URL: https://horoscope.marumura.com/
Submission: On November 24 via api from US — Scanned from DE

Summary

This website contacted 67 IPs in 11 countries across 58 domains to perform 1668 HTTP transactions. The main IP is 45.64.187.237, located in Thailand and belongs to BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH. The main domain is horoscope.marumura.com.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.
This is the only time horoscope.marumura.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
726 45.64.187.237 58955 (BANGMODEN...)
13 151.101.129.55 54113 (FASTLY)
37 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
17 2a03:2880:f08... 32934 (FACEBOOK)
2 46 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 21 2a00:1450:400... 15169 (GOOGLE)
4 2a02:2638:3::12 44788 (ASN-CRITE...)
90 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2600:9000:225... 16509 (AMAZON-02)
26 2a02:2638:3::3 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 178.250.1.6 44788 (ASN-CRITE...)
4 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 49 142.250.185.130 15169 (GOOGLE)
11 2a02:fa8:8806... 41041 (VCLK-EU-SE)
10 52.223.40.198 16509 (AMAZON-02)
5 6 34.96.105.8 396982 (GOOGLE-CL...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
15 15 37.157.2.230 198622 (ADFORM)
1 2 23.35.237.56 16625 (AKAMAI-AS)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:d::c 44788 (ASN-CRITE...)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 11 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.185 1299 (TWELVE99 ...)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
8 2600:1901:0:7... 396982 (GOOGLE-CL...)
1 35.244.159.8 396982 (GOOGLE-CL...)
4 142.250.185.194 15169 (GOOGLE)
16 2606:4700:20:... 13335 (CLOUDFLAR...)
3 10 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 4 145.239.193.130 16276 (OVH)
4 88.198.250.30 24940 (HETZNER-AS)
4 10 23.56.205.163 16625 (AKAMAI-AS)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 1 178.250.1.9 44788 (ASN-CRITE...)
3 2a03:2880:f17... 32934 (FACEBOOK)
2 192.0.77.48 2635 (AUTOMATTIC)
6 6 216.58.206.38 15169 (GOOGLE)
4 4 84.200.5.215 44066 (DE-FIRSTC...)
2 167.233.13.224 24940 (HETZNER-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 87.118.116.9 31103 (KEYWEB-AS)
4 18.130.85.236 16509 (AMAZON-02)
1 5.9.97.176 24940 (HETZNER-AS)
1 18.66.147.52 16509 (AMAZON-02)
1 99.86.4.36 16509 (AMAZON-02)
2 18.170.173.249 16509 (AMAZON-02)
3 2620:1ec:46::45 8075 (MICROSOFT...)
3 151.101.129.108 54113 (FASTLY)
1 35.187.184.108 396982 (GOOGLE-CL...)
7 185.89.210.212 29990 (ASN-APPNEX)
3 2a02:2638:3::10 44788 (ASN-CRITE...)
4 6 35.190.0.66 15169 (GOOGLE)
1 35.244.170.237 15169 (GOOGLE)
1 23.32.185.123 16625 (AKAMAI-AS)
9 18.157.99.226 16509 (AMAZON-02)
2 2 52.28.254.225 16509 (AMAZON-02)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1668 67
Apex Domain
Subdomains
Transfer
726 marumura.com
horoscope.marumura.com
www.marumura.com
travel.marumura.com Failed
10 MB
123 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
1 MB
106 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 33424
ad4m.at — Cisco Umbrella Rank: 12394
assets.ad4m.at — Cisco Umbrella Rank: 45800
1010 KB
90 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
8757e24f1ddcc22b19dc72e979cfba96.safeframe.googlesyndication.com
bd9cdb6a62645734ff0730abaf70af1b.safeframe.googlesyndication.com
af4a474a32e33b2aff874238c3986750.safeframe.googlesyndication.com
2 MB
33 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
222 KB
21 google.com
www.google.com — Cisco Umbrella Rank: 2
91 KB
20 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
1 MB
17 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
705 KB
16 ad4mat.net
static-de.ad4mat.net — Cisco Umbrella Rank: 188473
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 150954
7 KB
15 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
11 KB
15 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
dis.criteo.com — Cisco Umbrella Rank: 597
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
112 KB
15 gstatic.com
www.gstatic.com
fonts.gstatic.com
924 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
104 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
823 KB
13 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20281
802 KB
11 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
6 KB
11 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
1 KB
10 adnxs.com
cdn.adnxs.com — Cisco Umbrella Rank: 1682
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
87 KB
10 awin1.com
www.awin1.com — Cisco Umbrella Rank: 18131
7 KB
10 bing.com
www.bing.com — Cisco Umbrella Rank: 66
118 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
9 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
1 KB
8 travelaudience.com
rtb.ads.travelaudience.com — Cisco Umbrella Rank: 127504
ads.travelaudience.com — Cisco Umbrella Rank: 5683
static.travelaudience.com — Cisco Umbrella Rank: 26643
70 KB
6 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1824
615 B
6 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
8 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 62639
2 KB
4 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
4 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 74479
1 KB
4 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 44040
3 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
4 appspot.com
adasiatagmanager.appspot.com
283 B
3 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4948
109 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 30616
api.webgains.io — Cisco Umbrella Rank: 91573
19 KB
3 conrad.de
www.conrad.de — Cisco Umbrella Rank: 100456
889 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
257 B
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
667 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
2 KB
2 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 90716
3 KB
2 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 83719
863 B
2 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 82742
518 B
2 w.org
s.w.org — Cisco Umbrella Rank: 2772
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
653 B
2 adbro.me
tag.adbro.me — Cisco Umbrella Rank: 23603
11 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1403
453 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
r.turn.com — Cisco Umbrella Rank: 4121
869 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 107304
56 KB
1 simptrack.com
tm.simptrack.com — Cisco Umbrella Rank: 240035
939 B
1 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 122254
549 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
713 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 54581
611 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
717 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
408 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
586 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
0 everesttech.net Failed
sync-tm.everesttech.net Failed
1668 58
Domain Requested by
417 www.marumura.com horoscope.marumura.com
www.marumura.com
travel.marumura.com
200 travel.marumura.com www.marumura.com
travel.marumura.com
109 horoscope.marumura.com horoscope.marumura.com
49 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
48 tpc.googlesyndication.com googleads.g.doubleclick.net
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
46 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
horoscope.marumura.com
www.marumura.com
travel.marumura.com
42 assets.ad4m.at as.ad4m.at
37 pagead2.googlesyndication.com horoscope.marumura.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.marumura.com
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
www.googletagservices.com
travel.marumura.com
32 ad4m.at as.ad4m.at
ad4m.at
32 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
26 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
21 www.google.com 1 redirects googleads.g.doubleclick.net
www.marumura.com
horoscope.marumura.com
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
www.gstatic.com
www.google.com
21 securepubads.g.doubleclick.net anymind360.com
securepubads.g.doubleclick.net
horoscope.marumura.com
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
www.googletagservices.com
20 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
17 connect.facebook.net horoscope.marumura.com
connect.facebook.net
www.marumura.com
travel.marumura.com
15 c1.adform.net 15 redirects
13 www.googletagmanager.com horoscope.marumura.com
www.googletagmanager.com
www.marumura.com
travel.marumura.com
13 anymind360.com horoscope.marumura.com
anymind360.com
www.marumura.com
travel.marumura.com
11 dclk-match.dotomi.com googleads.g.doubleclick.net
10 www.awin1.com 4 redirects as.ad4m.at
10 www.bing.com 3 redirects 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 a.tribalfusion.com 1 redirects googleads.g.doubleclick.net
10 match.adsrvr.org googleads.g.doubleclick.net
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.marumura.com
travel.marumura.com
9 x.bidswitch.net googleads.g.doubleclick.net
9 www.gstatic.com googleads.g.doubleclick.net
www.google.com
www.gstatic.com
8 prod-rtb.ad4mat.net googleads.g.doubleclick.net
horoscope.marumura.com
8 static-de.ad4mat.net as.ad4m.at
7 ams3-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
6 ads.travelaudience.com 4 redirects rtb.ads.travelaudience.com
6 ad.doubleclick.net 6 redirects as.ad4m.at
6 fonts.gstatic.com fonts.googleapis.com
www.google.com
6 tr.blismedia.com 5 redirects googleads.g.doubleclick.net
6 cdn.jsdelivr.net anymind360.com
securepubads.g.doubleclick.net
4 track.webgains.com as.ad4m.at
4 cms.quantserve.com 2 redirects 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 pb.media01.eu as.ad4m.at
4 pv.medialead.de 4 redirects
4 www.googleadservices.com horoscope.marumura.com
4 adasiatagmanager.appspot.com www.marumura.com
travel.marumura.com
4 csm.eu.criteo.net ads.eu.criteo.com
4 cat.nl3.eu.criteo.com ads.eu.criteo.com
4 ads.eu.criteo.com googleads.g.doubleclick.net
3 imageproxy.eu.criteo.net ads.eu.criteo.com
3 cdn.adnxs.com googleads.g.doubleclick.net
3 adsdk.microsoft.com googleads.g.doubleclick.net
3 www.conrad.de as.ad4m.at
3 www.facebook.com www.marumura.com
3 region1.google-analytics.com www.googletagmanager.com
3 fonts.googleapis.com googleads.g.doubleclick.net
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 api.webgains.io analytics.webgains.io
2 partner.o2online.de as.ad4m.at
2 www.lead-alliance.net 2 redirects
2 www.telefonica-partner.de 2 redirects
2 s.w.org horoscope.marumura.com
travel.marumura.com
2 d5p.de17a.com 2 redirects
2 tag.adbro.me horoscope.marumura.com
2 gum.criteo.com 1 redirects static.criteo.net
2 rtb.fr3.eu.criteo.com googleads.g.doubleclick.net
2 oajs.openx.net 1 redirects horoscope.marumura.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 af4a474a32e33b2aff874238c3986750.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 bd9cdb6a62645734ff0730abaf70af1b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 z.moatads.com rtb.ads.travelaudience.com
1 static.travelaudience.com rtb.ads.travelaudience.com
1 rtb.ads.travelaudience.com googleads.g.doubleclick.net
1 8757e24f1ddcc22b19dc72e979cfba96.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.track.production.webgains.team as.ad4m.at
1 analytics.webgains.io track.webgains.com
1 tm.simptrack.com as.ad4m.at
1 banner.congstar.de as.ad4m.at
1 dis.criteo.com 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com horoscope.marumura.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 www.google.de horoscope.marumura.com
1 dsp.adfarm1.adition.com 1 redirects
1 r.turn.com googleads.g.doubleclick.net
1 ad.turn.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
0 sync-tm.everesttech.net Failed googleads.g.doubleclick.net
1668 89

