neotogas.com Open in urlscan Pro
116.202.101.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://neotogas.com/
Effective URL:
https://neotogas.com/
Submission: On May 07 via manual (May 7th 2021, 3:51:31 pm UTC) from US

Summary HTTP 136 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 23 domains to perform 136 HTTP transactions. The main IP is 116.202.101.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is neotogas.com.
TLS certificate: Issued by R3 on March 8th 2021. Valid for: 3 months.

This is the only time neotogas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	116.202.101.196 116.202.101.196	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:d60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	138.201.84.252 138.201.84.252	24940 (HETZNER-AS) (HETZNER-AS)
1 2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.113.221 18.194.113.221	16509 (AMAZON-02) (AMAZON-02)
6	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3	16509 (AMAZON-02) (AMAZON-02)
1	188.138.57.20 188.138.57.20	8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1)
136	24

34 116.202.101.196 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.196.101.202.116.clients.your-server.de

neotogas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cointrendz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cryptofastlane.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:d60 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.117 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de

hal900024.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.113.221 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-113-221.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.138.57.20 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: loft11016.serverprofi24.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	315 KB
32	neotogas.com 1 redirects neotogas.com	726 KB
23	doubleclick.net 1 redirects googleads.g.doubleclick.net 5994599.fls.doubleclick.net cm.g.doubleclick.net	96 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	174 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal900024.redintelligence.net	10 KB
5	googletagservices.com www.googletagservices.com	169 KB
5	google.com 2 redirects adservice.google.com www.google.com	774 B
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	highcharts.com code.highcharts.com	114 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	759 B
2	google.de adservice.google.de	921 B
2	google-analytics.com www.google-analytics.com	19 KB
1	contentspread.net cdn.contentspread.net	77 KB
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	agkn.com 1 redirects d.agkn.com	759 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	642 B
1	cryptofastlane.com cryptofastlane.com	20 KB
1	cointrendz.com cointrendz.com	26 KB
136	23

	Domain	Requested by
32	neotogas.com	1 redirects neotogas.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net neotogas.com tpc.googlesyndication.com pagead2.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com neotogas.com googleads.g.doubleclick.net
12	pagead2.googlesyndication.com	neotogas.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	fonts.gstatic.com	fonts.googleapis.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	hal900024.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900024.redintelligence.net
4	fonts.googleapis.com	neotogas.com googleads.g.doubleclick.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	adservice.google.com	pagead2.googlesyndication.com 5994599.fls.doubleclick.net
3	code.highcharts.com	neotogas.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	5994599.fls.doubleclick.net	1 redirects neotogas.com
2	www.google.com	2 redirects
2	www.gstatic.com	googleads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	neotogas.com www.google-analytics.com
1	cdn.contentspread.net	hal900024.redintelligence.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	neotogas.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cryptofastlane.com	neotogas.com
1	cointrendz.com	neotogas.com
136	30

This site contains links to these domains. Also see Links.

Domain
www.binance.com
cointrendz.com
neo.org
twitter.com
docs.neo.org
www.coinbase.com
play.google.com
masternodeguides.com
kucoinshares.com
cryptofastlane.com
thorcalculator.com
ontcalc.com
biboxtokens.com
nulsprofit.com
fusionstaking.com
nomics.com

Subject Issuer	Validity	Valid
neotogas.com R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
cointrendz.com R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
cryptofastlane.com R3	`2021-03-08` - `2021-06-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
cdn.contentspread.net Go Daddy Secure Certificate Authority - G2	`2020-07-08` - `2021-07-08`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://neotogas.com/
Frame ID: BA75CBA4D1996FBA96224576EA4A3067
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/zrt_lookup.html
Frame ID: 9F72DDC014559D9E0B402DDBFF38C48A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200
Frame ID: 6B98E9C5BB524F4442A319129DDFE110
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211
Frame ID: 94AEF0C8C42626343DA95E7B39EAE81B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216
Frame ID: ABD3A0AEB5D83280A4799BE1275DC66D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&adk=2020088507&adf=637443794&lmt=1620402673&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fneotogas.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673200&bpp=1&bdt=262&idt=210&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280%2C730x280&nras=1&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&dtd=215
Frame ID: 23BB537EE1DD291C0030CB18A10A86B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14
Frame ID: C0682037EE7F598254A2E4E231966BCB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1454778927&adf=3562298215&pi=t.aa~a.2276820088~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&to=qs&pwprc=5635080185&psa=0&format=1200x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=0&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0%2C350x280&nras=3&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=D2jbXeT4uG&p=https%3A//neotogas.com&dtd=18
Frame ID: 86B4FABEF3D246C6FF276C2AA788DD2A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html
Frame ID: 7788D552CA9B55D3592D4792CD1EAB02
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C-zt98WGVYJ-sGqeDwuIP58ScqAvU2LWsYpu8rPL0DdLfqN6sIxABIP-yujVglQKgAfjg9PoDyAEJqQInac7ENj20PqgDAcgDSKoEpQFP0LNElHlByL1RQHANuztOSlSRoyJegXihofPv7b44hyI-WBP1cORIUDdPQLEtw2KRqquTIBK4Uw-Eb8jPnlrTL6n0kO7oPJ3KZDUaiynF7EkOKmkcDkP6c9R51IYWK0DDDLbE2d88LuV2Fihu7c2XvU9JQ7L9Xuw_0Qaceb81yjeCZN9YLbAKbPVeZS9HY5_IekR0fzso7T0NPLWvaBfDPm3Nu7nABJn9jPu5A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfwnosFqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMqkENIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi03NTUwODQ2NDMyOTg2NDc1&sigh=mKrPqKMyt_M&template_id=419
Frame ID: 7F04D03659B69FD83A854A611341907A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4D06F22B1924D4E19C02B34933583C5C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 291DC0B7D184652403225FBF34628FB6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CvTaZ8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEowFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKV9bi3uW0w0eXAvfV10x3zgEVDgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNzU1MDg0NjQzMjk4NjQ3NQ&sigh=54rIVrp3iWc&tpd=AGWhJmtaH7TSpp6wgpRz3smYpkqnTNr09a3ifF6oz-3_nlOVH8hz2KLmgyqWGAnN9Eqfv6v8ne_rONzuYZlj6Uo-T-QnOTfW-i4ARo2u6kDnEhT5Q1kcsCdMH_nwdORlyzxfY4od_yrD37mrEDeHQI4WyTXuAlsWrE1-Bo_4X94Y6nIaH1A6HTonx_dmIuA6S49lQSnzR2lXweHZP9hB7LUY5lesXFpNz9gfF1VCUDKxeSYcPuOAlLhebbmMzEKcVAZxET3xt-C1S5bFpaWEFzpL7tRYT8VcAjsvb-CqXGSZOdwSVfIzCgn9XSUal8NqWW_n7OLELoe6RgFyXizkIAZDDq4NJE0mRQDgmFUyp3c3VIj_A8NjGR4gdYjwqB4K23P3XaQoc_BRx2WwwP9ctwQWT2XT1fHZAm8RUvPzp1x-9wmIA2m1iUpAa9EDsLWEDGRbYP-G4qD_JeGfUKKcXkMyPW7oB5jHil0NqE2kgqYoYIGhkIIBufSCfLBHnPZR3A67EKevHw9CVxJ5RiOGnXDgNiWZ_Jw9zrVrm3vfjfQ7aCs4HTrk3OhSZCTXLE0Kgmye8wuyQJG0TQZ1Kkwdx_3HOGAiSFR0PCXLKmOt0v8qqPUptTBhsrASY-4LGVBOLzF-B_mHgck2bPgOpRB6woBLPoWADZsldHo5f_p6kV3Nf_Sz36tXx8_T8hbcra8HiW7Kfk1Tiq6T1RICrXSqozU_BkMnaZP6_h53ZVYcYpUJePNWwvQyFxk7ayctDYdYdUeK3saRO4T2RSYKDQLNhLY0RLFoLQExNZfVgdpoDuD_LlS6SyWssJy5Xx_uARvUfQ1J36wELBjftPSwxE5DL27DrGvjlgcHo43X7QYs2DwvKT4EfFPZn9uTtlGUerd2mk9pFGAGpPdpjcaKwyFns1GDlBl_1TicTDy8AQ83IkPMjji_xUnwRsqtXAleR5gzDEqE3F9aY3epNsxnBaVjAgm6r4PQm15CthmNR0EkhvJPfq_f_72wAM-va1CKObugx2C0tOI1BjKxNt-X-GlYYkDtBP-j19A
Frame ID: 05150F8915084998CB12A1E4611278B8
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js
Frame ID: F139CEAFFF5FC21C16700392EF940A6C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js
Frame ID: 9037E2422571B4F93A743504E64257D1
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662
Frame ID: 51868220A59D5E8302A6F2737976047D
Requests: 2 HTTP requests in this frame

Frame: https://hal900024.redintelligence.net/request_content.php?s=41277100183304700951407011587024&a=728da373
Frame ID: 5631564B209DF75A4B1CE0E3EBFBE726
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F34AE405BF84CBD2B1C5FDD51471FC3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DD0A6A2FD53400C872303ACBF9B75121
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://neotogas.com/ HTTP 301
https://neotogas.com/ Page URL

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

script /highcharts.*\.js/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

136
Requests

100 %
HTTPS

52 %
IPv6

23
Domains

30
Subdomains

24
IPs

4
Countries

1750 kB
Transfer

3282 kB
Size

7
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.binance.com/register.html?ref=10765057
Title: Buy NEO/GAS

Search URL Search Domain Scan URL

URL: https://cointrendz.com/?refer=neotogas

Search URL Search Domain Scan URL

URL: http://neo.org/
Title: Checkout NEO.org

Search URL Search Domain Scan URL

URL: http://twitter.com/n1njawtf
Title: N1njaWTF

Search URL Search Domain Scan URL

URL: http://docs.neo.org/en-us/
Title: here

Search URL Search Domain Scan URL

URL: https://www.coinbase.com/join/570a4a91ba9020708d000331
Title: this

Search URL Search Domain Scan URL

URL: https://twitter.com/n1njawtf
Title: @N1njaWTF

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.neotogas.android
Title: here

Search URL Search Domain Scan URL

URL: https://cointrendz.com/
Title: CoinTrendz

Search URL Search Domain Scan URL

URL: https://masternodeguides.com/
Title: MasterNodeGuides

Search URL Search Domain Scan URL

URL: https://kucoinshares.com/
Title: KuCoinShares

Search URL Search Domain Scan URL

URL: https://cryptofastlane.com/
Title: CryptoFastlane

Search URL Search Domain Scan URL

URL: https://thorcalculator.com/
Title: ThorCalculator

Search URL Search Domain Scan URL

URL: https://ontcalc.com/
Title: OntCalc

Search URL Search Domain Scan URL

URL: https://biboxtokens.com/
Title: BiboxTokens

Search URL Search Domain Scan URL

URL: https://nulsprofit.com/
Title: NulsProfit

Search URL Search Domain Scan URL

URL: https://fusionstaking.com/
Title: FusionStaking

Search URL Search Domain Scan URL

URL: https://cointrendz.com/login/?signup
Title: REGISTER TODAY

Search URL Search Domain Scan URL

URL: http://twitter.com/neotogas
Title: Twitter

Search URL Search Domain Scan URL

URL: https://nomics.com/
Title: Crypto Market Cap & Pricing Data Provided By Nomics

