHp7sE-2pI6zGf2gGxdZl6PxBF1mcbyeUOPrCpKCE1GXoIbi3Bv8zWb8JbaG6wqJ7Vr2ADn8AEtRwd2OJm3ufDWbmVW5OmqiVFJOCIIzLggOGXtumZ_7CvYSJamSUOibmnV8soYRMK62iSFV9Ruz3kPkKOqEr8q7XlfiLiVxT9ggTQXOSMxq-CFDKaRFlkWx1qR7fKJh6CrZpFzxTOG6PbS2mn7Lw60VLVmCXG3d0eItFl3tn9bXECkj0RZiKe9PWpeUZtCnVWqG74WC6NDp7shKEl_X7mMHqf5ycdMkUutk7xjQzilU6b7fQ9uGZNL7rhoeN6H3eNiEng_l-Z_mvRi5L0stWFnQbD3FFLRpVWRIWF2hD3FPudcB4zsYwE2NOD_UtBzcj9ia6GjJU6AXzQv6gX3XjnuWf8wroPW-6dTABMq4TdbhlU80XTq02SPzL-v6H0J9esOkja13ABcYFZYQ9rdF9TDFvbCX4O2Vkrg2XnXOHkgjqkTntZ6kBbmCVFGZTxt8CtlK-iwDoE_1TKFyS1ZrAx0wOLBHEreT5zwY3yYMiSV3MdpH0eKNzDKoJyYcGFepvdIB6nsxWBZy2BgbTHeEciCmuGUnlUOxgAQBBiru8UUrGL4eV7VFegyAp7cn-WDQQXxYM7HCrRB1OwHHonGXoNqeyNqgLNMKF2fB9jMpunyxEWF7JOzhnNp8OivyM1jDxE3k5GPX8P8lv4tOTdzyBnOHY6e2aDsNR_ygbruauSpdxD_CfTEPi2ztigKlsX_-J0_1zAms6Ei39N6vkxG8AEKWM35Y3m8_MxCshE7J8v4r6bZ4FFXjEoMcwx3jwrxzsHcBg8jp9BvzahYPdfqFTpclQuvzqQWZvfpGXaoU19IlOYn7TCorDCP3APPcEe1zpe6qX74j8dH8ToRB3Dyqmmja-Zum9lXU27Uml4SMUihbFjkqCBKsJEQnhvBIuolz6ybW_5wJz5kUsLhrzqO6aJJqvmesyJExiZ-Y3zyltG2Uk2k9ZGa6pUkkUbSKuV2lNz3ypMlwVLwEHXZBtsdC4Hv8rUAOmHcJNChJuHQs10KmgTjM6dsPqD9l5o5gNknN8ULtDSQisEhfDwun0d8PsteM64d7NGWrXO4g77YYAZ_s5uFSawl7PN40qozaJzUtDLMnTJLt2X5Y1k7AkeRC_7y_rmPASZY7bX9IHk_x0kT3GNHLSzamLz_m9HQaoS6pgVlMHu520IOEVD-sL-Ow_oG-UzGt39T1ghWWEHQ-kzI1sFf1j_xCjoC-AL_iQyCowcZ3HWDNP_yDyueQr8bOq6E0S77YIQ9ysX2VyjmoBY08m3rYcWmHcb3uH_9taMSdJMz6K64i4a-Blqvc65ChEPdPENGEbwG_8abe_lpIJrI_Rd6pb4CYRsjryx5mB5hn8CHoJefkE1drevom9QLpZWCcLyFqhCYRZiY2xITIQ4RUNvND-c0QDLfLOhefAf3uhdzjdTMaYuCzCv9HL4l928i6U_sx8BZP1yXkcvC88wQK6dqgB7j9eTxZJrHsNAbHkF4zlJvjf2T8EXyj0FJl22X_HDpNgYXkfGznJHySaUyTd1MKv_jvPk2b_OEtCLoKowtpmW2Ckl9PSrUBug9t3VGAlbZWTvo7cqxkIVCdnlZd5Hh6rJQmVDfH6tsjllB5vIkzil76FZ9JGbaVW7przD-GOwwd-VZXPT76ZIy1HW04AnzxSId7gbQnxIdDjVWxtxoWpEls0I_B96y_ggW_ffJg4sRSQGlUTo4cQkIT_Lk7S-icY7WhJnhiGICjHhdVV_ZTgOKKqLhNv2cvuyVHIGyhLJr8MSs75Xbz_zZYcKL0Rje4lPurrCzbwWljCP9_SROTzkJi4ximjadv_LUQeg1OyYqeajfR8uK4fjVncJqO3G4BfO1Fpu6PG1f2L-FkztWh42ZYdUyAwZOh80-fIi9mUHhOeGoUU4gWMyWClqdYXNTEFFPEr90hTqrNKV9l3wKU5g8GOFYEiUW09Lfzlugc2HUl2VlW_QDktpA9138dG1TRN1TiW5kVWZyemstHbg5vG_e040dzb7p4NW6DfcTYtZaOF-zICF-KXCl9YXiZRePj5K5z9pVJrU1oXL_QSdRYz6pllfub9o3D7Ds1g7hdiqs9VjOeTgoz4RNy-WjReRZXsuJ4-yDtKs3CU1wDGjR_KSxETSoXozM0t5Z7WzDlEqmJ509DZD6ei9VYHkzo4f6qMOUYhMiJ5XzGaHiESdkwA_t_e-xBIAsrQrmUbA47-IBzs5OgflrIaNISoD-I2WFuOBUCqKtMe3uS0x0oDKiZRuvWGIvwiP_ZndwosXv6Fc4FsMnfqNoM2Bs6n0wkXF1zM4Q09BbhP5ZKS3YGKw6TmhovKy9ZsswEMRks-REFINYua2zTiIHvZbo1rbaUnuCEqPs2IbWU6t_ykrRCZBJN0BMHT0m-kHDx1l4dwxM9sdjoJJ31Anq3tJzHDg&cid=CAQSSwBygQiDYZSlKmgA2yRn2LiPLotgfzFFrqjI9-AvpPfvXGyVWGFAv1ZAkjbE1Mfyagumud7Cqp2-bHR9AJ-8T3iwVVd29QqogIog-RgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.neoldu.com%2F&ds=l&xdt=1&iif=1&cor=6550342877537863000&adk=3690638929&idt=184&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 16:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 16:58:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C2BF 28 KB
11 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 03:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 May 2023 03:00:17 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B5ED 22 KB
8 KB 35ms
35ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 185566
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:02:41 GMT
expires: Fri, 19 Apr 2024 02:02:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C2BF 41 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 23:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 23:50:01 GMT