This site contains links to these domains. Also see Links.

Domain
www.marumura.com
facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.facebook.com
Subject Issuer Validity Valid
horoscope.marumura.com
R3
2023-10-23 -
2024-01-21
3 months crt.sh
anymind360.com
R3
2023-10-25 -
2024-01-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
marumura.com
R3
2023-11-07 -
2024-02-05
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-02 -
2023-12-01
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-29 -
2023-12-23
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-09-25 -
2023-12-24
3 months crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-09 -
2024-01-06
3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-30 -
2023-12-25
3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-17 -
2024-01-18
3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2023-08-15 -
2024-09-15
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-10-04 -
2024-01-02
3 months crt.sh
*.appspot.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-07 -
2023-12-30
3 months crt.sh
www.google.de
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-26 -
2023-12-23
3 months crt.sh
adbro.me
GTS CA 1P5
2023-10-12 -
2024-01-10
3 months crt.sh
ad4mat.net
GTS CA 1P5
2023-11-18 -
2024-02-16
3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2023-11-21 -
2024-02-19
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05
2023-10-18 -
2024-06-27
8 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-10 -
2024-03-09
a year crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA
2022-12-06 -
2024-01-06
a year crt.sh
travel.marumura.com
R3
2023-10-07 -
2024-01-05
3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh
simptrack.com
R3
2023-10-16 -
2024-01-14
3 months crt.sh
*.webgains.io
Amazon RSA 2048 M01
2023-07-24 -
2024-08-22
a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03
2023-08-30 -
2024-09-27
a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02
2023-10-11 -
2024-04-08
6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
rtb.ads.travelaudience.com
R3
2023-10-30 -
2024-01-28
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
ads.travelaudience.com
R3
2023-11-06 -
2024-02-04
3 months crt.sh
static.travelaudience.com
R3
2023-10-02 -
2023-12-31
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh

This page contains 101 frames:

Primary Page: https://horoscope.marumura.com/
Frame ID: D9C221254A1970C43480204774B70BA1
Requests: 143 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 158911CD3FC232F176FABA0620C619AA
Requests: 1 HTTP requests in this frame

Frame: https://www.marumura.com/
Frame ID: FC58D031ED0D8ED0CB98C4A2C5D319BA
Requests: 132 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=3025194257&lmt=1700797751&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751254&bpp=26&bdt=804&idt=323&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=170811255513&frm=20&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=365
Frame ID: 1A55C3A28E1A979A5ADE8F826BE9B512
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Frame ID: 3E8DDE7D99D056F6ED595CF64398D537
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Frame ID: C5351DD8473CAD56EB6D9705EC8EE551
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Frame ID: 89816134B7A2B9DD787A46D37F91692B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Frame ID: 6A6E2C49D627907F4C26121D4AD3939C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 22664B2E5F9C1C69E5AC0527C91880DC
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jrph2hw4dp6t97kepzc0azdjznxempj36f4bf96b5wvnrb354c0sw7kh11724abbw2twzymfzwc4hrxnr5adej5tv2s8670dnntqqr7f1s8v54zhsgp7drkvkz97511f702pch422gc654zgge4pt6d3cjm11eds66gennyxd199pe6hbbbaxyks7aggpqw2dpbpy7rjy7c2v6aj7syt2pasq63g6fb0ffgtrmjzm8s313s7m5hge7r8hhvya32xsmknpm5rqfvz7a9b8y7ej11yspek2qg5djebg38hcmyzdmjcf3ckatvq11rjyph1nad2nzp692t71rb9sg17mkx8409jyv2my4jv3nec888a9daa6rqb189qds8becn8vc6q8ev8vna2ccf5szsabtxna7cczkf1yy1acyn4mm0dmcckxyq161ehqpf8rd0syzpanz0s4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: BA8B93715A36D79EA50C2385A2390786
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0D0E3FA210281A1698494711CC7459B8
Requests: 9 HTTP requests in this frame

Frame: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 197102728137F24DB1D54FC47CA3D0D2
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1k3q9t6bwc2njabx9r3fqvkwyn3nyy5311r87m58tqmz14rkcgaw862fd2zcwczfhedrrzvarjdbh65kjw5y2dz0gm8my2shh7k3nbvknahfyqyjv48zz6c97p4encxdqj4v4c862h6tvggwckkcejxejx7831t5d0gkpbrk827mhz2r5rsjbd2dkw73fj3nfszvfvpjzj45afbfmmsec3q5jdx9kvn5731x4wat93ze8g7p464czsf2tpdw0s05ck25wvwvbkp5vxynz7m4ze2829pdpj8yt189eqh7remsxjwt0f5bs1f7jzpksws61jv2b68fghfchnmdv1q2j521k1j8ecwskhwhh4mg8mfty7vx7z3ewabafnhsez4a5atray0dywmt16ecjdq2vea8tjjg0d370bnw6ytwn7vw3gpzzamacdg8k80jyvwpnhxbp846tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 58A8D14312E5E0F5D7A965AC376CA870
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15A9BA0A7405D006078D4CD72FDFFE0B
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=horoscope.marumura.com
Frame ID: 40831196C8AB0B029F33529F919153CE
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWn92MRxvB-Xd3SwzBESGvlo-WXTk2XYkYOYquKdUDkpITwin6tt8110-SEanFfuZwXXgbs6ZHkb2H4DhjcgUPGPyO0wkpc_HxXRXHGoEe_3gPwUDi5nq_hsPFewCBaDzHOScsIOkX6VQU2JsruaEEk_a_yTgu9_gDSPvOP3iVH2HXXczoVlBl2SDDAt0AmP8J6tV9Gcvdcxw8aHz87nslEmw9jX5tuzJVCfp4maJo93Yh3NAkuEC1pNoq5w4Hp_MiXdGbiPUQqb0kB4aL6k1T8EccoI0ljSJCM3n9xvgXe4xLZSQ_Xay0eL8Kl6WUVV6ZyjKDUdSRnmC9I3496WKdQy-CLXvR6-dUZNLSyLuJqwobHuE-XwVOgPTOzwcIqPn2951B&sai=AMfl-YRRhscrWVk8AIPH-HHXrzuAtxOd9p44EotD7CnBVBfb0VvxKkj2WrAIz0cy_oEscSusZ5ZeWMJONF4FW6rNQ9d6jGr_S5MmawsVbvSHGDqptRg5XG3qCvQtO4o5vRc&sig=Cg0ArKJSzF5uRpqjSzEtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6C65D815C0A73A9E2CB477C83EA56DD2
Requests: 6 HTTP requests in this frame

Frame: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0DB5BE3CAF9A35FC821D8190F2E90C76
Requests: 17 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3327966A10A04B892B25F894B11A1276
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: FDB257857A91A535AEF962575AE8BDC9
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F8C74EE97EC8888F3576D736D3DFDCA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 5D98B0661FDAB0AEADB0FA39370FA9D0
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: 8228D88AB0BA70C1E09546557268E573
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: 81617352C569BD973C25F86765623130
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A5A09B8F54C5530E1FD5FD9D8E40F80
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB923AC7B0986FC53B17601B9EABE84B
Requests: 5 HTTP requests in this frame

Frame: https://travel.marumura.com/
Frame ID: 1A65DC93FDA985580434CE69B8DA2CBA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=3279755396&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753540&bpp=24&bdt=855&idt=271&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=1047774126216&frm=24&ife=1&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jtq1fkxkqq67&fsb=1&dtd=326
Frame ID: 51553AD6969C42CBB642C6CE98C8F491
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=1844481270&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797753&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753571&bpp=8&bdt=885&idt=306&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=1047774126216&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i9nvrn79u379&fsb=1&dtd=316
Frame ID: 7ACBC2E06A5B8A6A14AAEFCCC8DC2185
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2828400960&pi=t.ma~as.4574689270&w=300&lmt=1700797753&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753594&bpp=20&bdt=909&idt=347&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=1047774126216&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.3cv2ioiilllk&fsb=1&dtd=352
Frame ID: F67E1118B50BAA2715C896CB2E593309
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1816246101&pi=t.ma~as.4574689270&w=300&lmt=1700797753&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753620&bpp=1&bdt=935&idt=350&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=1047774126216&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.hhrkrab6dcqe&fsb=1&dtd=358
Frame ID: BF9550709A30B83D2E73EBBE17E1D828
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Frame ID: 28A7F9B86D6A80B65CCFDA424C053C9C
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Frame ID: DDD44F2522C4E53BA592AD3F29345ACA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Frame ID: 3FACA91BBBC43334BF4A04599B64E87E
Requests: 7 HTTP requests in this frame