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://neotogas.com/ HTTP 301
https://neotogas.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 118

https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8455551117454877582%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_cid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%2526client%253Dca-pub-7550846432986475%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7550846432986475%26output%3Dhtml%26h%3D280%26adk%3D1476225515%26adf%3D620701383%26pi%3Dt.aa~a.1190370842~i.2~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620402673%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5635080185%26psa%3D0%26ad_type%3Dtext_image%26format%3D350x280%26url%3Dhttps%253A%252F%252Fneotogas.com%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D292%26rw%3D350%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620402673540%26bpp%3D1%26bdt%3D602%26idt%3D-M%26shv%3Dr20210505%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De842e75d48d1f6a5-22a27053cac70029%253AT%253D1620402673%253ART%253D1620402673%253AS%253DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ%26prev_fmts%3D970x280%252C336x280%252C730x280%252C0x0%26nras%3D2%26correlator%3D6808970091124%26frm%3D20%26pv%3D1%26ga_vid%3D435181497.1620402673%26ga_sid%3D1620402673%26ga_hid%3D986420614%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D815%26ady%3D3359%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530671%252C44739521%26oid%3D3%26pvsid%3D3342033008610378%26eae%3D0%26fc%3D384%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DjGPOiiSFnq%26p%3Dhttps%253A%2F%2Fneotogas.com%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneotogas.com&random=5082759025275&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8455551117454877582%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_cid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%2526client%253Dca-pub-7550846432986475%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7550846432986475%26output%3Dhtml%26h%3D280%26adk%3D1476225515%26adf%3D620701383%26pi%3Dt.aa~a.1190370842~i.2~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620402673%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5635080185%26psa%3D0%26ad_type%3Dtext_image%26format%3D350x280%26url%3Dhttps%253A%252F%252Fneotogas.com%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D292%26rw%3D350%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620402673540%26bpp%3D1%26bdt%3D602%26idt%3D-M%26shv%3Dr20210505%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De842e75d48d1f6a5-22a27053cac70029%253AT%253D1620402673%253ART%253D1620402673%253AS%253DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ%26prev_fmts%3D970x280%252C336x280%252C730x280%252C0x0%26nras%3D2%26correlator%3D6808970091124%26frm%3D20%26pv%3D1%26ga_vid%3D435181497.1620402673%26ga_sid%3D1620402673%26ga_hid%3D986420614%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D815%26ady%3D3359%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530671%252C44739521%26oid%3D3%26pvsid%3D3342033008610378%26eae%3D0%26fc%3D384%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DjGPOiiSFnq%26p%3Dhttps%253A%2F%2Fneotogas.com%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneotogas.com&random=5082759025275&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 119

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662

Request Chain 124

https://d.agkn.com/pixel/2175/?google_gid=CAESEPVmiSwXUxmThjrFacfTsoM&google_cver=1&google_push=AQvitULgI2prmqxz8eDi7bXR8-lSRly6rW2X9wtC-z0gVW2yaTSW7ria8E0lxyqF-eAeZfo-kv4CHSGAZRuCS0wwAUjf9yjd1g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULgI2prmqxz8eDi7bXR8-lSRly6rW2X9wtC-z0gVW2yaTSW7ria8E0lxyqF-eAeZfo-kv4CHSGAZRuCS0wwAUjf9yjd1g&google_hm=Q0FFU0VQVm1pU3dYVXhtVGhqckZhY2ZUc29N

Request Chain 125

https://rtb.openx.net/sync/dds?google_gid=CAESEPw5EYo3RBhk9ZjS8NcMuOY&google_cver=1&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEPw5EYo3RBhk9ZjS8NcMuOY&google_cver=1&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g&google_hm=kadXYsbtwssPYbnXxKEpuQ==

Request Chain 126

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG7zohsxm0A8iW-e26yZbLs&google_cver=1&google_push=AQvitUI0g1UT_S0nZxWcjVccVU8gLk_rjcscZ2xRCw2td1Caxk5GbQRVTAkVS9joVyXZKXiVd9340YS2VNzMVIGr5VkcJfKn6Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG7zohsxm0A8iW-e26yZbLs&google_cver=1&google_push=AQvitUI0g1UT_S0nZxWcjVccVU8gLk_rjcscZ2xRCw2td1Caxk5GbQRVTAkVS9joVyXZKXiVd9340YS2VNzMVIGr5VkcJfKn6Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AUP9Ewh4Tzm9mgnJH-SIVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI0g1UT_S0nZxWcjVccVU8gLk_rjcscZ2xRCw2td1Caxk5GbQRVTAkVS9joVyXZKXiVd9340YS2VNzMVIGr5VkcJfKn6Q

Request Chain 127

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEio-_pIFYsgn4KKU8EhcOg&google_cver=1&google_push=AQvitULcy-_tTYSZrGzM3qT-fIKfXKmx7szhKV1teo1e0AQDIJ6Hxus36o7Bg6Hr_aWljo5lgJe_oTCbri8z7-I3t6dJeo0Z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09FSFdYUlItMVgtOUlGQw==&google_push=AQvitULcy-_tTYSZrGzM3qT-fIKfXKmx7szhKV1teo1e0AQDIJ6Hxus36o7Bg6Hr_aWljo5lgJe_oTCbri8z7-I3t6dJeo0Z

Request Chain 128

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw&google_cver=1&google_push=AQvitUKmnteaUABLHW7slUiG59ZClZ8JwDhxBNHlUNCiytgpfi0ZcnL-i3tFfBesw7SYWLUFLDM6MR5k1H5B5snX1kVhImvFIA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw&google_push=AQvitUKmnteaUABLHW7slUiG59ZClZ8JwDhxBNHlUNCiytgpfi0ZcnL-i3tFfBesw7SYWLUFLDM6MR5k1H5B5snX1kVhImvFIA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJVh8ip90ZVjyZsLajTI1AAABJ0AAAAB&google_cver=1&google_push=AQvitUKmnteaUABLHW7slUiG59ZClZ8JwDhxBNHlUNCiytgpfi0ZcnL-i3tFfBesw7SYWLUFLDM6MR5k1H5B5snX1kVhImvFIA&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw

136 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
neotogas.com/
Redirect Chain

http://neotogas.com/
https://neotogas.com/

34 KB
9 KB

43ms
17ms

Document
text/html

116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: e3c001b2f4048191366258f1bfb1af4538f63945a9c0c09b8c055d08fdd699a4

Request headers

Host: neotogas.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:12 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8657
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 07 May 2021 15:51:12 GMT
Server: Apache/2.4.38 (Debian)
Location: https://neotogas.com/
Content-Length: 307
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK bootstrap.min.css
neotogas.com/vendor/bootstrap/css/ 147 KB
20 KB 28ms
26ms Stylesheet
text/css 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "24dd4-5625be94a54d4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 20030

GET
H/1.1 200
OK font-awesome.min.css
neotogas.com/vendor/font-awesome/css/ 30 KB
7 KB 53ms
22ms Stylesheet
text/css 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/font-awesome/css/font-awesome.min.css
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "7918-5625be9490cb4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7053

GET
H2 200 css
fonts.googleapis.com/ 3 KB
648 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 14:09:48 GMT
server: ESF
date: Fri, 07 May 2021 15:51:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 15:51:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
553 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 15:42:06 GMT
server: ESF
date: Fri, 07 May 2021 15:51:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 15:51:12 GMT

GET
H/1.1 200
OK jquery.min.js Show response
neotogas.com/vendor/jquery/ 85 KB
30 KB 52ms
20ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/jquery/jquery.min.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "15283-5625be94bfab4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30138

GET
H2 200 highcharts.js Show response
code.highcharts.com/ 286 KB
93 KB 59ms
40ms Script
text/javascript 2606:4700:20::681a:d60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/highcharts.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135a1f40a8c161adc54bc7a8bb06ba7a2539e4071d470e0fd4c144e9a1dd9b99

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9616
x-amz-request-id: EJNCPBAE4H0JFDGP
x-amz-id-2: mdPeVm0epI/Kk/gCFMgzCWHiZxNK4njxLejL+Sl4JaFeeMEBuZT2X3I6yz53/SFUGDUHkhzHxDY=
last-modified: Tue, 04 May 2021 08:48:21 GMT
server: cloudflare
etag: W/"fe661c9c9df00dbeb1ecb4a0370b252b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x60cyEM2%2FQc5B0VsAK7ADj2dofINVn6TZ9oEY1kx7syTQlNwyXjg5delVRWO0pxK4fAXjQRQRILYINGl37GDVL4xjrdrF8nFv7MIIh6RCV0337L5QI9Lb8TkW%2FdcWtcy"}],"group":"cf-nel"}
content-type: text/javascript
cache-control: public, max-age=86400
cf-request-id: 09e91fad3f00004ea40005c000000001
cf-ray: 64bb9bc1fed14ea4-FRA
expires: Wed, 05 May 2021 08:48:05 GMT

GET
H2 200 highcharts-3d.js Show response
code.highcharts.com/ 48 KB
14 KB 53ms
34ms Script
text/javascript 2606:4700:20::681a:d60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/highcharts-3d.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aeee6894c05e9c63dcd11efbad887da82d2477e9bb3537ecf5a18a84e63a84f8

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9602
x-amz-request-id: DJMDFQKFKX9BCVR4
x-amz-id-2: 7M+H9dan/Fgc8QwiDAYMBke4fmiQWjE9C9QWJwIazwNgf/9gcKX2A9ANBCTXSaue6sRtmo3Smc4=
last-modified: Tue, 04 May 2021 08:48:19 GMT
server: cloudflare
etag: W/"f9315734fd9b2fc0466f7eb79ed85876"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o3NJCIvNS3uFDl1IyNwhwIt9fas32qWBYH%2B3%2F%2Fb1YF2NlG4npBP4iJoqxuh5kR%2Fv2GPRX%2B3qjhsLJ5Vbanjl0RzRICzWVRjEB%2BFmhtdwyGxTlRFp6%2Fcuq%2FI%2FVW0OjOC8"}],"group":"cf-nel"}
content-type: text/javascript
cache-control: public, max-age=86400
cf-request-id: 09e91fad4000004ea4d33ab000000001
cf-ray: 64bb9bc1fed64ea4-FRA
expires: Wed, 05 May 2021 08:48:05 GMT