GET
DATA 200
OK truncated
/ Frame C2BF 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92c8154d187c0e56ce0a319f00d97e97d6a31702dd61274fa34f80de629a9da1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6049e07be4b044a765374798
ng2.virgul.com/tck/imp/ 0
213 B 86ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/6049e07be4b044a765374798?g=1&t=gb&r=153789@site_geneli@neoldu:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1682141726809&userId=vnet2a316103-148c-4a11-a48c-36196833c2d7
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Sat, 22 Apr 2023 05:35:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9216032987385868200/ Frame 9594 6 KB
2 KB 106ms
35ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f91f15c294c0b5602aa75a6546b25bb250f299134292893e3c56f0d5549d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 237977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2482
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:29:11 GMT
expires: Thu, 18 Apr 2024 11:29:11 GMT
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 23D6 0
0 173ms
80ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRDmj3fx_mYgomk16QXg6xx9HwL5ce847Vz4A9bqCEeTzbLcMqJRZup5-RXOitqr5TKEsHUXB47AHPeHZtiA74aYU3NyybjcJjeoVH4uUYOxPlsOiKfu34jPawtHenltcVA6JaSUEH2w0LYKeSbZiKU_ltaKMGLBM4vQizuBBNcUSXrWeM-sltqrhwsK4xyCO_til6wWpz_yFz-NnYHuCT6BG_VQcTNWV_ZqBqu3cFRh7ZIEPUexQv5CMn93W55ZB4obMoliBolwvtVHaBuuacmPtzTNcLSgXjQFBGSNpaXsqfbEvqy46FPJN3WPTEaVnvgkh-LrYk1XMkfw6vKWzGCErVLk1CrZh4XnjD8xZlzVQAGac5pN8HTWqRAaZptvvAsP4oF8RJLx9Sxm-zPaFJ263oOS_RA0TDEJ1-TfXHHRqedVAciMUpm3g3oO9yn5sXucNvPCHFiyJX1zca0UERWxgFj-4i4C06s6Vp4aa_p97-LAv2NhfWHn6CPC6noiXl3oOiw6-wJsZa_ykm_jysgLEc8bxPNNqKMlsy4_YllmvSODykuenesQTuSMYhd06MZ-DNX4ztDPRUjaPU6GNdMjFT2nxciOiI3-txFbMB5_86DbVwdgWqZO7n0bW2kBttVMtwLSCxc7_NWDgze5BmlJolqxDTSk3y51_uPcAblh9m1XxFW1Nbp_34oNWG9eRdJOLOuJ4Uc5PiaZQcdyS9fwQjGmCXUG2gqepZyVFaK6wVKn9W_mHtyOGuA0uel_vpRQNgeKIZCLG5z7KSu0GMrABhWqFnIkMpvyZMqkXAvN12G-GnnNwAuNwLgJf8qHmb5ZHC6ptVLyAw45sMOtEmqshMgBuo5KvPo0ZiycPMx1m1DI0sybGg-9F5o7Phueyd_OSNlGyJqrs2d19NxD_yDPkNA-cF4giS2WS4f7eUhr5e7tvCB-QKDGyd1mOAp8hmSO23yEJfqp9-FyI5C4YUbiY9WnfP3ZHrYYPIcBtd8KZnjhWDdvHApGHiPYjqUOARP80EvlDNQHSBB3hrtgA2IOWkGZQbIAH49dsjlF-stHlIKkj03HnvRS4ARP918GTgoF1eC7q4ODP3qEGjtUrry8m6luTWknnlEKzj70c3P47l7ZI2T_VlA5CpI6LYos67FiXpOflbr77wzmr7cMp7FbEw5_m6BfqVaW_lTItjbSm2skTsHTdGDy8zwFAIzkHHHIK8Lnd6fA62RVQ-jAi-GMszjAH4iNVmm9emp2-8XMsWhFT_BHzqU8hO2MUkCb9rL7kJOnAxrFtoqzPNNhHLP6ZhXJ79P6GAO331lPJULDfQaq15Rp76m51wpC0&sai=AMfl-YTRtzRgedqCHukWIw9fLEgnWZ1s3DZpFwm6E1bzUgijBzq8c3iXZZn2CnfDTHhLpI1f7FUEOmr4grGCeJoj-jhbRMc2BNEuh7GnZD0TTBcDKNby0m6JvXEbE9PttldmTWh1XzHBT7L9mAwo_UZo5qhS8qJe_pu2kiETqxGTY4CEiiDfjLu3R355hSQHqiWkgnSHqJRuNLLw0BoFu-qSLlZEoMABhRKqI8kxVdGfku_RFke8kQwkD9oeuBk2RldjmMnf704v7Tgp9ELEGkockCSn3eliypeJ&sig=Cg0ArKJSzFL-F0ViMEc2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&cbvp=1&cstd=192&cisv=r20230418.15295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 05:35:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame B5ED 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 33C6 22 KB
8 KB 36ms
35ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 185567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:02:41 GMT
expires: Fri, 19 Apr 2024 02:02:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9216032987385868200/ Frame A2CE 6 KB
2 KB 93ms
37ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7f91f15c294c0b5602aa75a6546b25bb250f299134292893e3c56f0d5549d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 237977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2482
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 11:29:11 GMT
expires: Thu, 18 Apr 2024 11:29:11 GMT
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C2BF 0
0 157ms
78ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuD74zFutbBf551omArmfT1OtXmg7fJOHGpNQfxXc_p3q1_3xamd7i8pevi3gRscYdpxbLhxCT-dXBoppaEQ4Es3Sk0LgJ0Qh_FEWOvPq6gW6pRGH0U5ROqtXhV-i_TNQ6FB0-IGmw8tF-YaxsZkkegzp8kxknNbWPGbG5rZb0DxHgG0dosc5z6HshHjsAJ1Y-0agLG7wULCdhEVGiHU35vQFYaT5QX0liEvbPg5LihwKyxLUEwI0hwPpRXg-HSMeP0BXkYVYumZbGr79KmC3Fnn9ShNgFHyFE4bvl0-twJucPIuGyKERxxyx3a_dN9m4ljQT0xRlbQKwodf3yxE0RL6AIaQaKYUHNHzqFmNPhTjW4adPyufipVXbXWtL3H6gxA2dSlZ_HGikMcT8tq8UrrQAKcq7Ljc7wzMPdJfB225J6DP-vyvGHOFM27Dk9ADSt-t6CuTF_tqRY5XoC7yDxmHo5qhknk4EPVFTNpuR0K5Yy9NUXfbFc9LctymMhsGArBxzaaGPXPaz_edvuERyu7euUJd2ygSVq1dKYNQgWiC6x0Ep5yE8CKzF3LKh9xhdh58nkYeR3h3_fhnQP62B_ck5uznWLNtos1iLGD15Ev22VD0H4l3674T4UswEzajPjqgmW0klF2Tc69W5VDo4AZ0V_KVtzIjggSD3N8I8cKh4g4q1-req4h5yVYpD0ypfMw8BPF1NekVS8blVrHlI7kbjY5y_2iXIrf2XGPqhUZr_fJYhfo_syis90rQ06t92eCecJECUgviih3Dpgju7ThyQz2OjyyALULOTEmwIC6zBz4-wzU_4UdmSqSqqRAhl7PATYHN1O-D5Ir13LnnzPhP8ESdOE4C8ScdnaBdw0-ibqSim4vGjNIrT6fT9gtyRMN8EqTU6UVfeGeirYqcRQ94RQSGOczKaPjkZt1Z5PUFaSVSuUvSgOmRx0VHPu3frGlh8fbG7NR1O7GqiWXYItjirMtwmIDYK5Pgc1KEcM3Z5OhMVSwcsd9f5r6HENwpylGqEajCgFCoW7nSxjJRE2WBg6en8ytchay-u4o2l_mhvoKXBDSYRpYvlQMx266IVYKO-Ed2yUsxDv-hpZFCTZhyBxJp8OAzZX49eWZTZF-F_Gxr6ffsRhSgv79pyGE1N4OQxISuXfP66eZwjk-u86Y7NTjCa2kn-HDq2pjW_EktS0kwOJ2Dz-Sm-7prko4SyTuyHTqXKpWUAEAfeBLFpFOeyQudvvMzK-is1unCW3r7YG8SkQc_dGGknxjSbdI4Uznl5C7dfJbYsmfn6Sc0qapR_ewOMpbLjW8c1Z6QBjv0jafcf0GObzVznzVKrdEF3yZ&sai=AMfl-YTWFXHT1vXHFgC4GWgdGgDvsT8c6H39Nbb_wvCMsodyBhKrYjNhQ4z-yydE4InE78oG1wmquOPx3inu5_l0c9oLChd5B-A-HuXPNHATp6--cWTy6nVKeZAW2tp-bbn0-pWfbVmHuJiXv8307nQ5SOcMqwEpv2L8O3kpACAmqv2EmuRnPj51Twj-f6eHnQ7ZZ6dVmzcwT4Ig2D_OIwnh_epAs_YVpwElsqMATiTXvLu5oeA7RCitTTmYDr0iQu-VNPfP1sMwCGDdapg59IM13Bc_goWqL1lW&sig=Cg0ArKJSzH4YDin5gnSGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&cbvp=1&cstd=98&cisv=r20230418.38486&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 22 Apr 2023 05:35:28 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 33C6 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9594 236 KB
63 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 9594 7 KB
710 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6daf77b61e152369a6b812e2bc3398d1dc62dc78875d1e9fcf7dcfdadbefdc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 03:53:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 avoury-300x600.js Show response
s0.2mdn.net/sadbundle/9216032987385868200/ Frame 9594 30 KB
8 KB 36ms
35ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/avoury-300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5eb56fb7c2386d0425839fc9df8212145187d3858afa7129f1694ac7f7fd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7658
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 05:08:38 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A2CE 236 KB
63 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame A2CE 7 KB
710 B 46ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6daf77b61e152369a6b812e2bc3398d1dc62dc78875d1e9fcf7dcfdadbefdc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Apr 2023 03:35:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 avoury-300x600.js Show response
s0.2mdn.net/sadbundle/9216032987385868200/ Frame A2CE 30 KB
8 KB 35ms
35ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/avoury-300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5eb56fb7c2386d0425839fc9df8212145187d3858afa7129f1694ac7f7fd1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:08:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174410
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7658
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 05:08:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5ED 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4nA2H3JDZKjuLJTf3wO74YmABgAAAAA4AeAEAg&bg=!b2ylbDjNAAYfNdXmPzU7ADkAdvg8WlRFCIK8OGzbv5l5q4Am4jYGLBdw1UdEQB987Y2grftfvkpzUxG7NQS79YUcZhbfVwx_qQsCAAAATlIAAAADaAEHmQM16ckuSKpsLfjKUZk3n6WeMQNUi0enAa4EaY6Pnjt55xvWAubj8A5czVFDvtMD1f_xI2UxtNaOU-UYqXDjcC4wtsKb_L9XPzWSIBAg_gN5jbVecj0LO5uaFqGW5qvfobu94SAmisI9vXkPG3apHf95CxUHUT0_w8lUeBx9bMc64UI0tdiGFQbovi9QTtGYtthNBXVYj5iNtrvjNPiARZITID-MU7l8J0C9nzPf33BM67TyMX25HSZ7UThJtRu3hMy-2fNKF-hGFkqNBTgQ39PxLpC8ltwu00Hn1Nh4rk7OUPtg3Dtl-VUeGqEwjHehKPBZ0aQmd_D2BAFpwEygCUZS1QCcxn-4auiGt4tuNfsyDLL_uWMzz5wOJApygeFEXuG_BhWnh36UnZ_NzEVyDNFjo-1w5KSvLv2I-6MmTAjzCnmRsBuDNLpAFOH2Kaw2C8tB326eF1MtNyqT_BmXtwR6y4Ho-AjDK_HP8oZ2m7-ZJvRmY9WvgVLtn-CDcwFjEzkni0631taMxdLL0Ku6GRR5GYYligInhPCw9pmx8dqDBVhtck3NV44bChsNWqU9tN04y7BIpaNyn5y_utF8Kzj0PYs1IMCCPV3OKqxgeI3ZKwECMgpzKa-WjZYoGZLFOBvveIF8YD_89H6u3w6ExBbQ2MK7ytKLvaGF3J0irXNQGH-kzcPUkys5YBUQyNR9i_IWqu4B3paHTAi-Y6eN0cJ0xG6HG9lJUQEtbSxhUHihcH-Ga2jy0kR7tEhu2QHlbHczWUuZpUblgumF_6TRza8PByLOzYnLP1rOyxgUuEDbrcLZdBtcFvCVh4WK14rjkB1wlT8Wki4moikcnBLKHsEArERp_DeJqIlnhcvx4rmoOCN2qE4Ujw2aIbk-fPZUulQDxDEIFVzJTw5LzjhZcZqUelX1Ax2Oqsl-UetW7aW04GOy4XF9wjVOBhJkUU0eql0aJY9vY7iBwRRdjF0OtX9CkMnYn3VVGwJeXuptZGzLtQDyaYFGZJwO0Km9zEjU79knbN0I1ssEBRHzoHhNLi89gdEYuW-fzzAKczgKL1T5Zi79bM3V6aXa089BGspErDHfSUW1SWQ