Frame: https://www.marumura.com/
Frame ID: C09DC2D2CC96CC625CCE76BE07A2A5AD
Requests: 162 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ghvtts2h0ybny4sfcqbt5263rwgdg34ksp73g2bcspbt9zz5nbn30t3g8jgtzk7c7fqxcxkeb58a9ee1g4kapp9xe3yyet9pqtndfzwe6jrfeb0vhe9rhvwbz9acqjd431n7mr62emxw1kwnkvzh1xc3e36n3e32b1e3ytpapz6y4n74bemha82hkxwdx8wk758w0km3w8t3sxzwdbpdtayy0k3jgh6gj8m6hk48qrx3vbnn3cqdtfg9c5qfkreztk8cdgcnwyh5bzxtcve9akyxmjf8jmzbt7vas5wg2x2pv4b7yzy1ryx6bw8n1s8mc6ddr7b6k54mgyd8g53r4m9wfnkpv7ytb332t114zeqna7chhqjfh5yyn9pwm3a8keg5s090wvf8f93ksdffbqetfjjsptw5k1kvnnk9j3tay0yhdg9ym5ac4ftt4qegtav39wtcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: F31CDE405210AF450F73C6E8191FFC70
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E7EAF456CA37563280680117DE41B85
Requests: 4 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j61219tzwxgk3xdd1xrxz05sbghw66mmfwp6c2c9y5vn1zmvas90ge8z9tsv93n60aggnpdwtn1nejzsc5yww8tnd2z0249k3axw6f2w0wh2w272njzhad309te86new1crkn93j5egfq4bxmskw6msh1d0agtchcf5ehs67skfsehdfr030635n06qctkj6b3c24ad0bj9p5t54vb5rkrt7z3xm554cbrtb42hyg9bgm3nw0kvg7rqky6axwhaqj62mtrmkaww5t5y044znthccehfjv54q2s7kk6te8f2qy82fxzqqvahp1kye8yc5ck7139rk4kacndj99n4075q2yjs61gfh10z3q9ky12rfqy33gm8hrsy001vfkd4fe3gaw5jvzk8rvndz64ayf8xhrgjr7t65b79pdq6qx0q152n1d90fpchrfc137pjp7b2qa3098&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 51973FB10BF05931FAA6356ABB2CCB53
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 132243D1BC45600A4278724912ABA5F1
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F5FBA2A3D00920B7FE29F72874047B3B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 450B09D3F446E411378349E3300AF32A
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6D9932A60E3BC207A8CD6679D9540158
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: A00A2C98104421FE81EC5EDF5EDD672B
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: 9D6A7097ACD6812F6311F58A264CE119
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 484B559257294C60C2C6E055423AD1FF
Requests: 1 HTTP requests in this frame

Frame: https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Frame ID: 8C713B57952962E62D9433AC5B439EBB
Requests: 1 HTTP requests in this frame

Frame: https://travel.marumura.com/
Frame ID: 80BF90CB9628D9FC274B2BCFAD74FE13
Requests: 125 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=2751417942&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755206&bpp=20&bdt=694&idt=206&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=8649921826522&frm=24&ife=1&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4mcwvvrkrbvt&fsb=1&dtd=229
Frame ID: 6CA4A92EFC49650E66147D5D2BBB02EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Frame ID: C1F7820B91FBFDDA63A1EBDB22E83635
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Frame ID: 9F748E93AAF27D3D0E0ECD4579DEDE05
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Frame ID: D7D6B1EDBCABEF705C9A27553E1F5B0A
Requests: 1 HTTP requests in this frame

Frame: https://8757e24f1ddcc22b19dc72e979cfba96.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 27B29DE8C5A0663BF06C8E7381556FDB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Frame ID: 08E6F52D48FF9F58F2CF7BC99A920FF6
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 492B83A40B58A3F5AD4A4C68392954D2
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37E6869622169B15C9C73EEE39A45A10
Requests: 8 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000667.16.0.70015178.0.0..0.DE.-1..LnCOC22VSqh4TvNwfdvdAg%3D%3D.60024737.OTk5JTJjMQ==...HiTiL-BEsER9ZslTAW-YRg%3D%3D.a3M9.2.0&p=90000&x=250&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmj0-Ox1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTPAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Y0aMlhW2LtSCFcoEwnMoDQapW22srZK2n9s99mz-MNNvHfP69kzuKRJIAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UBgjl11djIaihYJ9v_sEuHs6KlQ%26client%3Dca-pub-9709291217657452%26adurl%3D&googlewinningprice=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw&wpc=EUR&site=www.marumura.com&slotvisibility=2&gcpm=139115&gpos=1&bidder=bidder-rtb-production-75c9797b6-rb4nh&dv=1&uuid=&suid=CAESEBvHYhN7lVIIQuYXhN6Okkc&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&ssp_id=0&l=th&ts=1700797755&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=uU-N70aF08laDW5KxN5C0GJXIozDOnIU7noFu_f2Zk4=
Frame ID: 9C007D284733AECD09BEE5D46018CBAC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Frame ID: 1879285E32CD23A00FBA32809EDD020B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE949DFA2BA854E717F5B8200AB66951
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EB787476797D91CD6E9C891711BF3D9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Frame ID: 27B8CC923A8BAFD72DEA4E9933FDDFA4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Frame ID: 6C374E51058DC3E388E8F8E3DA62DF4A
Requests: 8 HTTP requests in this frame

Frame: https://travel.marumura.com/
Frame ID: 38CDA6CF76606E4C30CF0B83B0124185
Requests: 183 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g0yjq0qzsgzap4amqkn6kzszhpf8fhwgbg25bdszgqg4r1cv3c7bav0gfw0mkahhpna2fqcxtj2nf183syb06emxjzzkyajqsadqe5mkckvk6re58w841k7n6g1z4gjw3230wm9p8gq2m2sc839vqqfemhpr0grtvzxna35cfqr34x1hbwtnrpyrbeqv1kqwb1edvrzqm90rv2vdh8y63bj2c73rt6pkefhpathp8brb9nnbqfmqzwmr79shjb28s6ft5aqt0rydbdjcdgrchww0h6rzx7qg9k9nqebkfra6hx9q48tpvbzp33gj0vmpf38hvdkxp5djfn2eby565f9f628faaqn12nk4z5d2r7gxsv4f07vd07djkp8n3yfkpzx8r1b1frk1c09032ty0t3qrn1g1db1kyahj3w8xyyfrdv1ye8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: C7E26EE63D5EE7F0C7B5902449F515D8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BE6D2414F2179AC8C7E6FC21176816BE
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jsapthdvnzdx2cgpyf7fg67r5692g5txd454vpz3akartvfy4hqepgrbwkmsykj7qkmpmtan3g60j2xkqn2h3zyamm64av2qp6kvdgd29c0wwyjg22cdq1pnxr14zzx4thwazpmyga7mmnyq09ps2mdx9c46jmmz5p2mr7zmhmbwyngas80dj0y29hme996x214z64drp2h6svck8bqp3k5k435hg3gek7g5b4wycbxc5se8fksxgfdvh2jc40fydtr8yet3mr16b2j7e5ddwxw41xvt24dzwghgawfx6k27zdkzv62bf7052hbbzzvbb64g8c72pm4271hkdee0nmkpm4bazr4dpdzppc5vqsqvf3rcm65pw7dxd0wp5ym0449t3mt3q4yk2efg9k4ph46cchpqes1gbcytgqg7kpw2vkqyzqrc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 0D88B546A1761B8BDFC0E99AEB009AFE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E5A9D5EDBC26511ECABA30A22C70D450
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4F8A68BFFEA80DE9562C41062305DB95
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BD7E81C80400CADFC216BDDF75569930
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: F7D6946598131349E0912DA81F24A4BC
Requests: 11 HTTP requests in this frame

Frame: https://www.marumura.com/
Frame ID: 11BAD68BA03E2A53D6CE0ACECF8B3223
Requests: 168 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: BCFE74C0995F562E344BF1F53E09FBFE
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=2662586040&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758186&bpp=5&bdt=1038&idt=143&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=7015020409522&frm=8&ife=1&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.13ypc9ftg126&fsb=1&dtd=171
Frame ID: 0C60A0D56BEABAA5C32DC08197BC9DD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Frame ID: ADFB247848CF3F9991013EEA791269C2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Frame ID: 069C7BE08ED5D3451D72B0D5116C4D52
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Frame ID: 16CA2DEB00EE0C04ECDE45575D9B89BA
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 5774E23E9579469FE5CFF50A10BBD392
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0842A553FD38B3F163BA19961589BE4F
Requests: 8 HTTP requests in this frame