GET
H2 200 exporting.js Show response
code.highcharts.com/modules/ 17 KB
7 KB 56ms
37ms Script
text/javascript 2606:4700:20::681a:d60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/modules/exporting.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 903a400a62d36a8d2eb46acd08321c0ed337d3008c4dfbd873cfe255dc798824

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9615
x-amz-request-id: DJM0B4KBZCTFP1DJ
x-amz-id-2: PBxO+dZ6Uy5UX3MQ7+K40eeiz48i8PDm0EDycktCAeWAbakgbuhW/sXb6KWaGPLndWGfqSLCXk4=
last-modified: Tue, 04 May 2021 08:48:19 GMT
server: cloudflare
etag: W/"cc5739e7073479e8b3973b8a8db93283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z3alTSByMXWWJgnEE8N4jaMNg6d%2BNvYxEnjXllwuY7B9qvndE%2F6KCrG%2BX%2FN6qqdi7c1BkGhkhfwkE6MXcB61nZwqQXAr6nrW3kV5DqGZ0ZD8afERKs2Z%2BlmjFhF%2Fd95a"}],"group":"cf-nel"}
content-type: text/javascript
cache-control: public, max-age=86400
cf-request-id: 09e91fad4000004ea4ed8ab000000001
cf-ray: 64bb9bc1fed94ea4-FRA
expires: Wed, 05 May 2021 08:48:05 GMT

GET
H/1.1 200
OK custom.css
neotogas.com/css/ 19 KB
4 KB 43ms
12ms Stylesheet
text/css 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/css/custom.css
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 32fa1b46331038589a7edab18fc2d54ef1883155b126b5bba099714749950b03

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:12 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jun 2019 10:45:08 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4de6-58c7416b16026-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3978

GET
H/1.1 200
OK neo.png
neotogas.com/img/ 29 KB
29 KB 18ms
12ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neotogas.com/img/neo.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 9ef1500cf50cde6a3ef1966f5433d0830d87fd345d3e97a1da070b1eaf7eb5db

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Tue, 09 Jan 2018 18:16:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "72fd-5625be9325834"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29437

GET
H/1.1 200
OK load_neoprice.js Show response
neotogas.com/ajax/ 424 B
591 B 14ms
14ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/load_neoprice.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 4b96be88b9bffe4af304fd5065c42217a42824aad7d284a961287a7d87ac6c3f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1a8-5625be93dc214-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 242

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bda1421fc5ce7934caf8d700fd8111808a0111e5e406ec96ae23f74f9177e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47911
x-xss-protection: 0
server: cafe
etag: 1180854679999446135
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H/1.1 200
OK cointrendz_ad.png
neotogas.com/img/ 46 KB
46 KB 14ms
11ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neotogas.com/img/cointrendz_ad.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2f45c8721c1ff404ba0f88612335a37bca26fbd4f4c58a49aac1ff116fc7cf8c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Sat, 12 May 2018 10:11:12 GMT
Server: Apache/2.4.38 (Debian)
ETag: "b786-56bff78e840b5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 46982

GET
H/1.1 200
OK load_gasreward.js Show response
neotogas.com/ajax/ 839 B
760 B 14ms
14ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/load_gasreward.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: e0ff8300b5eaca9c71746598a50c08dbaf62b2ac008e61c7d1edd7baa73ebebd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "347-5625be93da2d4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 411

GET
H/1.1 200
OK binance_ad.png
neotogas.com/img/ 110 KB
110 KB 19ms
15ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neotogas.com/img/binance_ad.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: ecea81b705ec84ef5484d7974bc32906f74daeb2b732f1cc9cc8e6cd845a9e0e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Sun, 26 Aug 2018 16:41:00 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1b8d9-57459461f5dda"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 112857

GET
H/1.1 200
OK load_neomarket.js Show response
neotogas.com/ajax/market/ 305 B
552 B 20ms
14ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/market/load_neomarket.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 15fbc6b8c2c1c1b6fedbf8e82a45b52e8bed4e4666ada6f92f51ebc55dedecd2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "131-5625be93d0694-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 203

GET
H/1.1 200
OK load_gasmarket.js Show response
neotogas.com/ajax/market/ 305 B
553 B 16ms
11ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/market/load_gasmarket.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: aae7e681ae5245a622b40344ce3ad61fe1492304ffff868e3f2c90f06d1574c3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "131-5625be93d1634-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 204

GET
H/1.1 200
OK load_neochart.js Show response
neotogas.com/ajax/market/ 430 B
606 B 16ms
11ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/market/load_neochart.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: cb27756bdfee65d869060cccb8fc5793649d0c9ffbd577edc96bbd1fab9694ca

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1ae-5625be93d54b4-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 257

GET
H/1.1 200
OK load_gaschart.js Show response
neotogas.com/ajax/market/ 454 B
615 B 16ms
11ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/market/load_gaschart.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: ddecc9cebe2a43641dba1a820c193a222da20a4c16c4563ba3e2ee844404cc7b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1c6-5625be93ce754-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 265

GET
H/1.1 200
OK load_neopie.js Show response
neotogas.com/ajax/market/ 296 B
552 B 28ms
11ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/market/load_neopie.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: fa7fe6426836216373590d467bf2eee8e55b7bf0f139e3ae48584ccbd0bf54c6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "128-5625be93d6454-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 203

GET
H/1.1 200
OK load_gaspie.js Show response
neotogas.com/ajax/market/ 296 B
552 B 25ms
11ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/ajax/market/load_gaspie.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: d6bc1ee8428b56ffdc4b3312a489a9587be2ba3543a156ff1273d09b3ea58ecf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "128-5625be93d3574-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 203

GET
H/1.1 200
OK free_ebook_3D.png
neotogas.com/img/ 306 KB
306 KB 18ms
11ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neotogas.com/img/free_ebook_3D.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: e7ad80c66bf645a79f13448a69d35bafa964e14cbc8862c346a165b79755c2d0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Sat, 20 Jan 2018 14:46:58 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4c730-5633644e3d643"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 313136

GET
H/1.1 200
OK arrows_optin.png
neotogas.com/img/ 43 KB
43 KB 16ms
14ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neotogas.com/img/arrows_optin.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 56f5146267268d6b3f2bb7683bdd6342b3d073830c7d0607e7caed1595c3669f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Tue, 23 Jan 2018 19:43:34 GMT
Server: Apache/2.4.38 (Debian)
ETag: "ab09-56376c31b2d34"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 43785

GET
H/1.1 200
OK cointrendz_text.png
cointrendz.com/img/ 25 KB
26 KB 694ms
11ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cointrendz.com/img/cointrendz_text.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1ca0c40e4e30104d41710c626787f9c50576997855263a6b819dc39b71df46fb

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Thu, 07 Jun 2018 12:49:10 GMT
Server: Apache/2.4.38 (Debian)
ETag: "65d9-56e0cb5b0a5bb"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 26073

GET
H/1.1 200
OK trading_monitor.png
cryptofastlane.com/img/ 20 KB
20 KB 1260ms
12ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptofastlane.com/img/trading_monitor.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 39a41616591a3c27e9f7b1a2f75f2bcc5952ac1854b65c47683ec86eeef0169d

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:14 GMT
Last-Modified: Tue, 09 Jan 2018 18:17:53 GMT
Server: Apache/2.4.38 (Debian)
ETag: "501f-5625beee488fb"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 20511

GET
H/1.1 200
OK google-play-badge.png
neotogas.com/img/ 14 KB
14 KB 15ms
13ms Image
image/png 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neotogas.com/img/google-play-badge.png
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Tue, 09 Jan 2018 18:16:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "3685-5625be9397c54"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13957

GET
H/1.1 200
OK tether.min.js Show response
neotogas.com/vendor/tether/ 24 KB
8 KB 15ms
14ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/tether/tether.min.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "619d-5625be93ebc14-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7519

GET
H/1.1 200
OK bootstrap.min.js Show response
neotogas.com/vendor/bootstrap/js/ 46 KB
12 KB 18ms
16ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:19 GMT
Server: Apache/2.4.38 (Debian)
ETag: "b63d-5625be949b894-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 12031

GET
H/1.1 200
OK jquery.easing.min.js Show response
neotogas.com/vendor/jquery-easing/ 2 KB
1 KB 24ms
12ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "9e4-5625be93e5e54-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 817

GET
H/1.1 200
OK custom.min.js Show response
neotogas.com/js/ 1 KB
981 B 21ms
11ms Script
application/javascript 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/js/custom.min.js
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 0b6388789af23114bd1703366798615d9574fa45b5f9de4bc4cfbe75afaf3122

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://neotogas.com/
Connection: keep-alive
Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 18:16:17 GMT
Server: Apache/2.4.38 (Debian)
ETag: "50f-5625be92eed34-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 632

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1277
date: Fri, 07 May 2021 15:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 07 May 2021 17:29:56 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://neotogas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 04:11:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 473983
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 02 May 2022 04:11:30 GMT

GET
H3-29 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://neotogas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:32:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 310750
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Wed, 04 May 2022 01:32:03 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://neotogas.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 86826
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:07 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=986420614&t=pageview&_s=1&dl=https%3A%2F%2Fneotogas.com%2F&ul=en-us&de=UTF-8&dt=NEO%20GAS%20Calculator%2C%20NEO%20Balance%20%26%20NEO%20Blockchain!%20%7C%20NeoToGas.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=145432253&gjid=1473745355&cid=435181497.1620402673&tid=UA-91434807-3&_gid=1614341685.1620402673&_r=1&_slc=1&z=2138220914

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://neotogas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
neotogas.com/vendor/font-awesome/fonts/ 75 KB
76 KB 12ms
11ms Font
font/woff2 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/font-awesome/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Host: neotogas.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://neotogas.com/vendor/font-awesome/css/font-awesome.min.css
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Origin: https://neotogas.com
Referer: https://neotogas.com/vendor/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Last-Modified: Tue, 09 Jan 2018 18:16:18 GMT
Server: Apache/2.4.38 (Debian)
ETag: "12d68-5625be9469bb4"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 77160

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/ 224 KB
83 KB 40ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7550846432986475&plah=neotogas.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cd6c951096f7a376ac4d67812d7c09a069452cba6c4fa4f0ea1f052c1fd0c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84600
x-xss-protection: 0
server: cafe
etag: 12591075211014417161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/ Frame 9F72 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210505/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210505/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 May 2021 23:39:16 GMT
expires: Thu, 20 May 2021 23:39:16 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 58317
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK neoprice.php Show response
neotogas.com/php/ 110 B
346 B 12ms
12ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/neoprice.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 7976378a9f8d86a79c2b6604ce1531937b0b4855c997ed16bc3fe5fb5537abeb