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 avoury_300x600_atlas_P_1.png
s0.2mdn.net/sadbundle/9216032987385868200/images/ Frame 9594 34 KB
34 KB 36ms
35ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/images/avoury_300x600_atlas_P_1.png

Requested by

Host: 1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
URL: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6f7cca107978cb84f275a48ff65adb3b45ac87e0fe433cbf06dc4586ce1bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:56:09 GMT
x-content-type-options: nosniff
age: 164359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34838
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 07:56:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 23D6 0
0 73ms
72ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRDmj3fx_mYgomk16QXg6xx9HwL5ce847Vz4A9bqCEeTzbLcMqJRZup5-RXOitqr5TKEsHUXB47AHPeHZtiA74aYU3NyybjcJjeoVH4uUYOxPlsOiKfu34jPawtHenltcVA6JaSUEH2w0LYKeSbZiKU_ltaKMGLBM4vQizuBBNcUSXrWeM-sltqrhwsK4xyCO_til6wWpz_yFz-NnYHuCT6BG_VQcTNWV_ZqBqu3cFRh7ZIEPUexQv5CMn93W55ZB4obMoliBolwvtVHaBuuacmPtzTNcLSgXjQFBGSNpaXsqfbEvqy46FPJN3WPTEaVnvgkh-LrYk1XMkfw6vKWzGCErVLk1CrZh4XnjD8xZlzVQAGac5pN8HTWqRAaZptvvAsP4oF8RJLx9Sxm-zPaFJ263oOS_RA0TDEJ1-TfXHHRqedVAciMUpm3g3oO9yn5sXucNvPCHFiyJX1zca0UERWxgFj-4i4C06s6Vp4aa_p97-LAv2NhfWHn6CPC6noiXl3oOiw6-wJsZa_ykm_jysgLEc8bxPNNqKMlsy4_YllmvSODykuenesQTuSMYhd06MZ-DNX4ztDPRUjaPU6GNdMjFT2nxciOiI3-txFbMB5_86DbVwdgWqZO7n0bW2kBttVMtwLSCxc7_NWDgze5BmlJolqxDTSk3y51_uPcAblh9m1XxFW1Nbp_34oNWG9eRdJOLOuJ4Uc5PiaZQcdyS9fwQjGmCXUG2gqepZyVFaK6wVKn9W_mHtyOGuA0uel_vpRQNgeKIZCLG5z7KSu0GMrABhWqFnIkMpvyZMqkXAvN12G-GnnNwAuNwLgJf8qHmb5ZHC6ptVLyAw45sMOtEmqshMgBuo5KvPo0ZiycPMx1m1DI0sybGg-9F5o7Phueyd_OSNlGyJqrs2d19NxD_yDPkNA-cF4giS2WS4f7eUhr5e7tvCB-QKDGyd1mOAp8hmSO23yEJfqp9-FyI5C4YUbiY9WnfP3ZHrYYPIcBtd8KZnjhWDdvHApGHiPYjqUOARP80EvlDNQHSBB3hrtgA2IOWkGZQbIAH49dsjlF-stHlIKkj03HnvRS4ARP918GTgoF1eC7q4ODP3qEGjtUrry8m6luTWknnlEKzj70c3P47l7ZI2T_VlA5CpI6LYos67FiXpOflbr77wzmr7cMp7FbEw5_m6BfqVaW_lTItjbSm2skTsHTdGDy8zwFAIzkHHHIK8Lnd6fA62RVQ-jAi-GMszjAH4iNVmm9emp2-8XMsWhFT_BHzqU8hO2MUkCb9rL7kJOnAxrFtoqzPNNhHLP6ZhXJ79P6GAO331lPJULDfQaq15Rp76m51wpC0&sai=AMfl-YTRtzRgedqCHukWIw9fLEgnWZ1s3DZpFwm6E1bzUgijBzq8c3iXZZn2CnfDTHhLpI1f7FUEOmr4grGCeJoj-jhbRMc2BNEuh7GnZD0TTBcDKNby0m6JvXEbE9PttldmTWh1XzHBT7L9mAwo_UZo5qhS8qJe_pu2kiETqxGTY4CEiiDfjLu3R355hSQHqiWkgnSHqJRuNLLw0BoFu-qSLlZEoMABhRKqI8kxVdGfku_RFke8kQwkD9oeuBk2RldjmMnf704v7Tgp9ELEGkockCSn3eliypeJ&sig=Cg0ArKJSzFL-F0ViMEc2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=437&vt=11&dtpt=242&dett=3&cstd=192&cisv=r20230418.15295&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 23D6 7 KB
6 KB 77ms
77ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8942d5da5232d53aaa426d5277bab9e102d041f54e6b3d09eb3aa8a6a41c4ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5715
x-xss-protection: 0