Frame: https://bd9cdb6a62645734ff0730abaf70af1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 54BC4B824A4D8CD89563A4286E9365F6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hqat87455bw90b8acwd8ff7paf16chsr5xvcgyv38fcsjfrwdp10ek0vsaxapmqwp40gbmqzz100n9pteyvqafj6c588rh2hy4a1kkgvvqbye0qpqff4swskpcd9yeer6hppggn7gyb1rb4prz31ad4w3tjwe1k02y917e3y89nmpfbkdpndn3wc3pfbngac1faagmg4mdpbvmhkakx0dakj7ycch2tmjvbmemsa0hchb6knxbvtxfggfkh0qgr2mj3fsbpdz9g0zqq049y870e3nm6f62nefkr074t2aydat9k3jajb4j5vr0b6yb3kcg1wzj2b7e2c4bs7p5mpm46bmncvn8wtgvk61c8vmr1g664sft37s0t8n58grf99sdwzzs7qzvrg3751p672ferpkym8jhjer0486aeacdaqc5rf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: A73C8AD2CB638424227C9629C6EA0A6B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7ABEFD9BA66661B9FDC338328C61FE4F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0744D434463AEAC5081A5CF98EB49D01
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E01F2BAB2677ED7E760993A42DEC2741
Requests: 1 HTTP requests in this frame

Frame: https://travel.marumura.com/
Frame ID: 789DC93F4134587DADCC038A72817C2C
Requests: 124 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=92567691&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759463&bpp=30&bdt=926&idt=322&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=8649921826522&frm=24&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=1314419917&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xeezp5fst8tj&fsb=1&dtd=345
Frame ID: E116E931940FDF784E5228B9C97409F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Frame ID: 5578F4237B0EF89317BFB889FECE4362
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=4061352511&pi=t.ma~as.4574689270&w=300&lmt=1700797760&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759573&bpp=33&bdt=1035&idt=483&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C220x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pxt44r6f1hog&fsb=1&dtd=502
Frame ID: 3A0563BB49C5354ECA6D0D471AEF2067
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=15502407&pi=t.ma~as.4574689270&w=300&lmt=1700797760&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759630&bpp=2&bdt=1092&idt=530&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C220x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.aa0ebw8uxi30&fsb=1&dtd=536
Frame ID: 034D2DBE1CE0F8F2BBAECB9172D33272
Requests: 1 HTTP requests in this frame

Frame: https://af4a474a32e33b2aff874238c3986750.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 00B9C94E826EB0CE6FA36A735BB8D65F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fkhbi911snde
Frame ID: 135F9F5157E7860B6DF8AF04923F5199
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: BF13A9878E0D92381C90DFDD5FDA8E9B
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: B36CDCE5FE3A09DB3EC7094D3D909B3C
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9F86883B03FADB64DCD6A43C70F7BCD
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kxa4pt10ca07sv98bynhf54fb1t90veyfcg4vtyj5k285shqe7saxg6rbya4dj8yj3erwdzwgcnjsjprmm1syd5dc3rk39m57jmsfdjmpgfvbfehsgvxqmq1zm0yxt3504c19pmks05wgfb2n2fn1dcpm3e0kwr5fk95n076gdm8b0kxhj7mgtyhvv8ddmbkd8221n9tsxbnd9ewvw3eamzdsq25cqsnmxgd5gj85213v2gj7824sp6mb7ymg97jhqm5gyaph2n8fkv6veq8m3jv66jn9pfg5m1chz0c9pjh92zsfzctq59n3bk6y31426fvega3xg9pb5vg1bn3pnw7bxf19vjadds2x7gmxc3p2mrf8mze2h6qwzyp84989ntk3b3wnmnawpnvd65wk3cb7sbb0njk75b8vf6m893xzwk2qk99w5ht9cg810g272wmwvv4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVt9NQB1gZdnHC4eFkwOkvLOYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_Q2z_5p0AtA976xYK1oP7AByqWuTKO1yYTtXQdy3JLvosOmPW0vXueOuby7eIuuH30uNacjCKqy84UxU8oi_526YdyUcyal1B3_92kZbP0iKhUwoXMhJ1QbVtnA1tjG0fD7D9_2fsUyE6Upw3z99nMakybTNxqEas64nITK8fkEkkfd3tJ_g-1wwLCtyg_rQvzEzF2eqoqwL0dYgavRL00x7BPCkBJuRFIkAp6LmV_2uq9bW-gKqQGxe-jaASsxGdo0q53NbstWY2teMzIgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1CXel61pRUmXmvGDxHqWwW-XnoOg%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: 2CEECC27086D4A4402832010949D8238
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 27D415A105975CACC4C990BFB787C7D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Frame ID: D06DE9818CE9010CBCA4651F19CB08ED
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Frame ID: C72A69A463B438DF86A69D7EC2B31E0E
Requests: 13 HTTP requests in this frame

Frame: https://www.marumura.com/
Frame ID: B5A9384EF6F72C19A424B8B9F3417385
Requests: 110 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jn0xfpmhs96x37zxdn10ve20yw2bnne55gpdcxmh7v5ybbs19tryd9ftmmh2s2yaracv2030ygwttz29nx250jemqabe4efr9zhff6hjkhyjrjwah0bpkbkx9j11ar70n43w2xqrgew8kv9vwx88rrkkyk14a8a2482d9z345c5qvw1ja07a0vtg7xzhgrkz1zckydcbkyk60bfhx11s0t5xhpp2v89f6y85k86wzdwyzgebkyyzca8z2x1j17nf6wazz606tymd2e26whnm0v3rgds38jvnff9z8dav2xd6q9xhd0zx60hqapqp1jtwks6jsb0h9cb68v6455psests767pafgksk0sjywr3n6by44hsps8dgva1h4cq0yx92rv3tyrsrwrpr45j8bwjwx5snnbq8djm82p16e2pyr436sh0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%26client%3Dca-pub-9709291217657452%26adurl%3D
Frame ID: DDCC319FBCB8A2B9F0B018506B636612
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BC7DA09DC1D182AA46764B1EF3DACA9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8124FE4E392519B4B8145FBBAD67765D
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6C7DFB4E937E72E1B059A987E5B22765
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177100%2C196438%2C29002&b=m3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ%2CdEQfEfkfpEY8SEHjHwtEtK72aeS4TGW4fJk%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG&f=7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9%2CK1eHRfZfGJ7jt5HMHktzCgJeh7SATwGkFPj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP&c=300&d=250&e=&g=3aff0e162b4922045a77e5c899196e79%2F7225063022383144890&i=65803%2C25174%2C25052&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797761775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h62easaazafr0cgf3e9ftc1x4swrhxgg2aztk0y1qke199jjmjva47zx525gaqdjrz1fkwx0vzg6zexy11m1qn45929hscedm2ps8f5pkqg7ak5vcxzsv9gh09s4aj2b6k76ske618xtpy22bbxqjy9scnbh7xm6he1zcxcbtybyjdgvb2nehydnze3wjy3z16vbpfkgj5t6hzs762mk8cykhwh0r9e5rpncmh5tyjrmmbhrsxm661nxfa4jd2gv02kbjg47b9rh8cer5w0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Frame ID: 97FFF12A613AB65F7972391B3E070FE5
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

Marumura Horoscope

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • select2(?:\.min|\.full)?\.js