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 96

POST
H/1.1 200
OK neomarket.php Show response
neotogas.com/php/market/ 464 B
492 B 18ms
17ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/market/neomarket.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 8ecfc4d209c416a553998cb1fb3043479bc70904fec3386fa737dbd13b512ca5

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 241

POST
H/1.1 200
OK gasmarket.php Show response
neotogas.com/php/market/ 829 B
598 B 18ms
18ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/market/gasmarket.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 944a63630c4d2f0ea08b60f220444489275b0eaf2ac444987b45e2dc319b7458

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 347

POST
H/1.1 200
OK neochart.php Show response
neotogas.com/php/market/ 2 KB
932 B 12ms
12ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/market/neochart.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: ff0a1824f99c1527f49dd49af9eb3fa8bf8e4228b35baa7188cdd33cc1f2580f

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 681

POST
H/1.1 200
OK gaschart.php Show response
neotogas.com/php/market/ 2 KB
909 B 12ms
12ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/market/gaschart.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 3cbcf0bc1ad204f0d3205e4625db8b9521bc69cf3acf38224e1beada44010970

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 658

POST
H/1.1 200
OK neopie.php Show response
neotogas.com/php/market/ 1 KB
867 B 17ms
11ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/market/neopie.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: f166b2b2ab9177ec0685ecbc58f8ea9d39b10526bdc2a32e776b7586a9675c03

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 616

POST
H/1.1 200
OK gaspie.php Show response
neotogas.com/php/market/ 2 KB
977 B 28ms
15ms XHR
text/html 116.202.101.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://neotogas.com/php/market/gaspie.php
Requested by: Host: neotogas.com
URL: https://neotogas.com/vendor/jquery/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.101.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.196.101.202.116.clients.your-server.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 655163222d78c12c5ad457d9860fe36477dc389a72eb08526749d9e5d8cfc85f

Request headers

Sec-Fetch-Mode: cors
Origin: https://neotogas.com
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.2.435181497.1620402673; _gid=GA1.2.1614341685.1620402673; _gat=1
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
Host: neotogas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Cache-Control: no-cache
Referer: https://neotogas.com/
Sec-Fetch-Site: same-origin
Accept: */*
Referer: https://neotogas.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:13 GMT
Content-Encoding: gzip
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 726

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
642 B 51ms
28ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=neotogas.com&callback=_gfp_s_&client=ca-pub-7550846432986475

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210505/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7550846432986475&plah=neotogas.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

082f128d9d1bbba93341d78d791736424fe115aa0f28278fcbd5e5e0ce6a1b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 37ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=neotogas.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 37ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=neotogas.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B98 67 KB
23 KB 462ms
461ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4df0204320c9f191c65aea1b69bd460fe3f435fe27ca4a92b60ce8990b23eb8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 May 2021 15:51:13 GMT
server: cafe
content-length: 23475
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-May-2021 16:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:13 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214051398855"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94AE 64 KB
21 KB 432ms
431ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc294f1de24748c75026589c9bf647b64b073f109ba6bda757efb72a6050570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 May 2021 15:51:13 GMT
server: cafe
content-length: 21670
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-May-2021 16:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:13 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABD3 112 KB
36 KB 412ms
411ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9518b13028712b348b5eb47aa534cdf28cde436ce9c78b880f5577d371b949a8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_o-K32t_ACFaeBUAYdZyIHtQ&gqi=8WGVYPjFGYKOtweSmobgDw&layout=/sadbundle/%24csp%253Der3%24/8879038755141128842/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_o-K32t_ACFaeBUAYdZyIHtQ&gqi=8WGVYPjFGYKOtweSmobgDw&layout=/sadbundle/%24csp%253Der3%24/8879038755141128842/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 May 2021 15:51:13 GMT
server: cafe
content-length: 36531
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-May-2021 16:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:13 GMT
cache-control: private

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fneotogas.com%2F&tn=BUTTON&cls=btn&ign=false

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fneotogas.com%2F&tn=NAV&id=mainNav&cls=navbar%20fixed-top%20navbar-toggleable-md%20navbar-light&ign=false

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23BB 4 KB
693 B 98ms
98ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&adk=2020088507&adf=637443794&lmt=1620402673&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fneotogas.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673200&bpp=1&bdt=262&idt=210&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280%2C730x280&nras=1&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&dtd=215

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03a6ac4f572cbece5a90b404110c82b0f1d1cd12d3c7903c6dfdf51b32a25177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7550846432986475&output=html&adk=2020088507&adf=637443794&lmt=1620402673&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fneotogas.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673200&bpp=1&bdt=262&idt=210&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280%2C730x280&nras=1&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&dtd=215
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 May 2021 15:51:13 GMT
server: cafe
content-length: 670
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 07-May-2021 16:06:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:13 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=neotogas.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=neotogas.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C068 16 KB
8 KB 494ms
494ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f55e1a8f01cdc14ba99193599b4c971bf47632bafa3b912e614276816fbf207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 May 2021 15:51:14 GMT
server: cafe
content-length: 7685
x-xss-protection: 0
set-cookie: IDE=AHWqTUnO_p132yOnaMU2B8h9IemEjx1E40a62MviAQzFlR_Wcj9XIW--4QzIs8F6hE0; expires=Wed, 01-Jun-2022 15:51:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:14 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86B4 399 B
223 B 305ms
304ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1454778927&adf=3562298215&pi=t.aa~a.2276820088~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&to=qs&pwprc=5635080185&psa=0&format=1200x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=0&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0%2C350x280&nras=3&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=D2jbXeT4uG&p=https%3A//neotogas.com&dtd=18

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18120f09689da76ae81f5a0952d2811fb17afdb091994f22a54d4f695e94c368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1454778927&adf=3562298215&pi=t.aa~a.2276820088~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&to=qs&pwprc=5635080185&psa=0&format=1200x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=0&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0%2C350x280&nras=3&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2227&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=D2jbXeT4uG&p=https%3A//neotogas.com&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 May 2021 15:51:13 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: IDE=AHWqTUl1Imp5Iog8Aeu1CCLAxkHsmUZat4Ov-SgRnOeByA4_cgr1QOvtNhsuOPtWZD8; expires=Wed, 01-Jun-2022 15:51:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:13 GMT
cache-control: private

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame ABD3 67 B
533 B 27ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 10:13:28 GMT
x-content-type-options: nosniff
server: cafe
age: 20265
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 08 May 2021 10:13:28 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 7 KB
2 KB 23ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67f2e1464a6de9569bc1bc44ab51c471da52772faf44d7b1bd81b04fcfeed0e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8879038755141128842/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2273
date: Fri, 07 May 2021 04:18:32 GMT
expires: Sat, 07 May 2022 04:18:32 GMT
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 41561
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7F04 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-zt98WGVYJ-sGqeDwuIP58ScqAvU2LWsYpu8rPL0DdLfqN6sIxABIP-yujVglQKgAfjg9PoDyAEJqQInac7ENj20PqgDAcgDSKoEpQFP0LNElHlByL1RQHANuztOSlSRoyJegXihofPv7b44hyI-WBP1cORIUDdPQLEtw2KRqquTIBK4Uw-Eb8jPnlrTL6n0kO7oPJ3KZDUaiynF7EkOKmkcDkP6c9R51IYWK0DDDLbE2d88LuV2Fihu7c2XvU9JQ7L9Xuw_0Qaceb81yjeCZN9YLbAKbPVeZS9HY5_IekR0fzso7T0NPLWvaBfDPm3Nu7nABJn9jPu5A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfwnosFqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMqkENIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXGgoYCAASFHB1Yi03NTUwODQ2NDMyOTg2NDc1&sigh=mKrPqKMyt_M&template_id=419

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 May 2021 15:51:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 7F04 17 KB
7 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7043
x-xss-protection: 0
server: cafe
etag: 3975852021068510888
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:49:32 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 7F04 2 KB
1 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:48:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F04 116 KB
35 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214045155586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 7F04 13 KB
6 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:50:13 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 94AE 6 KB
669 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 14:10:18 GMT
server: ESF
date: Fri, 07 May 2021 15:51:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 6B98 3 KB
578 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 14:14:27 GMT
server: ESF
date: Fri, 07 May 2021 15:51:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 spam_signals_bundle_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/elements/html/spam_signals/ Frame 94AE 6 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/elements/html/spam_signals/spam_signals_bundle_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2925
x-xss-protection: 0
server: cafe
etag: 11749031388657934619
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:08:31 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 94AE 1 KB
909 B 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:49:32 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 94AE 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7043
x-xss-protection: 0
server: cafe
etag: 3975852021068510888
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:49:32 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 94AE 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:48:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94AE 116 KB
35 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214045155586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 94AE 13 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:50:13 GMT

GET
H3-29 200 8ae5a72cfbd99e43f69fdf9d7c4a3504.js Show response
www.gstatic.com/mysidia/ Frame 94AE 25 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 22:51:13 GMT
server: sffe
age: 23378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10537
x-xss-protection: 0
expires: Thu, 05 Aug 2021 09:21:35 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 6B98 1 KB
909 B 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:49:32 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 6B98 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7043
x-xss-protection: 0
server: cafe
etag: 3975852021068510888
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:49:32 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 6B98 2 KB
1 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:48:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B98 116 KB
35 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214045155586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:13 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 6B98 13 KB
6 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:50:13 GMT

GET
H3-29 200 8ae5a72cfbd99e43f69fdf9d7c4a3504.js Show response
www.gstatic.com/mysidia/ Frame 6B98 25 KB
10 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ae5a72cfbd99e43f69fdf9d7c4a3504.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 09:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 22:51:13 GMT
server: sffe
age: 23378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10537
x-xss-protection: 0
expires: Thu, 05 Aug 2021 09:21:35 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6B98 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYBHp8WGVYLGWGf6EwuIPxIKL8Arg76GzYZ_ewfquDdyrk_inHhABIP-yujVglQKgAe_0h6ACyAEBqAMByAPDBKoEoAFP0CZSyqXicyDAMvDi4o0638aV2rSl6O40vPZjDfBC6LC9pfyDTM8LuWaOeYPO0pHVp8QjLNaFeF4bwgYyIUo5VtrqSgmaQVPy2FU0U4aRAeumXf5T_7lDogB0HV2qWmlH5jKIwTC0xUHDpANzguiYIt_Bjvf-57ryZa6MMWnz2ROb-q-AnqoB4bqs2BZEd5bdXi3Tqjxv383WguQsq0NdwAT3sfXJtQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGUYAH-Yr43wGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQhIJO0ggJCIDhgBAQARgfgAoByAsB2BMC0BUBgBcBshcaChgIABIUcHViLTc1NTA4NDY0MzI5ODY0NzU&sigh=1qsCnr-D_jY

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 May 2021 15:51:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4D06 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkndYOG9b711pfEbcjnqfIQ_--1y9H5C8rI0jLSGQAVCiCg5B2X_Rh9ADyeBPg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2934319928&adf=2005554584&pi=t.ma~as.2406809148&w=730&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673189&bpp=2&bdt=251&idt=213&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280%2C336x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=435&ady=4415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=5Laeu7GKQY&p=https%3A//neotogas.com&dtd=216