GET
H3 200 avoury_300x600_atlas_P_1.png
s0.2mdn.net/sadbundle/9216032987385868200/images/ Frame A2CE 34 KB
34 KB 35ms
35ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/images/avoury_300x600_atlas_P_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6f7cca107978cb84f275a48ff65adb3b45ac87e0fe433cbf06dc4586ce1bbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:56:09 GMT
x-content-type-options: nosniff
age: 164359
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34838
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 07:56:09 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C2BF 0
0 72ms
72ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuD74zFutbBf551omArmfT1OtXmg7fJOHGpNQfxXc_p3q1_3xamd7i8pevi3gRscYdpxbLhxCT-dXBoppaEQ4Es3Sk0LgJ0Qh_FEWOvPq6gW6pRGH0U5ROqtXhV-i_TNQ6FB0-IGmw8tF-YaxsZkkegzp8kxknNbWPGbG5rZb0DxHgG0dosc5z6HshHjsAJ1Y-0agLG7wULCdhEVGiHU35vQFYaT5QX0liEvbPg5LihwKyxLUEwI0hwPpRXg-HSMeP0BXkYVYumZbGr79KmC3Fnn9ShNgFHyFE4bvl0-twJucPIuGyKERxxyx3a_dN9m4ljQT0xRlbQKwodf3yxE0RL6AIaQaKYUHNHzqFmNPhTjW4adPyufipVXbXWtL3H6gxA2dSlZ_HGikMcT8tq8UrrQAKcq7Ljc7wzMPdJfB225J6DP-vyvGHOFM27Dk9ADSt-t6CuTF_tqRY5XoC7yDxmHo5qhknk4EPVFTNpuR0K5Yy9NUXfbFc9LctymMhsGArBxzaaGPXPaz_edvuERyu7euUJd2ygSVq1dKYNQgWiC6x0Ep5yE8CKzF3LKh9xhdh58nkYeR3h3_fhnQP62B_ck5uznWLNtos1iLGD15Ev22VD0H4l3674T4UswEzajPjqgmW0klF2Tc69W5VDo4AZ0V_KVtzIjggSD3N8I8cKh4g4q1-req4h5yVYpD0ypfMw8BPF1NekVS8blVrHlI7kbjY5y_2iXIrf2XGPqhUZr_fJYhfo_syis90rQ06t92eCecJECUgviih3Dpgju7ThyQz2OjyyALULOTEmwIC6zBz4-wzU_4UdmSqSqqRAhl7PATYHN1O-D5Ir13LnnzPhP8ESdOE4C8ScdnaBdw0-ibqSim4vGjNIrT6fT9gtyRMN8EqTU6UVfeGeirYqcRQ94RQSGOczKaPjkZt1Z5PUFaSVSuUvSgOmRx0VHPu3frGlh8fbG7NR1O7GqiWXYItjirMtwmIDYK5Pgc1KEcM3Z5OhMVSwcsd9f5r6HENwpylGqEajCgFCoW7nSxjJRE2WBg6en8ytchay-u4o2l_mhvoKXBDSYRpYvlQMx266IVYKO-Ed2yUsxDv-hpZFCTZhyBxJp8OAzZX49eWZTZF-F_Gxr6ffsRhSgv79pyGE1N4OQxISuXfP66eZwjk-u86Y7NTjCa2kn-HDq2pjW_EktS0kwOJ2Dz-Sm-7prko4SyTuyHTqXKpWUAEAfeBLFpFOeyQudvvMzK-is1unCW3r7YG8SkQc_dGGknxjSbdI4Uznl5C7dfJbYsmfn6Sc0qapR_ewOMpbLjW8c1Z6QBjv0jafcf0GObzVznzVKrdEF3yZ&sai=AMfl-YTWFXHT1vXHFgC4GWgdGgDvsT8c6H39Nbb_wvCMsodyBhKrYjNhQ4z-yydE4InE78oG1wmquOPx3inu5_l0c9oLChd5B-A-HuXPNHATp6--cWTy6nVKeZAW2tp-bbn0-pWfbVmHuJiXv8307nQ5SOcMqwEpv2L8O3kpACAmqv2EmuRnPj51Twj-f6eHnQ7ZZ6dVmzcwT4Ig2D_OIwnh_epAs_YVpwElsqMATiTXvLu5oeA7RCitTTmYDr0iQu-VNPfP1sMwCGDdapg59IM13Bc_goWqL1lW&sig=Cg0ArKJSzH4YDin5gnSGEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=332&vt=11&dtpt=233&dett=3&cstd=98&cisv=r20230418.38486&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.neoldu.com
URL: https://www.neoldu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C2BF 7 KB
6 KB 76ms
76ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

975b4102b9c14d150e4b173cdd446ade7f7b699c0de392c90d1cd9795ba91150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5599
x-xss-protection: 0

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 44ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1682141728271&v=https%3A%2F%2Fwww.neoldu.com%2F&r=153864@153994@153924:neoldu&userId=vnet2a316103-148c-4a11-a48c-36196833c2d7&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.963868727005073
Requested by: Host: www.neoldu.com
URL: https://www.neoldu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Sat, 22 Apr 2023 05:35:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 85ms
85ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc39c9a08a3ce85922042f0437e5c59c19e32b6fcdf8b3e9bf7e83b7eb43c215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11200
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 33C6 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc-coH3JDZIS6Mu2G9u8PtPOs4A8AAAAAOAHgBAI&bg=!HR6lHkrNAAYfNdXmPzU7ADkAdvg8Wl7wW1o6PD5B0e-0NUz7kDoZDUvhrEJYaMui3UMvNf1KXASI69fRR-yjusjmIgISv5PxYkkCAAAAV1IAAAACaAEHmQMgNZW_JyzThw_KUT5aEjxkU_U-JK9SaJLtfPZJnb1m7pfk9keSrnd7xNeNulD70BFAkHJx2YOeie21QU_-rgoHBIVg1MpflaDlEIsFk3t9DQPJ3wqJV7mfDqBgXasUih8HQoZ5Xe_AM-eIFMw4ljhPQ32e-MgHDpVuElb0TPC1h-2xFPsFXLyjP71Et6XE5DIjSlx7TJ3Bk5ZEK-1ys-TlCdoxCBpbAzHOZNFQpvEcLu_uL_-DKu0BM2PNsaXX1eFjQJ89FQy6BdEj_p8p0nHn_C00zbw3DzYIJhmXvgajS9bvGgZ5HkAKa_AEFmlEEEJV7vOo6k6qMv-FwVIamAgzMx3C7S5mFaAvuOmDXe9dm_c3LVGPHRXuRSfz3Fc633bJJ6TK5wLHvxUmDoiZg39tPgh2Zhh6Vsu6j4-dPHO6Lqhkg06Pz9sxLrMa5hWyrTZJeUJcO88XdYJ_uR54V6pJmMBzPcsVjFhhjpFg0YJyWSLjS35JEuhQRNTgMtvUAe1tEzey-2ZEhL1Q_WROM9Q79IBQOaNfzStmcht_9Pa5elerdLTOMh7MOa3V-TqS45UwSJFNItlbUooPzGQoajBVUuh5K1hfnoYc70t-n5qrAevNqNpRcLSZzba-Gmcvw4iat_enm-REycwls_X5dKydzcGEBBw9EKvkIyUF5_5PH4p04B3vhf6C091BV62QNnMjtLOxtdF8eVa9I5s0mM21bJroLHnXKozdC-4HVS7hBo_8YWRc5ADbrR_GzPvfA5gBk1dwuK8VzOdp8mu2SfWOTMwfuqaKCTw_UsyJEN6_C6Niecvd-HwbLri-PIdZqaV4sTbLeWz0MXRDcDPTp9YrUGC4qFt1cKStIVhgvGjZrfpwhKYiZPOiR1tgWDyV6O08g1qxWqIWCChxouK7UsB1CwR7d2LVKunyZK4eA2w1hdN9vDjC_E7Q-MUlJetCw1O7tl9i5Nw9oPQ9HX5KS2OJ1O3tSBbS4BqDbpzcvBY7xjkyI_2xbGTyRMt7TgtVpRkprXQMTtcN14j2tLWebnUbAg62nlDwoYxOKB21ZfmNNG0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 avoury_300x600_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/9216032987385868200/images/ Frame 9594 96 KB
96 KB 36ms
36ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/images/avoury_300x600_atlas_NP_1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40706b6073ee0670ca97887bac19974a557ff5ab1f1b177016b35b052d275e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:12 GMT
x-content-type-options: nosniff
age: 358456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98031
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 02:01:12 GMT