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

1668
Requests

77 %
HTTPS

51 %
IPv6

58
Domains

89
Subdomains

67
IPs

11
Countries

19926 kB
Transfer

48337 kB
Size

56
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 185
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPAxB18YDJR-Q3QInKfhJN8&google_cver=1&google_push=AXcoOmTu2XNV5Gbk4KZaRWR4I9It0cByodHke7jhxmzlNfzYGD9WYFZTsk8iftHoBN9pj67wbnU92JbzpJSmtI2MeYpcmd-1tKUL4o4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDExNjE1MDk2NTk0OTc4MTcwNg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF1Wug_zuNOEy5sV0Ngdziw&google_cver=1
Request Chain 189
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMdbjesBCAc2XDCJTVaHXiU&google_cver=1&google_push=AXcoOmT0q3KurUELlxuPxxoKduavh2nTg5OkGtQZ-_q8GuzVIPJP898LGvnp68001ULwRHFVSlTxznuz1ZNoFByzDcPREQ6o-Me6rQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDg3MDcyMTk2MDkzMzUxNg%3D%3D&google_push=AXcoOmT0q3KurUELlxuPxxoKduavh2nTg5OkGtQZ-_q8GuzVIPJP898LGvnp68001ULwRHFVSlTxznuz1ZNoFByzDcPREQ6o-Me6rQ
Request Chain 190
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJvmPY-UtkG16KEcQZHU43c&google_cver=1&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgothBv2aHZwbuaCp9sZCZf32AbJc HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJvmPY-UtkG16KEcQZHU43c&google_cver=1&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgothBv2aHZwbuaCp9sZCZf32AbJc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgothBv2aHZwbuaCp9sZCZf32AbJc
Request Chain 191
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB8C1t4FCy9PaUFEiR51VjY&google_cver=1&google_push=AXcoOmSKiVYjySbE0xFcDwFYXO98IGGd9TXDzPvw381fP64JpkuhW3Cg0lIn_IZUBTPSxrL29KSDvLLSxi5KzJl3ntteRqLAcBqS9zU4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSKiVYjySbE0xFcDwFYXO98IGGd9TXDzPvw381fP64JpkuhW3Cg0lIn_IZUBTPSxrL29KSDvLLSxi5KzJl3ntteRqLAcBqS9zU4 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 194
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhoroscope.marumura.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhoroscope.marumura.com%2F&rid=esp&cc=1
Request Chain 307
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 309
  • https://um.simpli.fi/gp_match?google_gid=CAESEE5u_HrIxY8bQLsVHCsHMlA&google_cver=1&google_push=AXcoOmTFtjpG9QSuXeVT78YDX8A_b5zmBfgBtYhPsY6_Y-dX61dYMr4HLsOKPO-YxRuT7PvZCSta_xdOF5p6ig-nX5eW6fRE_OdUfxY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68AA1CBDC4D34F58A256AD01C577AE39&google_push=AXcoOmTFtjpG9QSuXeVT78YDX8A_b5zmBfgBtYhPsY6_Y-dX61dYMr4HLsOKPO-YxRuT7PvZCSta_xdOF5p6ig-nX5eW6fRE_OdUfxY
Request Chain 310
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGLEG8b0myYJ2S141jpNwIY&google_cver=1&google_push=AXcoOmT9DS_8N6AsQgkmuJ97Ib_8sFdcgOMv6jN5PAuYigsYNuuBZSXuO2iP6C8gIqXBQ3SXXQkH94Jf75MzokQDw0vdtO3g4s6RX2A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT9DS_8N6AsQgkmuJ97Ib_8sFdcgOMv6jN5PAuYigsYNuuBZSXuO2iP6C8gIqXBQ3SXXQkH94Jf75MzokQDw0vdtO3g4s6RX2A&google_hm=qI3t8BJLQsCDnbhagLb515k
Request Chain 311
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJZmlqseNGHC3Ao0x1O8eEw&google_cver=1&google_push=AXcoOmRnKIj4mn2bw4IJHgZw9ikEM9DjAGJ2sY5GLy-G9gH_of1SD3Y9CO5Axf7Tg5DAae-GKvy4sCdyds7gCdmmN0Wgbq_XKnQgmA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRnKIj4mn2bw4IJHgZw9ikEM9DjAGJ2sY5GLy-G9gH_of1SD3Y9CO5Axf7Tg5DAae-GKvy4sCdyds7gCdmmN0Wgbq_XKnQgmA&google_hm=eS1zanJwRFQ5RTJwRUdVb18zdHlIYl9saUp4aV8uYmZCbH5B
Request Chain 312
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOkIoiGP5djlUUSC2ZnEDUE&google_cver=1&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_oM4OrqDs HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOkIoiGP5djlUUSC2ZnEDUE&google_cver=1&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_oM4OrqDs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_oM4OrqDs
Request Chain 318
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=marumura.com&sn=ChromeSyncframe&so=0&topUrl=horoscope.marumura.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=FfUo0nxZaWFXU05XL3dBVHR0Vk9kRjQvS0J2cUc0ZjYxdVBTNkN0Y1FrQXAwRUZvWWVldWZNeFV6QzlkVXVGc01Mc0JhZloySzg3eVg1a3gzUm5ZUHhhQVpRVUcyZStzSHl0NkdHb0dGa3NKMUJQazV2cmNQZkNrc2RwRjdTa3A2eGhCaEVYSllBcnpvZmFJNzQ2aHZESEhTRnNVY2NiWmZIa2FCQjl5VGkyTkpmZ3pwWDVIVStkRnFyWS9jVjRBYVpISlgxQVMrS1g2a0tZNzIxYjhKUk5iQVRoN1NKMTZjM2QwL2tOa2djL3VCdzE0UmVVQlIrWklsbGgwYnpGL0VXVS90amFwSUNCK3BsbGp3V1RuOWtZaHo4UT09fA&cppv=2
Request Chain 335
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUydgNx1gZYz5KuKniM0P2pevsAuh-tGEbJrMot28Dtac3siEORABIKGkxmpgleKQgqAHoAHGlqfwAsgBCagDAcgDywSqBNkBT9CcAqiQkA5wCNKo5nzXaLmBqs3gVl1-6v0bEVfncCZHALw3qguGulWqHT1ngobRG_hdafkCGdpekYLabOFDA5OkBx-vwXLmQ-7-q0MvtHPPWFWrHv2TvKE46E9lnJ6orBitZkNUBeNzZQ8tQrAzDdXbUvOf1I11s3lXV8cPKD2zHFnxDT1Zju3cWo4kCz1FSWsY74aE6BN7BNZDH6g8bnLGBoNRFq8U635GmDfmfHeSCae_KJdjpGeYetHM-56a9AWL2VgsH4ZR7bPm521C9iknvLjcff9SjcAEz7XvhNADiAWWvfi4NJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAei6diPAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEP_OBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCR1odHRwczovL3d3dy53aW4taW5kdXN0cnkuY29tL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxArgT5APYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=pkbdCzJiIdg&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNT8PmpHVdeF5fzcTKtZN7Ef_C21Y8L_XTI25aWBJIexSBxJ4Z5qlNFbN2uIey5r6YTihSiC5W9GCFumywe0021YBTY6yapWz0KwAYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213166640955667595940%22,%22debug_reporting%22:true,%22destination%22:%22https://win-industry.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22772393798%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228549471452360419297%22}&andc=true
Request Chain 351
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
Request Chain 361
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=456654&produktid=Freshmoney&dt_url=
Request Chain 375
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT8KIRl78x81WsxywcUDYuGYNS-6w8c6_RWCyfCKXhggw7d0zhC0DXgsNDf9OBjlz1e7CEG5ai_iYYZjAusX1ZQXEyKdmPa&google_gid=CAESEJxUoZht7JCDg9JqJrgw57w&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lPOcC26NzCuVUZtfYK8Z-1Tp3mCf_lGnBrE5mQ&google_push=AXcoOmT8KIRl78x81WsxywcUDYuGYNS-6w8c6_RWCyfCKXhggw7d0zhC0DXgsNDf9OBjlz1e7CEG5ai_iYYZjAusX1ZQXEyKdmPa
Request Chain 376
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTiW3WANpqEj3z3b5Kh781cmsFFoT2FXks2WfV0ZH6I-90GebJ6fdSHXqxoGvqesLw3Ya4WaPQkAdBuUNy0mVSrQ6NUqkry HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTiW3WANpqEj3z3b5Kh781cmsFFoT2FXks2WfV0ZH6I-90GebJ6fdSHXqxoGvqesLw3Ya4WaPQkAdBuUNy0mVSrQ6NUqkry
Request Chain 378