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 07 May 2021 14:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3243
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 291D 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkndYOG9b711pfEbcjnqfIQ_--1y9H5C8rI0jLSGQAVCiCg5B2X_Rh9ADyeBPg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=9352447667&adk=3723497318&adf=2916622710&pi=t.ma~as.9352447667&w=970&fwrn=4&fwrnh=100&lmt=1620402673&rafmt=1&psa=0&format=970x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673184&bpp=4&bdt=246&idt=180&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=6808970091124&frm=20&pv=2&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HWQSn7wnMh&p=https%3A//neotogas.com&dtd=200

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 07 May 2021 14:57:10 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3243
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7F04 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cffa7c5f324bf97fcd8fe33006332923b36b8d6d27c9f8819bc754b6caec661b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6B98 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 052f56f655e9242ecb2821f07ac267af26718b514981a80cd8af8cbefc6bb05e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 94AE 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfxHt8WGVYJPqGc-OtweGkKvQDfajh85h_q7T4_kMo46Rz6QOEAEg_7K6NWCVAqABjIT7gQPIAQmpAmeDbj-bRrQ-qAMByAPLBKoEqwFP0E0R6Oa5TetS5edUm1-Aey6qPdyp_MzXfcAYdcPnqkE2hw28z_QCdBtiYSgdQN61wvwkxfTCq8eCKLlqrjj3w82OtCw3ALOPF-uBll6oIlxzjrv3W55J5kTbgdjB3VNQiNI5HVp57jrTK3ZflOQbBViBO6c56IGTX1JOqUyaBuRYRFwgaBTVriyOPK1F83NEJhMZlCJ2nvqS7Gp1uk3Dxgex2Xn4IAgp_37ABIyclbezA5IFBAgEGAGSBQQIBRgEoAYugAfc-4R-qAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPjrBtIICQiA4YAQEAEYH4AKAcgLAdgTDIgUAtAVAYAXAbIXGgoYCAASFHB1Yi03NTUwODQ2NDMyOTg2NDc1&sigh=Hph9mXl_wao&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 May 2021 15:51:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6B98 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 137952
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 06 May 2022 01:32:02 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 6B98 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 137983
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 06 May 2022 01:31:31 GMT

GET
H3-29 200 2076313506083323656
tpc.googlesyndication.com/simgad/9405272885679493642/ Frame 94AE 43 KB
43 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9405272885679493642/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be9f265db253cd87d6b9e25774cab9d6de9f0d411888674e2fa2e404ebcc767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 02:58:16 GMT
x-content-type-options: nosniff
age: 132778
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44477
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 19:42:50 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 02:58:16 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11241678584239067544/ Frame 94AE 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11241678584239067544/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

865bbf9abf0de74c93ec14ee150344b737c647066c9cff175e572e61d9a48aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:46 GMT
x-content-type-options: nosniff
age: 452848
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3097
x-xss-protection: 0
last-modified: Thu, 18 Jul 2019 09:18:54 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 May 2022 10:03:46 GMT

GET
DATA 200
OK truncated
/ Frame 94AE 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7351e503d3ad1e5eabc787c12b8e32d41b68e7e0f4c864c2eae4fd3a6d114fb3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 7788 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 08 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7788 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 07 May 2021 18:54:40 GMT

GET
H3-29 200 background.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 17 KB
17 KB 10ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/background.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058f63cc14cdbb8c16c339a1d8a956c7ea49a8b489f78a16aca38d33e8d9484c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387193
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17864
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
server: sffe
date: Mon, 03 May 2021 04:18:01 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 04:18:01 GMT

GET
H3-29 200 cta.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 675 B
702 B 8ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/cta.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28f79fdbc3b84c5301da0e356f7ac6f5e28e6d6a6aa68d42f5b18fb2c5818f7c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 17847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 675
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
server: sffe
date: Fri, 07 May 2021 10:53:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 10:53:47 GMT

GET
H3-29 200 copytext.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/copytext.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9703e4eab0f0c29ae9629955c99cd1daa596473eb4fc88df53231a2a75b03e58

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 42773
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2308
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
server: sffe
date: Fri, 07 May 2021 03:58:21 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 03:58:21 GMT

GET
H3-29 200 headline.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/headline.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab191e7570b92a43199fbbea2439497e860d61a773c0b602d18fb672b87094e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 387193
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2940
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
server: sffe
date: Mon, 03 May 2021 04:18:01 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 04:18:01 GMT

GET
H3-29 200 eyecatcher.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/eyecatcher.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65292d40305fb08712c915d73a538d01327f0ab6ab2bdf647302128981a1c53

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 33702
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2279
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
server: sffe
date: Fri, 07 May 2021 06:29:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 06:29:32 GMT

GET
H3-29 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/ Frame 7788 4 KB
4 KB 11ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8879038755141128842/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d35005caccccfa9e5e792c75685c01ae51c0cad66aec1ddba2e1291c9ca930f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 17847
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3632
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 03:06:23 GMT
server: sffe
date: Fri, 07 May 2021 10:53:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 10:53:47 GMT

GET
DATA 200
OK truncated
/ Frame 94AE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7eef0de9fc87d27338322c42250675ffe68fc02009f522e71a356f2eae528c33

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 94AE 15 KB
15 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 137262
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 06 May 2022 01:43:32 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 94AE 15 KB
15 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
age: 87345
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
expires: Fri, 06 May 2022 15:35:29 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 94AE 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 473271
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 02 May 2022 04:23:23 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0515 0
0 46ms
43ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvTaZ8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEowFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKV9bi3uW0w0eXAvfV10x3zgEVDgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNzU1MDg0NjQzMjk4NjQ3NQ&sigh=54rIVrp3iWc&tpd=AGWhJmtaH7TSpp6wgpRz3smYpkqnTNr09a3ifF6oz-3_nlOVH8hz2KLmgyqWGAnN9Eqfv6v8ne_rONzuYZlj6Uo-T-QnOTfW-i4ARo2u6kDnEhT5Q1kcsCdMH_nwdORlyzxfY4od_yrD37mrEDeHQI4WyTXuAlsWrE1-Bo_4X94Y6nIaH1A6HTonx_dmIuA6S49lQSnzR2lXweHZP9hB7LUY5lesXFpNz9gfF1VCUDKxeSYcPuOAlLhebbmMzEKcVAZxET3xt-C1S5bFpaWEFzpL7tRYT8VcAjsvb-CqXGSZOdwSVfIzCgn9XSUal8NqWW_n7OLELoe6RgFyXizkIAZDDq4NJE0mRQDgmFUyp3c3VIj_A8NjGR4gdYjwqB4K23P3XaQoc_BRx2WwwP9ctwQWT2XT1fHZAm8RUvPzp1x-9wmIA2m1iUpAa9EDsLWEDGRbYP-G4qD_JeGfUKKcXkMyPW7oB5jHil0NqE2kgqYoYIGhkIIBufSCfLBHnPZR3A67EKevHw9CVxJ5RiOGnXDgNiWZ_Jw9zrVrm3vfjfQ7aCs4HTrk3OhSZCTXLE0Kgmye8wuyQJG0TQZ1Kkwdx_3HOGAiSFR0PCXLKmOt0v8qqPUptTBhsrASY-4LGVBOLzF-B_mHgck2bPgOpRB6woBLPoWADZsldHo5f_p6kV3Nf_Sz36tXx8_T8hbcra8HiW7Kfk1Tiq6T1RICrXSqozU_BkMnaZP6_h53ZVYcYpUJePNWwvQyFxk7ayctDYdYdUeK3saRO4T2RSYKDQLNhLY0RLFoLQExNZfVgdpoDuD_LlS6SyWssJy5Xx_uARvUfQ1J36wELBjftPSwxE5DL27DrGvjlgcHo43X7QYs2DwvKT4EfFPZn9uTtlGUerd2mk9pFGAGpPdpjcaKwyFns1GDlBl_1TicTDy8AQ83IkPMjji_xUnwRsqtXAleR5gzDEqE3F9aY3epNsxnBaVjAgm6r4PQm15CthmNR0EkhvJPfq_f_72wAM-va1CKObugx2C0tOI1BjKxNt-X-GlYYkDtBP-j19A

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 May 2021 15:51:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 0515 2 KB
2 KB 52ms
20ms Script
application/x-javascript 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVRBMFpERTNOakV0WW1RNFppMWhOR00zTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NTU1NTExMTc0NTQ4Nzc1ODIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5S3NCQnEwUWZOalhjWEs4VXNoc0djOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDU1NTUxMTE3NDU0ODc3NTgyL3pyaC8wLzUwOS83NC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDQwMjY3My8xNjIwNDE1MjczLzQvcHViLTc1NTA4NDY0MzI5ODY0NzUv/ia7Ee51_x0MFuwhpEETVsPRudJc&nodeid=113&group=eu&auctionid=8455551117454877582&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%26client%3Dca-pub-7550846432986475%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.198.4 /
Resource Hash: 865d79224b0a6be337496e211a45a6807a871f8e5e92a01b55b4211847a9a877

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:07 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1620402673
Last-Modified: Fri, 07 May 2021 15:51:13 GMT
Server: MMBD/3.198.4
x-mm-latency: 1 (0)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x69, zrh-bidder-x12
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 07 May 2021 15:51:06 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 0515 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:48:34 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0515 116 KB
35 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214045155586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:14 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 0515 13 KB
6 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 15:50:13 GMT

GET
H3-29 200 FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js Show response
pagead2.googlesyndication.com/bg/ Frame F139 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&slotname=2406809148&adk=2809813440&adf=1153104676&pi=t.ma~as.2406809148&w=336&lmt=1620402673&rafmt=12&psa=0&format=336x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673188&bpp=1&bdt=250&idt=206&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x280&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1280&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JMwROJWBuy&p=https%3A//neotogas.com&dtd=211

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:48:00 GMT
server: sffe
age: 19661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 07 May 2022 10:23:33 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4D06
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnO_p132yOnaMU2B8h9IemEjx1E40a62MviAQzFlR_Wcj9XIW--4QzIs8F6hE0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 May 2021 15:51:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 07-May-2021 16:51:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 May 2021 15:51:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 291D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnO_p132yOnaMU2B8h9IemEjx1E40a62MviAQzFlR_Wcj9XIW--4QzIs8F6hE0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 May 2021 15:51:14 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 07-May-2021 16:51:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 May 2021 15:51:14 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 May 2021 15:51:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9037 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:48:00 GMT
server: sffe
age: 19661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 07 May 2022 10:23:33 GMT

GET
H3-29 200 FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7788 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:48:00 GMT
server: sffe
age: 19661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 07 May 2022 10:23:33 GMT