GET
H3 200 avoury_300x600_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/9216032987385868200/images/ Frame A2CE 96 KB
96 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/images/avoury_300x600_atlas_NP_1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40706b6073ee0670ca97887bac19974a557ff5ab1f1b177016b35b052d275e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:12 GMT
x-content-type-options: nosniff
age: 358456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98031
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 02:01:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 23D6 17 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C2BF 17 KB
6 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304180101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 05:35:28 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8545 36 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame E306 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9594 15 KB
15 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 185436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A2CE 15 KB
15 KB 35ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 185436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A70 13 KB
5 KB 35ms
35ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 21:24:43 GMT
expires: Sat, 20 Apr 2024 21:24:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 38B3 783 B
1 KB 125ms
46ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cea5f48ec0ca403dd4ffa7119ccfdc006cf7f29006f4636896e1c979cf03d844

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0VoJ3fa0gr0gvGU62rL2KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-0VoJ3fa0gr0gvGU62rL2KA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 05:35:28 GMT
expires: Sat, 22 Apr 2023 05:35:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A70 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 38B3 0
0 72ms
72ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304180101&jk=1585927202109702&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4A70 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IMTEpQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 6049e25de4b044a7653747ad
ng2.virgul.com/tck/imp/ 0
213 B 44ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng2.virgul.com/tck/imp/6049e25de4b044a7653747ad?g=1&t=gb&r=153791@site_geneli@neoldu:site_geneli&l=&c=%2Cas%2Crc0%2Chf1%2Cvv1&info=&mt=1682141726809&userId=vnet2a316103-148c-4a11-a48c-36196833c2d7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Sat, 22 Apr 2023 05:35:28 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 23D6 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHaIzVa_cTlLpQq2e7lhDoxfE6yvWwq7_rki59md-lTxOYhIBdsLZVQLGQgJQenGBsZQ5wRvUF6m_ikAzIR0l3-rov2LRjDN5rqv1GvhrSzYyacI6cITc-8MaHQ3IShT25fA0dMA&sai=AMfl-YQpLk4BOEkp4r79YvdI_PRty0IlvcJyNw1BtsQC781GgwijwtPTmco-pkitvT1PhP57nTEFHzrOgbrpZpNV7FvuUZwUQstyAz0x79x4YSO3CEuttYNvQLVVns69VnIE-kAWbESGBHud794r&sig=Cg0ArKJSzMTbnpfhzBAYEAE&cid=CAQSSwBygQiDYZSlKmgA2yRn2LiPLotgfzFFrqjI9-AvpPfvXGyVWGFAv1ZAkjbE1Mfyagumud7Cqp2-bHR9AJ-8T3iwVVd29QqogIog-RgB&id=lidar2&mcvt=1000&p=80,214,120,255&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2285532191&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682141727553&rpt=358&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304180101&jk=1585927202109702&bg=!fH-lfyvNAAYfNdXmPzU7ADkAdvg8Ws0yNMG5xGlmFmH9NpB8Nxs0dqbhct0t-_0hTEWbbdvrIwn7986II5FnzNbhXhQJgDIylDkCAAAARlIAAAADaAEHmQLc54-fMSQZrEBdnfKCUa6mPP-1vuXxFJg9sp1B3vlTWeuqAXlGsMv-R3fV24JviZ4880dfJV1I8EFIO1pkRLrSwlmsuWBnhIjGgyCDzU-JwFs1-NqWtSq5wnkczOLO-22pOrJr0B_l1toY0GgcyNDZtGmr-j-qjbID8ejJB8GS0hikKSGSJ_MecdFUVn9KkkVLe_p3AkdBGvv2NBpcrgX9cAQkm6bo-q2Jln1qHCZlRkxgMHcYjB54V1lhnqVWNR-x9hhEyrkxD1bbmV5-nefUHwxFDYxJyubLOr8gbFt0ATxkXDLV1BdgkASSqo42qAUXlYJwBtfFaW-VSUCZ-pyqnVFN8c7tjkAGyORLlvs-JJvC0KYq4jsWR7g78WpZNrfkuYpEuNo_TeskgvnpO9fqDjKQjwzdGjS8aLkW9XlFUbUkclX1bsk7q5UKa44JklHUQzL0OCBIoj5j9UjaUAv0R6eaXgL4uD4M78_zvoqJtG7vRRwwXpg6Y7WrAQhOLiZJn5cFMCXn3qwLptq03HtClpGmaMQu-HGo7CeLlil-F_VUJ6Ok254OLgU4w2Ops-NzQ2dZo4Dpqk24DklRaHteLry2Enf_Biq8_WNHAr_d1Tj1hVIzICngVqpv5sEdPPYcPon_IOemGOqnBrZfM4igK13oj2GONrSAimywqnwDxwdpsaqe2A4ATw12b0H6--nOS1X9SWRGYq-kSBOrHsJPreZhOcO21Y2k0WbHnp2pHJ8nJKYz24JbsUDieaTQhFGI-YNbfXo5kTtAxy7hVv42Ig6Abi3BHW_vNbom9qRVpMp85Xsjts_O5iZB1TXnzRDgA7LT8SDLu275VeoHXrUQ8vDoW4C-YfFCQ6PREauqnJd8cAR_rx12hcOAHguqYZnCFXbjg-59xB0MHDHrT0RYAC6T4_zBGswt_rxKJ8aqAexApJ6TWMwyxI3xybzo-9rcDB4Sd_KgNAOoLe1B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23D6 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4229641909906&version=m202301230201&ct=119&x=1&cor=12534450208194193000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2BF 0
20 B 72ms
71ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9426118115323&version=m202301230201&ct=119&x=1&cor=6550342877537863000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 charter.woff2
s0.2mdn.net/sadbundle/9216032987385868200/ Frame 9594 53 KB
53 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/charter.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:14 GMT
x-content-type-options: nosniff
age: 358455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54205
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 02:01:14 GMT

GET
H3 200 charter.woff2
s0.2mdn.net/sadbundle/9216032987385868200/ Frame A2CE 53 KB
53 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9216032987385868200/charter.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9216032987385868200/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:14 GMT
x-content-type-options: nosniff
age: 358455
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54205
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 15:18:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 02:01:14 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9594 15 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 122422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A2CE 15 KB
16 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 122422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 6049e07be4b044a765374798
ng.virgul.com/tck/i_vb2/ 0
213 B 45ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/tck/i_vb2/6049e07be4b044a765374798?l=&r=153789@site_geneli@neoldu:site_geneli&cs=1682141730085&userId=vnet2a316103-148c-4a11-a48c-36196833c2d7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Sat, 22 Apr 2023 05:35:30 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
390 B 106ms
33ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: c6bec6f9fabfb8a72f59cad1baa0fec31b2c4d9971e7e3cb3358ad19267ca83e