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 543
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONVUMmrOEgcjCy_BQ5bu9Y&google_cver=1&google_push=AXcoOmRWerSovN_DpVac7fJfROCeEjdwmcN5dznzgFQ5MU_lpX0djIOagIw0vA0VOo4IS_C2mHXHKnb_Q0l_4HQ4d6YCEJe_-o2u8bA HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRWerSovN_DpVac7fJfROCeEjdwmcN5dznzgFQ5MU_lpX0djIOagIw0vA0VOo4IS_C2mHXHKnb_Q0l_4HQ4d6YCEJe_-o2u8bA&google_hm=UI_6A4PMLZ9a0DQBhrB6Uw
Request Chain 544
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmSFjWvjOgPLmWsRcCAMwoN502FGu90AHw46JRu0xgqIlRkIlcmnQ1udsul-WeZOnLfJErjB01CMX2d13ykeXdGd0tgeXdgFow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSFjWvjOgPLmWsRcCAMwoN502FGu90AHw46JRu0xgqIlRkIlcmnQ1udsul-WeZOnLfJErjB01CMX2d13ykeXdGd0tgeXdgFow
Request Chain 552
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmSygYC7uVXaNoxGwUBF_6iS7cWdBchVo36Dq_DdsyRxIswTPQMjwft1J-RfwlRAHT2T3q_L_45eMrEHYJVr3Xr6GzM3B7szZmmz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSygYC7uVXaNoxGwUBF_6iS7cWdBchVo36Dq_DdsyRxIswTPQMjwft1J-RfwlRAHT2T3q_L_45eMrEHYJVr3Xr6GzM3B7szZmmz
Request Chain 574
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONVUMmrOEgcjCy_BQ5bu9Y&google_cver=1&google_push=AXcoOmQNklv94G_gbRIoUUXVM9RnBRM2_DILRZT_O0HElvtHPpuXGtHDNIUs3sEJQKF1wvYi0SbINtqQJbxGbfYah_xynDyXa52L-90 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQNklv94G_gbRIoUUXVM9RnBRM2_DILRZT_O0HElvtHPpuXGtHDNIUs3sEJQKF1wvYi0SbINtqQJbxGbfYah_xynDyXa52L-90&google_hm=UI_6A4PMLZ9a0DQBhrB6Uw
Request Chain 575
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmRF1bUIhsob_-i6kgxooZViyWNf4Ot9FeaaOX8O3Wb0WTkm4MsUeX-1dwRonmjknEJDI_9zQ5bLoJAGEzO6YGELPawNn3XWKH0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRF1bUIhsob_-i6kgxooZViyWNf4Ot9FeaaOX8O3Wb0WTkm4MsUeX-1dwRonmjknEJDI_9zQ5bLoJAGEzO6YGELPawNn3XWKH0
Request Chain 579
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CGxgnOh1gZaiPEtOZiM0P1uy66AbBvr7scr6sx5a0DtnZHhABIKGkxmpgleKQgqAHoAH1mI2LA8gBAakCIIAz_TlMsj6oAwHIA8sEqgTXAU_QWQiujnor3ehzaT41fAp9twAL3KYnBqddZQwNgRbaudUtLoiIcaFfl2MQi76qOjxf6emZfPUGuhh8hYFwsjQS2wAYCIP7A70MTazHwYtviDB3ePs77oeer0kws7vFt6YrUkj_cE7-Ghct03Ey0lfDEnJEWfujDDPyMfOWHJRA8G_595iDr0jUK8lppEXF8ZoghbCCmWBZ3vUFfZLl6Z2eZtOB7gKDgEfU9uARFX3XiNDvrtYigHj4AYv7s_ujyJ1fguSffuiU7ds0tMxptdHw_EfIguuywAS86uL-zgKIBYqnv9EHoAYCgAfz5vJ0qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4MEK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJLGh0dHBzOi8vZGlnaXRhbC5jYXBtby5jb20vZ2VuZXJhbHVudGVybmVobWVygAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTA4gUCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NzA5MjkxMjE3NjU3NDUyGAA&sigh=2IsPGn0R3rA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNy2NjrsfNyCsX9owwYfyQA7DJxq31recPNxgyR15kuX8-gDQRLh6Zcvas6UyiD_UwVqt7-i5BYhgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228993534012767872275%22,%22debug_reporting%22:true,%22destination%22:%22https://capmo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22828591221%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229735366185313061121%22}&andc=true
Request Chain 586
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJWEm7Dd24IDFXSR_QcdAQQKfg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 589
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1700797755_6fbb7cc0-8a7c-11ee-b3f6-2239b4908fbf&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 595
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIaIm7Dd24IDFVco4Aodz0sHNQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1700797755_6fd9b320-8a7c-11ee-b3f6-2239b4908fbf
Request Chain 799
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=828feb2c-b369-4935-9d1d-d0d7076ed0e5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=c2daa8c0-fc78-4483-a26b-39d468ade9e0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dbe41f6c6cb66484c88ecc32931f9c838%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7665501&trafficGroup=knaqe_3c&trafficSubGroup=uvrenepuvpny_oybpxvat&aid=4438714460420044212 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=be41f6c6cb66484c88ecc32931f9c838&SNR=1&GV=2&med=10
Request Chain 839
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmTSvcaEJHLwQDKP3nCdE22l44wLfuaK385kSuSTGGnBrM-y7JJTqwv9icHDxcsRccJv83lRDtCwbFkvfVg7u2DqP_e_jFUkEQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmTSvcaEJHLwQDKP3nCdE22l44wLfuaK385kSuSTGGnBrM-y7JJTqwv9icHDxcsRccJv83lRDtCwbFkvfVg7u2DqP_e_jFUkEQ
Request Chain 841
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmQj2IzhOgqUtRxlSo4c_-h5S3C80RJctOIUMiuQq2qN2CaFzP1ko-1LtrYuzFZOGP2Qv5J2gu1DrYRUUK4dlXZRY-7FGJ_grg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQj2IzhOgqUtRxlSo4c_-h5S3C80RJctOIUMiuQq2qN2CaFzP1ko-1LtrYuzFZOGP2Qv5J2gu1DrYRUUK4dlXZRY-7FGJ_grg
Request Chain 847
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmSfI1PwZILi-V4L_7YBtcMIUOAODLeWJZPPz-wc-MqQfpeJrqslmeR5LvWYHx3QGjEOo7aA7zT_fsF8UqrUr2JkBmAIw2G36cGz6YQ3dk5CqdEpq2It0LNMXnpGJtR3hEKZMpD--28sa66Xd-oJBjIfpLM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSfI1PwZILi-V4L_7YBtcMIUOAODLeWJZPPz-wc-MqQfpeJrqslmeR5LvWYHx3QGjEOo7aA7zT_fsF8UqrUr2JkBmAIw2G36cGz6YQ3dk5CqdEpq2It0LNMXnpGJtR3hEKZMpD--28sa66Xd-oJBjIfpLM
Request Chain 849
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmRZwVowvo9JIYPqLL_cdCPJexv80-iH7KmJ6jbF1oCuKZMf93Xbd85cNDJFo0psZWAOxbyqelsUCNwciQRCSpx9aoowkTyuct5nTNVI6mH6e-if_hwiJpzwmT0aKc9Lnu-IawR4c7Vn-9uj_jIBhqpz0JU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRZwVowvo9JIYPqLL_cdCPJexv80-iH7KmJ6jbF1oCuKZMf93Xbd85cNDJFo0psZWAOxbyqelsUCNwciQRCSpx9aoowkTyuct5nTNVI6mH6e-if_hwiJpzwmT0aKc9Lnu-IawR4c7Vn-9uj_jIBhqpz0JU
Request Chain 1010
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmSrmXVHT1OZLjENoCtUWwBXtDjagwkw8osnJjTsW2HEQkn9DCR8zERYVWt8W6NWiNzwQfIuub50oSwzRvJVslUs13uOvQEXdvSn HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSrmXVHT1OZLjENoCtUWwBXtDjagwkw8osnJjTsW2HEQkn9DCR8zERYVWt8W6NWiNzwQfIuub50oSwzRvJVslUs13uOvQEXdvSn
Request Chain 1012
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmSsnL2Eiw4_DwQgHrZObmiEIkvDTN6TDJTxpg14ims1ll29a04z2UJxo9QkB8rxgdZtlyN8TUT-8Pfw6IjBYNT4jq-ksNk089s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSsnL2Eiw4_DwQgHrZObmiEIkvDTN6TDJTxpg14ims1ll29a04z2UJxo9QkB8rxgdZtlyN8TUT-8Pfw6IjBYNT4jq-ksNk089s
Request Chain 1020
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cver=1&google_push=AXcoOmSPDaRAOcQfauW0bphhjodf2FfGIeQUc5tBiJr2SztrqcOT82I7x9uByy0MqogP_gDoqof6Di2f9H7CjZ60eQ-ta-l_Kr0TFA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cver=1&google_push=AXcoOmSPDaRAOcQfauW0bphhjodf2FfGIeQUc5tBiJr2SztrqcOT82I7x9uByy0MqogP_gDoqof6Di2f9H7CjZ60eQ-ta-l_Kr0TFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akphRlRCY20xUjZuYlQ1&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cver=1&google_push=AXcoOmSPDaRAOcQfauW0bphhjodf2FfGIeQUc5tBiJr2SztrqcOT82I7x9uByy0MqogP_gDoqof6Di2f9H7CjZ60eQ-ta-l_Kr0TFA