GET
H/1.1 200
OK h78o6ojw9z7r Show response
hal9000.redintelligence.net/zone/ Frame 0515 11 KB
3 KB 43ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/h78o6ojw9z7r?subid=&rnd=8455551117454877582&extVar[]=DOUBLEBORDER:1&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8455551117454877582%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_cid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%2526client%253Dca-pub-7550846432986475%2526adurl%253D%26redirect%3D
Requested by: Host: neotogas.com
URL: https://neotogas.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 88b6d09d482d5320df8d3d7584e8ad61f6301b73ec5f808c4b74ad3f82b464b8

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:14 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3347
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 0515 49 B
329 B 45ms
16ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8455551117454877582&node_id=113&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVRBMFpERTNOakV0WW1RNFppMWhOR00zTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NTU1NTExMTc0NTQ4Nzc1ODIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5S3NCQnEwUWZOalhjWEs4VXNoc0djOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDU1NTUxMTE3NDU0ODc3NTgyL3pyaC8wLzUwOS83NC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDQwMjY3My8xNjIwNDE1MjczLzQvcHViLTc1NTA4NDY0MzI5ODY0NzUv/ia7Ee51_x0MFuwhpEETVsPRudJc&nodeid=113&group=eu&auctionid=8455551117454877582&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%26client%3Dca-pub-7550846432986475%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.198.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:07 GMT
Server: MMBD/3.198.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x64, zrh-bidder-x12
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 07 May 2021 15:51:06 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 0515 43 B
359 B 47ms
17ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8455551117454877582&v3=651871&v4=4562306&v5=6622328&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVRBMFpERTNOakV0WW1RNFppMWhOR00zTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NTU1NTExMTc0NTQ4Nzc1ODIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5S3NCQnEwUWZOalhjWEs4VXNoc0djOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDU1NTUxMTE3NDU0ODc3NTgyL3pyaC8wLzUwOS83NC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDQwMjY3My8xNjIwNDE1MjczLzQvcHViLTc1NTA4NDY0MzI5ODY0NzUv/ia7Ee51_x0MFuwhpEETVsPRudJc&nodeid=113&group=eu&auctionid=8455551117454877582&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%26client%3Dca-pub-7550846432986475%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master zrh-pixel-x4 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:14 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 07 May 2021 15:51:16 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 0515 49 B
329 B 46ms
17ms Image
image/gif 185.29.133.58
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8455551117454877582&st=4562306&time=1620402674&nodeid=113
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWVRBMFpERTNOakV0WW1RNFppMWhOR00zTFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0NTU1NTExMTc0NTQ4Nzc1ODIvNjYyMjMyOC80NTYyMzA2LzQvNFpuLThIaXRpQ2tMU1UzckdXNWh5S3NCQnEwUWZOalhjWEs4VXNoc0djOC8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDU1NTUxMTE3NDU0ODc3NTgyL3pyaC8wLzUwOS83NC85OTkvNjYvMmEwMTo0Zjg6MTkyOjovMC4wMDAvMTYyMDQwMjY3My8xNjIwNDE1MjczLzQvcHViLTc1NTA4NDY0MzI5ODY0NzUv/ia7Ee51_x0MFuwhpEETVsPRudJc&nodeid=113&group=eu&auctionid=8455551117454877582&sid=4562306&cid=6622328&bp=a_bjgfgc&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.171&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%26client%3Dca-pub-7550846432986475%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.198.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:07 GMT
Server: MMBD/3.198.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x70, zrh-bidder-x12
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 07 May 2021 15:51:06 GMT

GET
H/1.1

200
OK

request.php Show response
hal900024.redintelligence.net/ Frame 0515
Redirect Chain

https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

2 KB
1 KB

121ms
99ms

Script
application/x-javascript

138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8455551117454877582%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_cid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%2526client%253Dca-pub-7550846432986475%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7550846432986475%26output%3Dhtml%26h%3D280%26adk%3D1476225515%26adf%3D620701383%26pi%3Dt.aa~a.1190370842~i.2~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620402673%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5635080185%26psa%3D0%26ad_type%3Dtext_image%26format%3D350x280%26url%3Dhttps%253A%252F%252Fneotogas.com%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D292%26rw%3D350%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620402673540%26bpp%3D1%26bdt%3D602%26idt%3D-M%26shv%3Dr20210505%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De842e75d48d1f6a5-22a27053cac70029%253AT%253D1620402673%253ART%253D1620402673%253AS%253DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ%26prev_fmts%3D970x280%252C336x280%252C730x280%252C0x0%26nras%3D2%26correlator%3D6808970091124%26frm%3D20%26pv%3D1%26ga_vid%3D435181497.1620402673%26ga_sid%3D1620402673%26ga_hid%3D986420614%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D815%26ady%3D3359%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530671%252C44739521%26oid%3D3%26pvsid%3D3342033008610378%26eae%3D0%26fc%3D384%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DjGPOiiSFnq%26p%3Dhttps%253A%2F%2Fneotogas.com%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneotogas.com&random=5082759025275&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a244114756999e45860f76984ccebc53f1336d52105fdda9c9817fd284d2da06

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 15:51:14 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 41277100183304700951407011587024
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 897
Expires: Fri, 07 May 2021 16:51:14 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 07 May 2021 15:51:14 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8455551117454877582%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_cid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%2526client%253Dca-pub-7550846432986475%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7550846432986475%26output%3Dhtml%26h%3D280%26adk%3D1476225515%26adf%3D620701383%26pi%3Dt.aa~a.1190370842~i.2~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620402673%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5635080185%26psa%3D0%26ad_type%3Dtext_image%26format%3D350x280%26url%3Dhttps%253A%252F%252Fneotogas.com%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D292%26rw%3D350%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620402673540%26bpp%3D1%26bdt%3D602%26idt%3D-M%26shv%3Dr20210505%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De842e75d48d1f6a5-22a27053cac70029%253AT%253D1620402673%253ART%253D1620402673%253AS%253DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ%26prev_fmts%3D970x280%252C336x280%252C730x280%252C0x0%26nras%3D2%26correlator%3D6808970091124%26frm%3D20%26pv%3D1%26ga_vid%3D435181497.1620402673%26ga_sid%3D1620402673%26ga_hid%3D986420614%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D815%26ady%3D3359%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530671%252C44739521%26oid%3D3%26pvsid%3D3342033008610378%26eae%3D0%26fc%3D384%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DjGPOiiSFnq%26p%3Dhttps%253A%2F%2Fneotogas.com%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneotogas.com&random=5082759025275&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Fri, 07 May 2021 16:51:14 +0200

GET
H3-29

200

activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662 Show response
5994599.fls.doubleclick.net/ Frame 5186
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662?

391 B
346 B

47ms
33ms

Document
text/html

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662?

Requested by

Host: neotogas.com
URL: https://neotogas.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

9186550b46c5238045c31acb74e8c107298a5650f26cb41d44db08703391f8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnO_p132yOnaMU2B8h9IemEjx1E40a62MviAQzFlR_Wcj9XIW--4QzIs8F6hE0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 May 2021 15:51:14 GMT
expires: Fri, 07 May 2021 15:51:14 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 May 2021 15:51:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900024.redintelligence.net/ Frame 5631 3 KB
2 KB 33ms
12ms Document
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/request_content.php?s=41277100183304700951407011587024&a=728da373
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request.php?zone=h78o6ojw9z7r&nw=20&renderingType=javascript&namespace=6db9cf30ca&subid=&uid=629ebedf5d5f2ef3&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8455551117454877582%26mt_id%3D6622328%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_cid%3Ddda06095-61f2-4c01-a17e-3645e9b71483%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCp82Z8WGVYIfXJJ26ygXY-bGgC8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItNzU1MDg0NjQzMjk4NjQ3NcgBCagDAaoEpgFP0ArsDOVauL4sKyc2UK_dDznSf2D1Fa4P6sbM9-dKs-g2kGUvp6HgKfOJljoIs9iAhp7jz17sBz4AtKMVKkLazc-lhIRZ-70aFkk06GplrQpzrv5WXQCGkNM4ab_d6pgH2v7ZvjQl0Bs2a4ib5d5AKXXUFH1D2yDtKt0y5IQ_YsQoAk2rzbGNUKsYyTHr0RKVt7q6K8GgdeJNGb3eC11ccFhXfWfAgAaT5sTFmd31r_oBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHipyxAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_37nbbvpS2pnRZPWZmqUUp8uUJWjw%2526client%253Dca-pub-7550846432986475%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7550846432986475%26output%3Dhtml%26h%3D280%26adk%3D1476225515%26adf%3D620701383%26pi%3Dt.aa~a.1190370842~i.2~rp.1%26w%3D350%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1620402673%26num_ads%3D1%26rafmt%3D1%26armr%3D3%26sem%3Dmc%26pwprc%3D5635080185%26psa%3D0%26ad_type%3Dtext_image%26format%3D350x280%26url%3Dhttps%253A%252F%252Fneotogas.com%252F%26flash%3D0%26fwr%3D0%26pra%3D3%26rh%3D292%26rw%3D350%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D27%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdXQ..%26dt%3D1620402673540%26bpp%3D1%26bdt%3D602%26idt%3D-M%26shv%3Dr20210505%26cbv%3D%252Fr20190131%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253De842e75d48d1f6a5-22a27053cac70029%253AT%253D1620402673%253ART%253D1620402673%253AS%253DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ%26prev_fmts%3D970x280%252C336x280%252C730x280%252C0x0%26nras%3D2%26correlator%3D6808970091124%26frm%3D20%26pv%3D1%26ga_vid%3D435181497.1620402673%26ga_sid%3D1620402673%26ga_hid%3D986420614%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D815%26ady%3D3359%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42530671%252C44739521%26oid%3D3%26pvsid%3D3342033008610378%26eae%3D0%26fc%3D384%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DjGPOiiSFnq%26p%3Dhttps%253A%2F%2Fneotogas.com%26dtd%3D14&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fneotogas.com&random=5082759025275&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f610255f2dc7bc19cec1bedd81f53fd46c0e0301ed50868e5abab631e45fa983

Request headers

Host: hal900024.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=06efca6ca8e7cbda
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Fri, 07 May 2021 15:51:14 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 07 May 2021 16:51:14 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1225
Connection: close
Content-Type: text/html; charset=utf-8

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5F34 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 07 May 2021 03:14:09 GMT
expires: Sat, 08 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 45425
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0515 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85f2a9d397b451e5f3806a9f5433eb8c078f3e701a47d76da05627c97e9833da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5F34 35 B
463 B 32ms
13ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHMlTBy0eHe07X_8AQPV8N4&google_cver=1&google_push=AQvitUKb266bmMJYf6wonigsSG3672LmnMcmq_rusgNah4A8RRXFkpEococtWH5NmoPml8y_KXqYOag6ljxRYFhu2AZ3Bf809g

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5F34
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEPVmiSwXUxmThjrFacfTsoM&google_cver=1&google_push=AQvitULgI2prmqxz8eDi7bXR8-lSRly6rW2X9wtC-z0gVW2yaTSW7ria8E0lxyqF-eAeZfo-kv4CHSGAZRuCS0wwAUjf9yjd1g
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULgI2prmqxz8eDi7bXR8-lSRly6rW2X9wtC-z0gVW2yaTSW7ria8E0lxyqF-eAeZfo-kv4CHSGAZRuCS0wwAUjf9yjd1g&google_hm=Q0FFU0VQVm1pU3dYVXhtVGh...