Request headers

Referer: https://www.neoldu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 22 Apr 2023 05:35:30 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.neoldu.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Mon, 22 May 2023 05:35:30 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6B2C 52 KB
17 KB 39ms
7ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 22 Apr 2023 05:35:30 GMT
ETag: "623de86a-cf34"
Expires: Sun, 23 Apr 2023 05:35:32 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8AC2 281 B
554 B 33ms
9ms Document
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: static.virgul.com
URL: https://static.virgul.com/theme/mockups/outside/prebid7.38.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.neoldu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 22 Apr 2023 05:35:30 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8AC2 34 KB
10 KB 7ms
7ms Script
text/html 23.56.202.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-202-187.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0fd3535f391deb349dc7f8d0df54c665f439de6aed4ea111bcf10cfccfe80069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Sat, 22 Apr 2023 05:35:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 22 Apr 2023 00:28:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=68002
Connection: keep-alive
Content-Length: 10019
Expires: Sun, 23 Apr 2023 00:28:52 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6B2C 0
863 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:30 GMT
AN-X-Request-Uuid: 43fa0551-5dab-4ee6-8ccd-a3bcc843518b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.187; 185.213.155.187; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 zoneview
ng.virgul.com/ 0
213 B 44ms
44ms Image
text/plain 185.7.176.221
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ng.virgul.com/zoneview?c=&mt=1682141731272&v=https%3A%2F%2Fwww.neoldu.com%2F&r=153798:neoldu&userId=vnet2a316103-148c-4a11-a48c-36196833c2d7&tp=&os=&call=&vd=0&ses=0&dim=1600x1200&l=&y=&w=0&ext=,as,rc1,hf1,vv1&info=&ref=&rdmt=0.3670345009166911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.7.176.221 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
Software: openresty/1.15.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.neoldu.com
date: Sat, 22 Apr 2023 05:35:31 GMT
access-control-allow-credentials: true
expires: Tue, 04 Jan 2022 10:49:40 GMT
server: openresty/1.15.8.3
content-length: 0
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 8AC2
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=lKnxaG7mTByC2prrp_FNxw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lKnxaG7mTByC2prrp_FNxw

43 B
479 B

111ms
111ms

Image
image/gif

52.46.130.91

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lKnxaG7mTByC2prrp_FNxw

Protocol

HTTP/1.1

Server

52.46.130.91 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZGVCJ4ZG3583T1017NB4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=lKnxaG7mTByC2prrp_FNxw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8AC2
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/w6hmmFxHDBPKs-Pmi_GsKcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fbCjFvtE2oJuATgnX7TBdNrXbiZ4SefEDSHKRA--~A

0
239 B

9ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fbCjFvtE2oJuATgnX7TBdNrXbiZ4SefEDSHKRA--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 22 Apr 2023 05:35:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-fbCjFvtE2oJuATgnX7TBdNrXbiZ4SefEDSHKRA--~A
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8AC2
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU0YzRkZjY2YzY5NWJhYTBjYjgzMDMzMjBkMzE4YWM3NWJkOWRlMA&us_privacy=1---

170 B
232 B

46ms
46ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU0YzRkZjY2YzY5NWJhYTBjYjgzMDMzMjBkMzE4YWM3NWJkOWRlMA&us_privacy=1---

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OWU0YzRkZjY2YzY5NWJhYTBjYjgzMDMzMjBkMzE4YWM3NWJkOWRlMA&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8AC2
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdSSlIzS0YtMTktMUxDNQ==&us_privacy=1---
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECIBul-Al-teyfST2t4hSl4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSSlIzS0YtMTktMUxDNQ==&google_push=

170 B
188 B

49ms
48ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSSlIzS0YtMTktMUxDNQ==&google_push=

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdSSlIzS0YtMTktMUxDNQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8AC2
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uT8WYiRhSNmV2z1Mg5gyMQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uT8WYiRhSNmV2z1Mg5gyMQ

43 B
479 B

37ms
36ms

Image
image/gif

52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uT8WYiRhSNmV2z1Mg5gyMQ

Protocol

HTTP/1.1

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 05:35:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V8QA34AQKF155HCEHKBR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=uT8WYiRhSNmV2z1Mg5gyMQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 8AC2
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGRJR3KF-19-1LC5&us_privacy=1---

0
649 B

186ms
154ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGRJR3KF-19-1LC5&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:31 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 933B30B531FB4A81A9712107F97932DA Ref B: FRAEDGE1421 Ref C: 2023-04-22T05:35:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX55iRhHGOygjiUk832yQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGRJR3KF-19-1LC5&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 8AC2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJCybRYcMomzRIa-dk9T18Q&google_cver=1

0
239 B

54ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJCybRYcMomzRIa-dk9T18Q&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 22 Apr 2023 05:35:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJCybRYcMomzRIa-dk9T18Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 8AC2 70 B
264 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 22 Apr 2023 05:35:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 83495.jpg
d.neoldu.com/news/ 13 KB
14 KB 21ms
20ms Image
image/jpeg 2606:4700:20::681a:628
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.neoldu.com/news/83495.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:628 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 528e81f33f86a1900e5e4a32c83acd48d439c193964dae09590a892c0d294f34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.neoldu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 05:35:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 341855
content-length: 13810
cf-bgj: h2pri
last-modified: Tue, 02 Aug 2022 12:18:32 GMT
server: cloudflare
etag: "62e91618-35f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=widNNtVjuEaZvwd0FufHy%2FJyrxNX26VBYKEgJIBsLoq4a9kLZ7znX7bZL32bKa7Xa40NgGL%2B7OmPLYUDC5UGqLPVbzFjnbMpNmE6RkTTzeXBs4Buqg7anXwiNdJoHftfVRh1%2BA7h1bA4ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7bbb80fe3bbabbe3-FRA
expires: Wed, 17 Apr 2024 06:37:56 GMT