Request Chain 1023
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmQ5Luj7hq-fRB_QZR6gm25KeGDh70541XG8h2UGfF53-rcRnKHUmxcJZlJv6vUMpABOOUko-FeGnwXST3sQtUHO6B9bEwPoCA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmQ5Luj7hq-fRB_QZR6gm25KeGDh70541XG8h2UGfF53-rcRnKHUmxcJZlJv6vUMpABOOUko-FeGnwXST3sQtUHO6B9bEwPoCA
Request Chain 1025
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmQ3YEW90zp0z4dW4gw1NhynUDwbilZSzXu7qfDPviguGTcc0_eLox20rdeVFQ86nJH_QE0ny8j45rDrqjssSjH0Ji_PL5s_Rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQ3YEW90zp0z4dW4gw1NhynUDwbilZSzXu7qfDPviguGTcc0_eLox20rdeVFQ86nJH_QE0ny8j45rDrqjssSjH0Ji_PL5s_Rg
Request Chain 1052
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKWP1bHd24IDFSn0EQgdawcN6g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Request Chain 1073
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidMYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidMYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3oneid__suite_Netmix_Reach13_BlackFridayPush&actionid=920184&produktid=girodirekt&dt_url=
Request Chain 1076
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1700797758_71b88540-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 1230
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=624a4bf2-a79e-4b85-b5e9-867bf3eec67a&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=66e2a00f-41ae-4577-8a1c-6274b14cce18&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3D7cd4723b3eb047c98de4cb61972e6ee3%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7665501&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&aid=7120694185878343111 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7cd4723b3eb047c98de4cb61972e6ee3&SNR=1&GV=2&med=10
Request Chain 1254
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSnMnpaNUVgDCyO1EP6lxYiZNnw2otwaQe0JzMYg4GxezKN7KrRIhx_i0HanVUlf3uuKWUafosFw6ZgCX7931vJIHbPn2KaQQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSnMnpaNUVgDCyO1EP6lxYiZNnw2otwaQe0JzMYg4GxezKN7KrRIhx_i0HanVUlf3uuKWUafosFw6ZgCX7931vJIHbPn2KaQQ&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Request Chain 1256
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTbCD-nLYiToHckjZ1x3bka-nhCdkxZm6pJ8yjiOGFGJI2-Kv3p5m4APb0ZyxsIC-wSLTBC1FueFmzVSkmJ4nUbbnjwllqHFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTbCD-nLYiToHckjZ1x3bka-nhCdkxZm6pJ8yjiOGFGJI2-Kv3p5m4APb0ZyxsIC-wSLTBC1FueFmzVSkmJ4nUbbnjwllqHFA
Request Chain 1271
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSflJLrAhNd3YBP8_0R9Wbh0BjQNEfh5zhgokApQgDAZ6Kgu_nm1HbX3_F-ePD0zLgK2efaPM6xLFvCIAHgrluqNxQCNOxx4g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSflJLrAhNd3YBP8_0R9Wbh0BjQNEfh5zhgokApQgDAZ6Kgu_nm1HbX3_F-ePD0zLgK2efaPM6xLFvCIAHgrluqNxQCNOxx4g&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Request Chain 1273
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmRHYsf_EBZvbkrRcw7fy5Mor6tUanUfaD4kfFukhcMlICSVozVXq6fF8MI_Vcz0Jmri6KByROAZ_B3UP5SoH4BqXaquOnrbFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRHYsf_EBZvbkrRcw7fy5Mor6tUanUfaD4kfFukhcMlICSVozVXq6fF8MI_Vcz0Jmri6KByROAZ_B3UP5SoH4BqXaquOnrbFQ
Request Chain 1306
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSbP21Hw54l2ppGxB5X-IC9QJlF2z_mfNcv9G96u6D9lNL4OJ7LCxvOZ_XQa_G_3zBwiwicRZytLi3EAHx1sHbre3BkR8FjZ90 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSbP21Hw54l2ppGxB5X-IC9QJlF2z_mfNcv9G96u6D9lNL4OJ7LCxvOZ_XQa_G_3zBwiwicRZytLi3EAHx1sHbre3BkR8FjZ90&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Request Chain 1308
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTaagAS1O6bhtJB4e5HoxM7uE5rRGGY-TQ0gqdOfyZq97RiE8KLduB2xkGA3a9Kj1w6BRvgZLPu8BIIdyA6wM-LYDObSnok66k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTaagAS1O6bhtJB4e5HoxM7uE5rRGGY-TQ0gqdOfyZq97RiE8KLduB2xkGA3a9Kj1w6BRvgZLPu8BIIdyA6wM-LYDObSnok66k
Request Chain 1499
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzDoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1700797760_73118590-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 1502
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLC467Ld24IDFc_BuwgdGqECxg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023112404492090772425441X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023112404492090772425441X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Request Chain 1505
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=981741&produktid=&dt_url=
Request Chain 1629
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=1239f412-989c-4664-8134-32244378f70c&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=552ea9b6-a8b3-40d2-b7ed-06f12b0712f5&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_1-1-0%3F%26RG%3De9d707d58edd4377a68add63cbe8d1b5%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=7665501&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_hzf_35&aid=913890938134924197 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e9d707d58edd4377a68add63cbe8d1b5&SNR=1&GV=2&med=10
Request Chain 1654
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSe-l6C5GkwosZciaTHsczQjIKzZfivPhYTJWSnRw5-QmF71HKzH4RgC0AFwsU3dYnJaD2L34x_bXYWWigV_efzYzZOYxsiyA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSe-l6C5GkwosZciaTHsczQjIKzZfivPhYTJWSnRw5-QmF71HKzH4RgC0AFwsU3dYnJaD2L34x_bXYWWigV_efzYzZOYxsiyA&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Request Chain 1656
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTlDLRQipU_6ehb6cEXpvtytmlG95F18wUsba1HKq0UkDauo2HqtlTh8Nxv1J7axHg6zJOx0Eti3ievs_3GBVc1tMkpn0BhjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTlDLRQipU_6ehb6cEXpvtytmlG95F18wUsba1HKq0UkDauo2HqtlTh8Nxv1J7axHg6zJOx0Eti3ievs_3GBVc1tMkpn0BhjQ
Request Chain 1662
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmS3GDj7sw8RS0g4dDyzoXEFCPePADj5Rwc9tcl9boIohJ9gZmNN0aCXZTQL1OFZIMwBU1gBVnJIciawnc_Fz-XUP3bQ91UiHg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS3GDj7sw8RS0g4dDyzoXEFCPePADj5Rwc9tcl9boIohJ9gZmNN0aCXZTQL1OFZIMwBU1gBVnJIciawnc_Fz-XUP3bQ91UiHg&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Request Chain 1664
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTHMnI4BjU1W3SIAl0Glw2BPQfD11FB9lxTwvPl3-MrhywxoYCPlFjKI1-1q1wd4m1sx4gOJvXydBUpuJV1EHCuOc0QBQwBcf0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTHMnI4BjU1W3SIAl0Glw2BPQfD11FB9lxTwvPl3-MrhywxoYCPlFjKI1-1q1wd4m1sx4gOJvXydBUpuJV1EHCuOc0QBQwBcf0