170 B
329 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULgI2prmqxz8eDi7bXR8-lSRly6rW2X9wtC-z0gVW2yaTSW7ria8E0lxyqF-eAeZfo-kv4CHSGAZRuCS0wwAUjf9yjd1g&google_hm=Q0FFU0VQVm1pU3dYVXhtVGhqckZhY2ZUc29N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 May 2021 15:51:14 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitULgI2prmqxz8eDi7bXR8-lSRly6rW2X9wtC-z0gVW2yaTSW7ria8E0lxyqF-eAeZfo-kv4CHSGAZRuCS0wwAUjf9yjd1g&google_hm=Q0FFU0VQVm1pU3dYVXhtVGhqckZhY2ZUc29N
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F34
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPw5EYo3RBhk9ZjS8NcMuOY&google_cver=1&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g
https://rtb.openx.net/sync/dds?google_gid=CAESEPw5EYo3RBhk9ZjS8NcMuOY&google_cver=1&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g&ox...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g&google_hm=kadXYsbtwssPYbnXxKEpuQ==

170 B
188 B

41ms
26ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g&google_hm=kadXYsbtwssPYbnXxKEpuQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJW6nRRFlmgnZma8hFjww-RA5wZP3ad8njYYfdRvTGI-dv3guK9CwYsA0TsjNU_rgRQFEDHXcbFIsMOPIIG5wkeaVoq7g&google_hm=kadXYsbtwssPYbnXxKEpuQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: n8b3663qdp09bm8qqrdr6rrt055n28qb

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F34
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AUP9Ewh4Tzm9mgnJH-SIVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AUP9Ewh4Tzm9mgnJH-SIVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI0g1UT_S0nZxWcjVccVU8gLk_rjcscZ2xRCw2td1Caxk5GbQRVTAkVS9joVyXZKXiVd9340YS2VNzMVIGr5VkcJfKn6Q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AUP9Ewh4Tzm9mgnJH-SIVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUI0g1UT_S0nZxWcjVccVU8gLk_rjcscZ2xRCw2td1Caxk5GbQRVTAkVS9joVyXZKXiVd9340YS2VNzMVIGr5VkcJfKn6Q
Date: Fri, 07 May 2021 15:51:14 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F34
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEEio-_pIFYsgn4KKU8EhcOg&google_cver=1&google_push=AQvitULcy-_tTYSZrGzM3qT-fIKfXKmx7szhKV1teo1e0AQDIJ6Hxus36o7Bg6Hr_aWljo5lgJe...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09FSFdYUlItMVgtOUlGQw==&google_push=AQvitULcy-_tTYSZrGzM3qT-fIKfXKmx7szhKV1teo1e0AQDIJ6Hxus36o7Bg6Hr_aWljo5lgJe_oTCbri8z7-I3t6dJeo0Z

170 B
188 B

33ms
18ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09FSFdYUlItMVgtOUlGQw==&google_push=AQvitULcy-_tTYSZrGzM3qT-fIKfXKmx7szhKV1teo1e0AQDIJ6Hxus36o7Bg6Hr_aWljo5lgJe_oTCbri8z7-I3t6dJeo0Z

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S09FSFdYUlItMVgtOUlGQw==&google_push=AQvitULcy-_tTYSZrGzM3qT-fIKfXKmx7szhKV1teo1e0AQDIJ6Hxus36o7Bg6Hr_aWljo5lgJe_oTCbri8z7-I3t6dJeo0Z
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5F34
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw&google_push=AQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJVh8ip90ZVjyZsLajTI1AAABJ0AAAAB&google_cver=1&google_push=AQvitUKmnteaUABLHW7slUiG59ZClZ8JwDhxBNHlUNCiytgpfi0ZcnL-i3tFfBesw7SYWLUFLDM6...

170 B
188 B

21ms
21ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJVh8ip90ZVjyZsLajTI1AAABJ0AAAAB&google_cver=1&google_push=AQvitUKmnteaUABLHW7slUiG59ZClZ8JwDhxBNHlUNCiytgpfi0ZcnL-i3tFfBesw7SYWLUFLDM6MR5k1H5B5snX1kVhImvFIA&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 May 2021 15:51:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YJVh8ip90ZVjyZsLajTI1AAABJ0AAAAB&google_cver=1&google_push=AQvitUKmnteaUABLHW7slUiG59ZClZ8JwDhxBNHlUNCiytgpfi0ZcnL-i3tFfBesw7SYWLUFLDM6MR5k1H5B5snX1kVhImvFIA&google_gid=CAESECH_Dk7AYPORtcCOM8ztbvw
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 458
Expires: Fri, 07 May 2021 15:51:14 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 5F34 43 B
296 B 75ms
22ms Image
image/gif 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELdWN1AHE6b5pgNAFhTeRhE&google_cver=1&google_push=AQvitUIKUeaGBdiepCyJ_v96RTBpqg3qBW4IMwDJ8VikYLxpluEPHppT50a2_saYSFudEUXhxYxbhJh9FLeOlSSMdsR4-B2V
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7550846432986475&output=html&h=280&adk=1476225515&adf=620701383&pi=t.aa~a.1190370842~i.2~rp.1&w=350&fwrn=4&fwrnh=100&lmt=1620402673&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5635080185&psa=0&ad_type=text_image&format=350x280&url=https%3A%2F%2Fneotogas.com%2F&flash=0&fwr=0&pra=3&rh=292&rw=350&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620402673540&bpp=1&bdt=602&idt=-M&shv=r20210505&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De842e75d48d1f6a5-22a27053cac70029%3AT%3D1620402673%3ART%3D1620402673%3AS%3DALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ&prev_fmts=970x280%2C336x280%2C730x280%2C0x0&nras=2&correlator=6808970091124&frm=20&pv=1&ga_vid=435181497.1620402673&ga_sid=1620402673&ga_hid=986420614&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=815&ady=3359&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C44739521&oid=3&pvsid=3342033008610378&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=jGPOiiSFnq&p=https%3A//neotogas.com&dtd=14
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5F34 0
227 B 40ms
15ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtoQJjHfrvEZe02AinP60nXDFkHnAsEpbjLxq6QNP0t4hN6WcaWNCZj7wxxLu5v8OF7sxh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:14 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 5631 77 KB
77 KB 40ms
16ms Image
image/gif 188.138.57.20
GD-EMEA-DC-SXB1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=41277100183304700951407011587024&a=728da373
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.138.57.20 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS: loft11016.serverprofi24.de
Software: nginx /
Resource Hash: 389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

Referer: https://hal900024.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:14 GMT
Last-Modified: Tue, 24 Jul 2018 05:08:58 GMT
Server: nginx
ETag: "5b56b46a-1348d"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 78989

GET
H/1.1 200
OK viewability Show response
hal900024.redintelligence.net/ Frame 5631 0
150 B 33ms
12ms Script
text/html 138.201.84.252
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900024.redintelligence.net/viewability?s=41277100183304700951407011587024&a=39efe54c&vb=m
Requested by: Host: hal900024.redintelligence.net
URL: https://hal900024.redintelligence.net/request_content.php?s=41277100183304700951407011587024&a=728da373
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.252.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hal900024.redintelligence.net/request_content.php?s=41277100183304700951407011587024&a=728da373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 15:51:14 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5631 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662
adservice.google.com/ddm/fls/z/ Frame 5186 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNb7wa72t_ACFZzREQgdFc0DoA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=2843165871902.662?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210505&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea6ce25d1d884db6c90fa1902b96509f832a11adab50c983b6d7f4700b442578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 15:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7664
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:51:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 07 May 2021 15:51:14 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DD0A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://neotogas.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://neotogas.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 07 May 2021 15:24:44 GMT
expires: Sat, 07 May 2022 15:24:44 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1590
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js Show response
pagead2.googlesyndication.com/bg/ Frame DD0A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:48:00 GMT
server: sffe
age: 19661
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 07 May 2022 10:23:33 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210505&jk=3342033008610378&bg=!Li2lLWnNAAYP3QOmD907ACkAdvg8WmrcQQKg5H-0ExCVgoaZihfQwAROxc6qG18AJFohFnlNbneGyQIAAABaUgAAAApoAQcKARaTiRFvfaoFUgT3c8tR9lg4LHgheUW2nVTJ316B24deUWjoakf9sgcXCTA2yQMsDs011VCqmdWxFy2HUNH762HmZkCbcrHwduhsjhFkYi4nDlGZLlKJAmKW5IrI5pWOsaPavSEVkP5JT90Kl5Ed4NO69AXOhZUsZDqPN9v3ax1QbMVY2BLgNhYaMg1d6Jvw6q12qpbfkIrUcfNeweQgrgnB3q5-ER75LZBCTBAa13OsDuHat75tDzg1_Xp0ITUeoNeoXe72K0E3XdYItznGYF6dc5YWgi5UXNkgXnGHqpPgKy0Q7gntaqZupoYzimOb9-YfwMvQwmGUGO7Yt4uG23Cf0LQQvkXZEc0HSRu93Imbpn-HmwVId5kCQojfAAhMFyXwZL82F3OfewhPRrfTTByMs2Ul0PIqkOXml3DaiLW7xe7opNBknyuWGEG9veQMk_P9HXOm0wy4wtPFTIkk1KPFg_fbgxWkn24eSLqOR5tesR0Jn5pa9vJbdTLKjEbtW-LLEjpxUdtvxABiQ32ViRHrekQsGoQcBytzdXRKQsfS8RZfKzDvwRMR0RoluTiwcK4M87Oms_9uIYerVS3IiIK30T5grv2JVJdlZInc-S1-plILd8yx-7nS_hILFV8LZ6n5x_uwVayjIgciRvngYfYm3FKfiZXdj83Ar7r3kHxY_yYqzhaGOHJTTOzXQNQx4UwJENHFra451nQd6fn8F7aXyf2YNLgo5W3CaxJttl8gJTs2_2kTAABwciMhXjEKP5CdbyBiqMT-bzGNV3R3QKzEjyZ0uEGSIA_oi1eXEkaj-1-cWGazY8grxZ1eBQa17Ny4Zh-dwcxzmeDnpZUutl-Lb0JtwGdRSCG7pZxmyJpZfnx8W9gImLBGxrDzu4UhEO-sMpMoyafSusMkwfduk0yix4zrQVnQswui57WvmYrABsieAOEzKoBpouJBx58UabKal2wLswkLjC9xIvcJ1luAxtsIIayufNe7aSvakxkFBqBhCjs6uN1MMLop9yViSv5Cxv7lflirUW-JjvNdGzW24jbDmUcNqZC10JvCrliNJcONQOKQRJ6gzcX1XR2t1rdIydJnQkYqlbSbr3vUU1Mh2wTXEmbnM5bL9DCOqHs6gwkn97_h0pwkBLK_