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.neoldu.com/	1969-12-31 23:59:59	Name: CMSesId Value: lgofsi9ah59hodmksv02l2j18k
.neoldu.com/	1970-01-20 20:51:41	Name: _ga_8XPP9T2J47 Value: GS1.1.1682141726.1.0.1682141726.0.0.0
.neoldu.com/	1970-01-20 20:51:41	Name: _ga Value: GA1.2.953317964.1682141727
.neoldu.com/	1970-01-20 11:17:08	Name: _gid Value: GA1.2.32885835.1682141727
.neoldu.com/	1970-01-20 11:15:41	Name: _gat_gtag_UA_97203200_1 Value: 1
www.neoldu.com/	1970-01-20 20:51:41	Name: pId Value: vnet2a316103-148c-4a11-a48c-36196833c2d7
www.neoldu.com/	1970-01-20 11:58:53	Name: _pbjs_userid_consent_data Value: 3524755945110770
.neoldu.com/	1970-01-20 20:01:17	Name: _pubcid Value: cde58e75-94ef-4395-bce0-c97343865683
www.neoldu.com/	1969-12-31 23:59:59	Name: TAPAD Value: %7B%22id%22%3A%220fc7c0a1-d2d0-4e96-bd2f-c238899a4791%22%7D
.rubiconproject.com/	1970-01-20 20:01:17	Name: khaos Value: LGRJR3KF-19-1LC5
.rubiconproject.com/	1970-01-20 20:01:17	Name: audit Value: 1\|naVuGyos1qpGAAuuznuAYj5APvdogVCbaTd6KyMQnau+SmvwaNDOns+FT4sAqTtOu8Akc1ONJ9NfA39e2oAwm8xuhZpbWKLtns3gOkhwNIk=
.neoldu.com/	1970-01-20 20:37:17	Name: __gads Value: ID=779023da93576c07:T=1682141726:S=ALNI_Man8-CseAbzD8ypPwWQukAnC3d36g
.neoldu.com/	1970-01-20 20:37:17	Name: __gpi Value: UID=00000bee1b17ff14:T=1682141726:RT=1682141726:S=ALNI_MZsW5nX4OVZfPcPP2ap-Op-vSUimQ
.doubleclick.net/	1970-01-20 20:37:17	Name: IDE Value: AHWqTUk18YovMw1QXqIRjdVbq6yx3ggcAwHrCRvp77V4-QN0pyBp8CwXdWn3E5oz
.casalemedia.com/	1970-01-20 20:01:17	Name: CMID Value: ZENyH7X-F-Nuc1VdfddzTgAA
.casalemedia.com/	1970-01-20 13:25:17	Name: CMPS Value: 3309
.casalemedia.com/	1970-01-20 13:25:17	Name: CMPRO Value: 3309
.adnxs.com/	1970-01-20 13:25:17	Name: icu Value: ChgI5MdxEAoYASABKAEwn-SNogY4AUABSAEQn-SNogYYAA..
.adnxs.com/	1970-01-20 13:25:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVVe=ac5!]tbPl1M>e)ZlrFUfJ+tGXxpCDyr]0BDueS8`PZ(DB<C1@M1UNYZUiXbt4QlbpRzqF1`b_i52y<9
.adnxs.com/	1970-01-20 13:25:17	Name: uuid2 Value: 4544909658658962684
www.neoldu.com/	1969-12-31 23:59:59	Name: nonpa Value: 1
www.neoldu.com/	1970-01-20 12:42:05	Name: -unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-04-22T05%3A35%3A30%22%7D
.yahoo.com/	1970-01-20 20:01:39	Name: A3 Value: d=AQABBCNyQ2QCEIzaI--FEUQx-9dve4d2O9cFEgEBAQHDRGRNZAAAAAAA_eMAAA&S=AQAAAunMH07FbwQQ0yx0eOQgvTo
.linkedin.com/	1970-01-20 20:01:17	Name: bcookie Value: "v=2&7888c235-d8b7-4aad-8287-9fe76a3a71d0"
.linkedin.com/	1970-01-20 15:34:53	Name: li_gc Value: MTswOzE2ODIxNDE3MzE7MjswMjEr5y8aaVpIb8RJ/Obw+TR+2Dy/Hjwa2hEJf8T6TFUVfA==
.linkedin.com/	1970-01-20 11:17:08	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2930:u=1:x=1:i=1682141731:t=1682228131:v=2:sig=AQH_zGtJJnUJ6GyiV7Y9qnQYBBhfuW8H"
.amazon-adsystem.com/	1970-01-20 17:21:27	Name: ad-id Value: A_ioCZsbhEc0q1ktWRbvQVA
.amazon-adsystem.com/	1970-01-20 20:51:41	Name: ad-privacy Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1e6313d12692150d9d0b7a9e23732bfa.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
c.amazon-adsystem.com
c1.imgiz.com
cm.g.doubleclick.net
cpm.programattik.com
d.neoldu.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
match.adsrvr.org
neoldu.com
ng.virgul.com
ng2.virgul.com
pagead2.googlesyndication.com
pandg.tapad.com
pghub.io
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.google-analytics.com
s.amazon-adsystem.com
s.neoldu.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
static.virgul.com
stats.g.doubleclick.net
token.rubiconproject.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.neoldu.com
13.224.192.181
142.250.186.66
15.197.193.217
185.7.176.221
185.80.39.216
185.89.210.90
2001:4860:4802:32::36
23.35.236.188
23.56.202.187
2602:803:c003:200::51
2606:4700:20::681a:628
2606:4700:20::681a:8a9
2606:4700:20::ac43:4a79
2620:1ec:21::14
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9d
2a05:d018:d29:3602:bc92:520b:1528:ac03
34.102.243.38
35.241.45.217
37.157.6.253
52.46.130.91
52.95.122.74
69.173.144.165
85.111.6.48
05b6b1a584d46b13278a6ca8669bb3c321fc89e695389974c4f44e4d3659a628
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07012b7bcf822eb25eeafcf2f3e5c2971ebf48b274714b75485eaa4a2b185178
08584929d2a355cc7d75498e6041e7ad31c9431dd13e42e17ad7ed7d7a2965a6
09244740f4a5bf8ab1aa815df2f809d370c932e5c5e977221091acbee7b66570
095ba29495364b521a5fab114a388f194f4b050d97498e717583d5d37d93d36a
0b00354bd7ede951fb667e6d45787c1940bc038d6552cf1bb364d366eba15fba
0b29697868cd68cfd1b5650054cc96ea755016b3242bd26469cdbd4e4f6fc18a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e78436512d3969dbd84e01c3253b0262b1e7e6fcbec0f7c9c2896e9dcb75466
0fd3535f391deb349dc7f8d0df54c665f439de6aed4ea111bcf10cfccfe80069
0fd3dbfbd4e59c88ab5073a45a7f31a96443db557342f6e42bd897441034ca93
10d335d975f17b078fd495876dc5dda990703f103bf18d240a950474df9dc3a5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18ad503c8aeaeb63ae14ea7190d971243d946e4f4ca4c1e8393f3f73d6dd93c2
18fae8dd3100c633bdd50b2b58a346f1d2341a397dff7a603993bad225c06bed
1ab5250bf9b1da5eabd02999fd5e9eecf0bd7418d24e3677ebef8daf99e33322
1b21c27a05f4fd46c9e98efa3cf7b0253dd317ce5fe94522dbc6ef539020be8d
1b60531f76684817e380366295fb5f58ca4cd89682243a81be9cdc226d18bd8d
1f6a22a28d2927a5365fd9d975e3c08473a397a4aeecc9cc4ee9f8abf07ef78b
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
2af1b8e91e1ea0f27fab2f6bac1dd1d81867b7a2a8d7cef1084fa39309e0ac6f
2c09b01417cdaade6c48d24f1ad8a6dfd78aa943318974846a6f8ccc31b03a87
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
2e4fb86cb9b97c6dfafdcbaa990b79dd5952613799ea5838a6f720289c094112
2e6f7cca107978cb84f275a48ff65adb3b45ac87e0fe433cbf06dc4586ce1bbe
3151e33d06603419c364949fc9d2644045fea83bd9580886fd5388cbff467e36
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34a0aac1b882ba83f81bdc47d986abb8997184daee7c170f63a57f13655666ee
359ff5ffdf78b3e3f761dc984cd8c84556f857306341fe22c1a963179efa0959
39803f2f02b91a0a1e354b966601db111c3155e553d4005330ee6a2d38bdb2fa
3a4ab387a8bff4052837f004ea8c973a4891d6b3ec260989b6c4d7be8d20bf0f
3a5eb56fb7c2386d0425839fc9df8212145187d3858afa7129f1694ac7f7fd1a
3bf48016240e2a08d327f70eed169e186b2fca957544ed5c02e9b7c6c9af7d94
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40706b6073ee0670ca97887bac19974a557ff5ab1f1b177016b35b052d275e35
447ed0185376decd1dc6056b5d2e56532d0ffce227322407f7740aa45d8b062c
44b8de7028607384002ffbf1be71a0d9720fa4e8798036d82f0fe5d41c7bf929
44df2ee1589ed5e1c1da6ebb98b94a80f2d46e3973afcc21ec769798d7e0d983
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb2dcbbcce33e23312cee09996a4169e43fcb14e7bd2790c990f5ca4d82dbcf
4e0903de78ea8971fdf6a9dc18f63015245d450577829138abf0edd423bd26d0
4fe824a33666fe428e574fccb8175724f674fa7e0acf76cf3a41906b9ff1c0e9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c474874da5159b2645455115d24c4bbaace5fffd7c5f092cab29507f128765
528e81f33f86a1900e5e4a32c83acd48d439c193964dae09590a892c0d294f34
5562a02b2f95fafb46e48209900dc304947798be3f92a3d31aaf313fbf75dda7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59ade426e3163096a165233835a791fca9c1b7df5a2e57a717512564085e17a0
5a6467f49716af22548568a19067a2ada865ad243c1deb4456004e274ae807c8
5bfc5621b4b01dd38028d5bfc55a89434b0b573e2e33b9261223abfc5291515a
5fc9e10c0e73e076a343f9d2f242c30efb2ac8cc271c2ee3a37374e255a90b3d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463a8285a9c7d54fde4f62d247208584a061d3a0028a516ec3b902164256306
66ba1e911e11afe7dc1f9aa5b3cb944261e7a7db22c06fe8ff391123f6aaed2c
6740ed7cacfb43c0884b461f80c29bbace03ec1d5a06834825b9865163a8566d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
6daf77b61e152369a6b812e2bc3398d1dc62dc78875d1e9fcf7dcfdadbefdc35
6dce53542d32f32ba56c695b156e844916a71f73a7a824613edbd3de95015363
72f2d36899a4ac37dc1f8f7cbbdb8c9ace07cb8ad853b2072d9577ccc44d3773
76867b3f148c7af846482f837830549d430d1bf31f29a66ef239b79e4604090c
77ca4c270f48b38660943c6fc9ca944de6a52d1bff10bb98dabb4e12012ca560
79c55ad98747f09576b28d1b22a330511a29640075aa85246a0f6141d00cbfa3
7a740b611a45258b64c1c6b44a4a3005ca696e7fd1ff571c46fe06b5ea833624
7bee3eb18ab9737d3893abd9969a1986e7764daf027346107e04966f075b5ada
7d396dba345334365f3c4a95ac610112fd90c2d8599f45419da2a4c1c82483de
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
831997ce334905a4fc3c7f0673c30bd34701f9810d87b19335aea228804ae38a
8323a5d3c35f557999853f79e81131cc450f4832bf9bbe26add00abd0c6b53a3
8343f1e2b72304b989d03b348058acf35ebcff6f0df2751df7cfcd09d5ec101f
8401d5a22470c24ec58164470fd14360853b166d846772e5af6827913e22c78c
8410d287a2aa8839dade3ad3ac8bc1de5725b385e055f9c75fe0b6c154548a37
875ca4905886a4624b06b39f62ab571328ebb52a3ebe245a02559b58fffdd030
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
885c6b0b1d8a8f4508e924b7a6e8b7a95533201420bee1b72f0e5cea97d7d510
8942d5da5232d53aaa426d5277bab9e102d041f54e6b3d09eb3aa8a6a41c4ffd
89efb9fb3ff1b1758822aeedab183db9036cd860cab286670a0b7284f32f8874
8b18a857259a705a842cc2a41cfffbea62400997ef90653de4f075b2ec6b9fc4
8c3e7ebd042535c8b0c62ecf313a479512997a1f225137391fd8095439c7e956
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbcdb7efb1c3ceccde4dec40c04a14fda79fe5e33c0db39eb74053aabb2e8f3
92c8154d187c0e56ce0a319f00d97e97d6a31702dd61274fa34f80de629a9da1
92fadda48554f092ef63c7dfde30b0908fbe9e4aeb50326f0f025aacf7744dba
975b4102b9c14d150e4b173cdd446ade7f7b699c0de392c90d1cd9795ba91150
9fa54ab76eba77a3dcd2d8ee1c407b3718e2408ca71956dd37628fc376344f7e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a35e5c1b2d49ec29744142ee8c59bd18c961575bf232f8237b6f62616d464975
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a70594cc269274fef3002ddfa982854975b72d5d1b06c2c7683de14649592c04
a77871a2d0c71a16aecadd8cd2f9934d2cabef8fc089f3978a75dedc66943cc5
aa1656b554306ee5c29052f56b07815ed62812f2d75963fe89d1106474d11cff
aa7bb64ec06fc6358400a0a0230cf6e052d67e2abf5906480f0533de9a4901ec
adf85afad5150d09843ef2698c6f1f780d5b5389a97f205c7149582859b11631
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b089c97cc6036148c830e5097f7e1406c2b56c028a596fa4a912b054107cc33a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6f8f506f1f34ff6f96d4485a2c0d8f218e6e066c68decaa6545f0feead030a3
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bd29d64976cf24d279d394f90e21ae38920273c4e7fb172f846238d4758294d8
bd81384f187e42628894eed4bb384acd8209a3980c45c3ab285ac154f28bf9a0
c1a6bed1007f6856159c3d2d4c4817da4565c267724e0c0679aac1bd778d2be5
c1dabfbfc921009aa403677a1512c042e21418e7368d97013f4f1272fdb2041c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c65df2e1f238caeb22b2db1f3e3ca029f2b308b3a4e6f988c5ac676154f13c80
c6bec6f9fabfb8a72f59cad1baa0fec31b2c4d9971e7e3cb3358ad19267ca83e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbac95d112623d2e319645346f205572e684a88cc57345e4af85874a36cfe5e2
cc81b2a3f6d2a76a6019c848712b31233a157bf11fbb4b24600fc9070c7d367f
cccd1dba2361724375bfe0cc75deac06ac94758f9ee3b39b3572a92e91120e8b
cdf2ebd796ac6537d97c4cca1b9723122bea6253736f35617aabec4a223274a8
cea5f48ec0ca403dd4ffa7119ccfdc006cf7f29006f4636896e1c979cf03d844
cff57bb539a961e5816127eb4b662175d6a1c92917effe0f943de85c35911101
d4169599c22d0e443c36a20c80cdbd56c314bcd84802f90f638e4c8e820f283f
d5a242ed5318e0d42e90a94b6e4733837e236f652a7b11535a48533fb3c1d6f5
d9fd0aeda423bd39a36871759ef7b17dab3d51e5981cd5839103f990b8b9ef60
da721476bce09d79d6d4a096c48a7be6a4858499b4d3921a3c6b0119627803ab
ddbe31e8c0f756f29d4662d86114a4a407cea9e69573c403e3e2ff3365b7cd7d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3f86e8cb9abbc7c08d77f3d0b9a74eb950a97edd59710f2020e8b1b2e7a241
e183dfed35d6921278c39359a5d34fbb9dfaaf4f990ec6d210a7217a95e897db
e259b02b58967b572d806292de37f887f5073e8384423f624d1d8bd1ff795e63
e272e56ed022741f1cc064654096065d5d8344de451fcd258ff132f0fa379057
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f91f15c294c0b5602aa75a6546b25bb250f299134292893e3c56f0d5549d39
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e98e64c3761840bfd7472e7697eaaf68ec6bc2518d0ab1b4c845417023d6334f
ea808dabbaba0b295d7a7bce33fdee9471a84ef352c6769b97cd27b41be66d5e
ec7588f7d30cb393afac850acef7260344a723ff995ae9ada87265176d6e5127
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ee1c1926d637bd71d964044d9e488530e5edd1e6068fb2d43d648d964f79a50a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20750504def8caeee1474d01af5de38dfcb5bbd4190ffc438745d312225c6f4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc39c9a08a3ce85922042f0437e5c59c19e32b6fcdf8b3e9bf7e83b7eb43c215
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

www.neoldu.com Open in urlscan Pro 2606:4700:20::681a:628 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

218 Requests

93 %HTTPS

59 %IPv6

25 Domains

46 Subdomains

37 IPs

8 Countries

3286 kBTransfer

7426 kBSize

28 Cookies

5 Outgoing links

Page URL History

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.neoldu.com Open in urlscan Pro
2606:4700:20::681a:628 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

93 %
HTTPS

59 %
IPv6

25
Domains

46
Subdomains

37
IPs

8
Countries

3286 kB
Transfer

7426 kB
Size

28
Cookies

218 HTTP transactions
2 data transactions