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://neotogas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B98 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvektCCZth-5JGYBeOwnaRb46WVFs3pi9yRCpqMaHMjlBL6nsxgmhZq9DfMG78dfdAXdCKtWGmECWAtsxpj3gWoyM4weHj4ICHscESmPN898kmtNIk_cf1vk6FRUQ&sai=AMfl-YT-sDbl06WPON-7Lt9wEvVxoIm3SVyAJxSR8AgSCt5JKNadERzKAWS-N261X_YnjSHgrmZ9GhUZBrTC&sig=Cg0ArKJSzN60onH_3kMSEAE&id=lidar2&mcvt=1000&p=120,315,400,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3723497318&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1620402673388&dlt=483&rpt=74&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 15:51:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redintelligence.net/	1970-01-19 20:16:18	Name: 8lcfmzhxc8d6_uid Value: 06efca6ca8e7cbda
.doubleclick.net/	1970-01-19 18:06:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:28:18	Name: IDE Value: AHWqTUnO_p132yOnaMU2B8h9IemEjx1E40a62MviAQzFlR_Wcj9XIW--4QzIs8F6hE0
.neotogas.com/	1970-01-20 03:28:18	Name: __gads Value: ID=e842e75d48d1f6a5-22a27053cac70029:T=1620402673:RT=1620402673:S=ALNI_MafC7m_UoRbdjvNnYK1OwwqmP2kVQ
.neotogas.com/	1970-01-19 18:08:09	Name: _gid Value: GA1.2.1614341685.1620402673
.neotogas.com/	1970-01-19 18:06:42	Name: _gat Value: 1
.neotogas.com/	1970-01-20 11:37:54	Name: _ga Value: GA1.2.435181497.1620402673

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://neotogas.com/vendor/jquery/jquery.min.js(Line 2) Message: jQuery.Deferred exception: Cannot read property 'x' of undefined TypeError: Cannot read property 'x' of undefined at x.b.translate (https://code.highcharts.com/highcharts.js:425:323) at https://code.highcharts.com/highcharts.js:378:436 at Array.forEach (<anonymous>) at e.renderSeries (https://code.highcharts.com/highcharts.js:378:414) at e.render (https://code.highcharts.com/highcharts.js:381:6) at e.firstRender (https://code.highcharts.com/highcharts.js:383:495) at e.<anonymous> (https://code.highcharts.com/highcharts.js:353:173) at E (https://code.highcharts.com/highcharts.js:18:165) at e.init (https://code.highcharts.com/highcharts.js:351:410) at e.getArgs (https://code.highcharts.com/highcharts.js:351:328) undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
adservice.google.com
adservice.google.de
ag.innovid.com
cdn.contentspread.net
cm.g.doubleclick.net
cms.quantserve.com
code.highcharts.com
cointrendz.com
cryptofastlane.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900024.redintelligence.net
image6.pubmatic.com
neotogas.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tags.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
116.202.101.196
138.201.63.117
138.201.84.252
142.250.185.226
172.217.16.134
18.194.113.221
185.29.133.58
185.64.190.78
188.138.57.20
2.18.233.201
2.18.234.21
216.58.212.162
2606:4700:20::681a:d60
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
35.186.253.211
69.173.144.138
03a6ac4f572cbece5a90b404110c82b0f1d1cd12d3c7903c6dfdf51b32a25177
052f56f655e9242ecb2821f07ac267af26718b514981a80cd8af8cbefc6bb05e
058f63cc14cdbb8c16c339a1d8a956c7ea49a8b489f78a16aca38d33e8d9484c
082f128d9d1bbba93341d78d791736424fe115aa0f28278fcbd5e5e0ce6a1b99
0b6388789af23114bd1703366798615d9574fa45b5f9de4bc4cfbe75afaf3122
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f55e1a8f01cdc14ba99193599b4c971bf47632bafa3b912e614276816fbf207
135a1f40a8c161adc54bc7a8bb06ba7a2539e4071d470e0fd4c144e9a1dd9b99
15fbc6b8c2c1c1b6fedbf8e82a45b52e8bed4e4666ada6f92f51ebc55dedecd2
16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18120f09689da76ae81f5a0952d2811fb17afdb091994f22a54d4f695e94c368
1ca0c40e4e30104d41710c626787f9c50576997855263a6b819dc39b71df46fb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
20568af44ab9b900de7d9f4d286cb26181af272d5ca6d1bb0789ae5483003643
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
28f79fdbc3b84c5301da0e356f7ac6f5e28e6d6a6aa68d42f5b18fb2c5818f7c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f45c8721c1ff404ba0f88612335a37bca26fbd4f4c58a49aac1ff116fc7cf8c
30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7
32fa1b46331038589a7edab18fc2d54ef1883155b126b5bba099714749950b03
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
39a41616591a3c27e9f7b1a2f75f2bcc5952ac1854b65c47683ec86eeef0169d
3be9f265db253cd87d6b9e25774cab9d6de9f0d411888674e2fa2e404ebcc767
3cbcf0bc1ad204f0d3205e4625db8b9521bc69cf3acf38224e1beada44010970
3dc294f1de24748c75026589c9bf647b64b073f109ba6bda757efb72a6050570
41a39f4628ed5d28c57ab70026f672800fdcdab9580d3957db13645d0c44d4d2
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ab191e7570b92a43199fbbea2439497e860d61a773c0b602d18fb672b87094e
4b96be88b9bffe4af304fd5065c42217a42824aad7d284a961287a7d87ac6c3f
4df0204320c9f191c65aea1b69bd460fe3f435fe27ca4a92b60ce8990b23eb8f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
56f5146267268d6b3f2bb7683bdd6342b3d073830c7d0607e7caed1595c3669f
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5cd6c951096f7a376ac4d67812d7c09a069452cba6c4fa4f0ea1f052c1fd0c28
655163222d78c12c5ad457d9860fe36477dc389a72eb08526749d9e5d8cfc85f
67f2e1464a6de9569bc1bc44ab51c471da52772faf44d7b1bd81b04fcfeed0e4
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6976b567ff0c1b6de18e250b03f65237744b07900c8f6cecc2fdd9c52d71a52a
6bda1421fc5ce7934caf8d700fd8111808a0111e5e406ec96ae23f74f9177e85
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7351e503d3ad1e5eabc787c12b8e32d41b68e7e0f4c864c2eae4fd3a6d114fb3
7976378a9f8d86a79c2b6604ce1531937b0b4855c997ed16bc3fe5fb5537abeb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7eef0de9fc87d27338322c42250675ffe68fc02009f522e71a356f2eae528c33
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
85f2a9d397b451e5f3806a9f5433eb8c078f3e701a47d76da05627c97e9833da
865bbf9abf0de74c93ec14ee150344b737c647066c9cff175e572e61d9a48aa5
865d79224b0a6be337496e211a45a6807a871f8e5e92a01b55b4211847a9a877
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88b6d09d482d5320df8d3d7584e8ad61f6301b73ec5f808c4b74ad3f82b464b8
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8ecfc4d209c416a553998cb1fb3043479bc70904fec3386fa737dbd13b512ca5
903a400a62d36a8d2eb46acd08321c0ed337d3008c4dfbd873cfe255dc798824
9186550b46c5238045c31acb74e8c107298a5650f26cb41d44db08703391f8af
944a63630c4d2f0ea08b60f220444489275b0eaf2ac444987b45e2dc319b7458
9518b13028712b348b5eb47aa534cdf28cde436ce9c78b880f5577d371b949a8
9703e4eab0f0c29ae9629955c99cd1daa596473eb4fc88df53231a2a75b03e58
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d35005caccccfa9e5e792c75685c01ae51c0cad66aec1ddba2e1291c9ca930f
9ef1500cf50cde6a3ef1966f5433d0830d87fd345d3e97a1da070b1eaf7eb5db
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a244114756999e45860f76984ccebc53f1336d52105fdda9c9817fd284d2da06
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
aae7e681ae5245a622b40344ce3ad61fe1492304ffff868e3f2c90f06d1574c3
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
aeee6894c05e9c63dcd11efbad887da82d2477e9bb3537ecf5a18a84e63a84f8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c65292d40305fb08712c915d73a538d01327f0ab6ab2bdf647302128981a1c53
cb27756bdfee65d869060cccb8fc5793649d0c9ffbd577edc96bbd1fab9694ca
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cffa7c5f324bf97fcd8fe33006332923b36b8d6d27c9f8819bc754b6caec661b
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6bc1ee8428b56ffdc4b3312a489a9587be2ba3543a156ff1273d09b3ea58ecf
ddecc9cebe2a43641dba1a820c193a222da20a4c16c4563ba3e2ee844404cc7b
e0ff8300b5eaca9c71746598a50c08dbaf62b2ac008e61c7d1edd7baa73ebebd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c001b2f4048191366258f1bfb1af4538f63945a9c0c09b8c055d08fdd699a4
e7ad80c66bf645a79f13448a69d35bafa964e14cbc8862c346a165b79755c2d0
ea6ce25d1d884db6c90fa1902b96509f832a11adab50c983b6d7f4700b442578
ecea81b705ec84ef5484d7974bc32906f74daeb2b732f1cc9cc8e6cd845a9e0e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f166b2b2ab9177ec0685ecbc58f8ea9d39b10526bdc2a32e776b7586a9675c03
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f610255f2dc7bc19cec1bedd81f53fd46c0e0301ed50868e5abab631e45fa983
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fa7fe6426836216373590d467bf2eee8e55b7bf0f139e3ae48584ccbd0bf54c6
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
ff0a1824f99c1527f49dd49af9eb3fa8bf8e4228b35baa7188cdd33cc1f2580f

neotogas.com Open in urlscan Pro 116.202.101.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

100 %HTTPS

52 %IPv6

23 Domains

30 Subdomains

24 IPs

4 Countries

1750 kBTransfer

3282 kBSize

7 Cookies

20 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

neotogas.com Open in urlscan Pro
116.202.101.196 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

100 %
HTTPS

52 %
IPv6

23
Domains

30
Subdomains

24
IPs

4
Countries

1750 kB
Transfer

3282 kB
Size

7
Cookies

136 HTTP transactions
6 data transactions