1668 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
horoscope.marumura.com/
266 KB
24 KB
Document
General
Full URL
https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9ce96f893f96f9bf5317af7de31b05aa2d98ca417fce1a1e8f87c6ff60088b27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://horoscope.marumura.com/wp-json/>; rel="https://api.w.org/", <https://horoscope.marumura.com/wp-json/wp/v2/pages/31277>; rel="alternate"; type="application/json", <https://horoscope.marumura.com/>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
MISS - 15m desktop
ats.js
anymind360.com/js/6621/
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51201
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797750.477065,VS0,VE1
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 1
powerkit.css
horoscope.marumura.com/wp-content/plugins/powerkit/assets/css/
25 KB
5 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
horoscope.marumura.com/wp-includes/css/dist/block-library/
107 KB
13 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 18:45:09 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
styles.css
horoscope.marumura.com/wp-content/plugins/contact-form-7/includes/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Nov 2023 08:13:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/
2 KB
683 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/
21 KB
3 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/
1 KB
571 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/
3 KB
842 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/
477 B
364 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
STALE - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/
4 KB
909 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/
3 KB
824 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/
13 KB
2 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/
1 KB
641 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/
3 KB
813 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/
1 KB
511 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-share-buttons.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/
71 KB
5 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a9c8c9a37641484b70c3f306d5bdbddec691a1c219ae95cb3dceac43b0560324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-social-links.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/
149 KB
10 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3b274ccab22ae80e2b294f5c99ad5519b374e77c6298a1ba82949374fd778b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-table-of-contents.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/
3 KB
1013 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-twitter.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/
3 KB
945 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fc418b8f556aca3aefbf6f6e0208c2bd88b8badda8828b27c366bbf91784c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-widget-about.css
horoscope.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/
1 KB
505 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
front-flex.min.css
horoscope.marumura.com/wp-content/plugins/siteorigin-panels/css/
2 KB
602 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f0a79b76f29f3b28b2f8995f7bd635bc5fe214d434bf0deb43d91c2c36219b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Nov 2023 08:14:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.css
horoscope.marumura.com/wp-content/themes/authentic/
236 KB
29 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
23b4610687ccbc3c09cab52597776a7132c40491dd9a2273a7af1da286c262f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:17 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
subscribe-forms.css
horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/
29 KB
4 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.css?ver=9.2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3771f3a776bf69e9876a7158a93d20da3b629206332dfad0d17b78a1c2dea772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 14:02:09 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
click-to-tweet.css
horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/
4 KB
847 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/click-to-tweet.css?ver=9.2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
bf0817f82de9416db8e42a8d19e9b4c43e35cedbb2d3593543cc25c13f4fd9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 14:02:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
easy-social-share-buttons.css
horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/
89 KB
12 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/easy-social-share-buttons.css?ver=9.2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e84635a2564af08e5d0ec024e5e2c8452828dad83e4353a2bd21ba8c3808c324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 14:02:02 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.css
horoscope.marumura.com/wp-content/themes/authentic-child/
341 B
363 B
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9d5d7792deca0a1e004bc20c223d23ed6804a01bd08871a0e021adb920489fe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:15 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
STALE - 15m desktop
vary
Accept-Encoding
content-type
text/css
jquery.min.js
horoscope.marumura.com/wp-includes/js/jquery/
86 KB
29 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 18:45:09 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
horoscope.marumura.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.4.1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdc1dd287e933ba5b12ccde120c9de8b24f82633b7470cd487fc99d01f3e580f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52732
x-xss-protection
0
server
cafe
etag
3356264312965448706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:10 GMT
js
www.googletagmanager.com/gtag/
132 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d28d76d0a17f0452a261d11245ef69967a4e9fbba9b5766973e117009e2238b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:11 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1cf56089b3f871922a8cc2d9e7d3090cab4598cd069eafefda7a8bb6e0c4d6b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52731
x-xss-protection
0
server
cafe
etag
12287786719719706164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:11 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca6f4b225b4c6f57fc84eea4672a4cfd5b2451146005dc2c79e15c1692cb1fde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31565
x-xss-protection
0
server
cafe
etag
889 / 19685 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:11 GMT
prebid_2023_8_15_7_52_11.js
anymind360.com/js/6621/
301 KB
95 KB
Script
General
Full URL
https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70f5afae2896e4f0428eaaa8b95691bef9b84851a34de854b12f5205a123f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 04 Oct 2023 16:08:53 GMT
date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
2674728
x-guploader-uploadid
ADPycdt4JmOgxg6p11J3aZJO15MoE2tZp5cDSmikpRQzLfU6iueAizdZ4lzZjQzwrzsd-PKLo94
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
96646
x-served-by
cache-tyo11959-TYO, cache-fra-eddf8230074-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797751.276822,VS0,VE1
etag
"7c3d582f641391d2eafe31b502454859"
vary
Accept-Encoding
x-goog-generation
1692085963456049
x-goog-hash
crc32c=K30Atg==, md5=fD1YL2QTkdLq/jG1AkVIWQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
96646
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
2, 1
powerkit-icons.woff
horoscope.marumura.com/wp-content/plugins/powerkit/assets/fonts/
26 KB
17 KB
Stylesheet
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
df8b947e72a3e609e4c24ebb6fb02c7f2cb9119af8dcdd4dc083f1a7eaa9ae74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
73931384-03f6-4ee1-9238-7a45914261e9
https://horoscope.marumura.com/
1 KB
0
Other
General
Full URL
blob:https://horoscope.marumura.com/73931384-03f6-4ee1-9238-7a45914261e9
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
logo_marumura_b2.png
www.marumura.com/wp-content/uploads/2019/07/
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b2.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
689914cf34ba4bec16ba9c2c275d7b9c5fb5f2d82e68e8ae96807b525bff5297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Horoscope-x-wa-web-1.png
horoscope.marumura.com/wp-content/uploads/2021/07/
9 KB
9 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2021/07/Horoscope-x-wa-web-1.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4a7323e227b0329d5d5b2e2a9d61bbefead3aad14e0dfce58a0fd1a009624036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 27 Jul 2021 09:04:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_w.png
www.marumura.com/wp-content/uploads/2019/07/
13 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_w.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_wajapan.png
horoscope.marumura.com/wp-content/themes/authentic/images/
7 KB
7 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/images/logo_wajapan.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2cad29b0a78bccba1e2fab28921139943bbb71b85ee2629ac458320875ed41a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Love-Zodiac-01-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/08/
91 KB
85 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/08/Love-Zodiac-01-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b79750031e947474bbd1b01ca475a4ceb19edfc3cd7be1ec9333ad270e406985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Color-all-01-1160x773.jpg
horoscope.marumura.com/wp-content/uploads/2020/07/
60 KB
33 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/07/Color-all-01-1160x773.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b8d0217a4cd3a83990d857f5d9277abd261b88c03a5c85dcb6fce2ba45f3cb25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Money-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/07/
98 KB
91 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/07/Money-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35cbf58f55e501b2c5c94d6642bca02ad66b31b11d30b1e830313094a44bfe04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Heartbroken-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/07/
63 KB
50 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/07/Heartbroken-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4b7de23adcb4d4c8adddacb20e4ac9f0500b142f880ddd6422f013f455fa40f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Career-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
119 KB
115 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Career-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a53a0ce30a4c985b721c337b6d0d1fd3defd7aa55ac3ba60419b38e2c6879bad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Japan-Year.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
25 KB
24 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Japan-Year.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b05f9cef6ad75482bee12ed553ec1c7d6e8cc2cff969d26c10fc29bd43c65b7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Secret-cover-1-01-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
97 KB
91 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Secret-cover-1-01-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8c25195f3368bcc350d8c28698e649efdb426cb070a03f0ceee602e0fb01141e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Dream-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
45 KB
37 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Dream-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
70ec208d025b5e9f991e0b6617bededa40f988de1e40b30944cdccd3b3e89192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Gift-cover-1160x773.jpg
horoscope.marumura.com/wp-content/uploads/2015/09/
50 KB
29 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2015/09/Gift-cover-1160x773.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4e98c5badd54c82b21d1b3b51c3e3630a1b147458622b94791ce378f5dac8afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:04:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
%E0%B8%9B%E0%B8%B5%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B1%E0%B8%95%E0%B8%A3-%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%A1%E0%B8%9E%E0%B8%87%E0%B8%A9%E0%B9%8C-cover-01-1160x870.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
138 KB
132 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/%E0%B8%9B%E0%B8%B5%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B1%E0%B8%95%E0%B8%A3-%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%A1%E0%B8%9E%E0%B8%87%E0%B8%A9%E0%B9%8C-cover-01-1160x870.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2738f4fb1d498ab5bf2fc6a4f6756b9ebfdf60899395e9bbd9c781bc959e0816
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
wajapan.png
www.marumura.com/wp-content/uploads/2019/07/
23 KB
23 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/wajapan.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c813626711a109d161fc3d9ca62ee2f06c4b513be96c9d32a2ebf505959cd741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
maichaiguru.png
www.marumura.com/wp-content/uploads/2019/07/
56 KB
56 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/maichaiguru.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
96982b32c280ec6fcfbaee6e8640f8aeb2b726b8e44ff8763f0d5be4e1d7d01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:18 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da0c85f46df4a1c20e142a77d60921d507890665cb81e7e9b0742ed1b9f8e826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:11 GMT
content-md5
LApqZHEBfNJSDnA6PTIVGw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
ZZFlC1RJk7TE4Xejw0elBBAt3xsn1AgayVP8/IB/d2SyUSqiN/ulcOf37IAyZejYk50liubk89fvm4NDOv6Fvg==
x-fb-content-md5
34e32578d7cbb4056bbe6dc1cb6bc072
cross-origin-opener-policy
same-origin-allow-popups
etag
"822b8e42ebeb0a780ecce520dacfd71a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:13 GMT
jquery.adrotate.dyngroup.js
horoscope.marumura.com/wp-content/plugins/adrotate/library/
2 KB
1021 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
534e0339d7dd364cde1afcf77eef6a88b4b9c6cfdd1b450c622f0ad1004a04ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:36:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.clicktracker.js
horoscope.marumura.com/wp-content/plugins/adrotate/library/
365 B
394 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:36:36 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
STALE - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
index.js
horoscope.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/
11 KB
3 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Nov 2023 08:13:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
horoscope.marumura.com/wp-content/plugins/contact-form-7/includes/js/
13 KB
4 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Nov 2023 08:13:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-basic-elements.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/
1 KB
555 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.justifiedGallery.min.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/
18 KB
5 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-justified-gallery.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/
2 KB
760 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
imagesloaded.min.js
horoscope.marumura.com/wp-includes/js/
5 KB
2 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 18:45:09 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
glightbox.min.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/
55 KB
15 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-lightbox.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/
4 KB
1 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-opt-in-forms.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/
1 KB
642 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
565637476a6f33a1187e3dc40aa6f65fda018dd1ed19f088490bdd2c2076b6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-scroll-to-top.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/
507 B
417 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
STALE - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-share-buttons.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/
3 KB
974 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
flickity.pkgd.min.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/
53 KB
13 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-table-of-contents.js
horoscope.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/
3 KB
984 B
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6abe50ef3e60504ea153ca28d383b84b8b184428f316d1038feebd6282463d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
owl.carousel.min.js
horoscope.marumura.com/wp-content/themes/authentic/js/
43 KB
11 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
colcade.js
horoscope.marumura.com/wp-content/themes/authentic/js/
9 KB
3 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
ofi.min.js
horoscope.marumura.com/wp-content/themes/authentic/js/
3 KB
1 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax.min.js
horoscope.marumura.com/wp-content/themes/authentic/js/
15 KB
5 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a9e934f6ab1a45cf0e4cb01a607ad712bbde00573b82170eee5650aaf5038915
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax-video.min.js
horoscope.marumura.com/wp-content/themes/authentic/js/
17 KB
5 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e198064a03222388a3bd96cc8d466722f7b25fc0af72c1f4a3fccbd7a67ad42d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
scripts.js
horoscope.marumura.com/wp-content/themes/authentic/js/
48 KB
10 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=1.0.0
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1bc30f5f189b3ecfa366ae3b518740178a72fa7096f9cf1a57a3e5875cf400c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
pinterest-pro.js
horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/
16 KB
4 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/pinterest-pro.js?ver=9.2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
483ae5b7ecaf13dc583657e06cce1ed4287c6a9058882315d41415e22932cad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 14:02:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
subscribe-forms.js
horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/
19 KB
4 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.js?ver=9.2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ce297fd48857fc1a50abff0f3908aa607eec9093d8acce0b14c2ecc7946cc79a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 14:02:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
essb-core.js
horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/
64 KB
13 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/essb-core.js?ver=9.2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b38cd4372f230487a9d2c5f2934d1b43a24d781ff9e733907a9ba035a4f473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 14:02:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 1589
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21111
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:57:20 GMT
etag
16674218716276178799
expires
Thu, 07 Dec 2023 21:57:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=horoscope.marumura.com&bust=31079653
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.4.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c341d4c068bf0ae703c52f1777765531bbb409249732b7ddb9052081b8564853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138525
x-xss-protection
0
server
cafe
etag
7325052372141701354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:11 GMT
powerkit-icons.woff
horoscope.marumura.com/wp-content/plugins/powerkit/assets/fonts/
26 KB
17 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
84bcb397ee8fb28950639b02674337575578302143c9d6f1bfc6c6fb2584c4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 20:38:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
horoscope.marumura.com/wp-content/fonts/roboto-condensed/
19 KB
20 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d448991d15499edecfb0ad39bf668320897c3dba15c73aa6e13fbe6356569183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:12:52 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
icons.ttf
horoscope.marumura.com/wp-content/themes/authentic/css/fonts/
14 KB
9 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/css/fonts/icons.ttf
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
817c9c5b2332df9dabad6d6008da8aefb012c0b3adfb6642e90adfcc24447344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-ttf
DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
horoscope.marumura.com/wp-content/fonts/sarabun/
15 KB
15 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
899651971d6c75117d28df0030f881b94f93c8b0540364cc3d569cd3c8195010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:13:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5XpjLdSL57k.woff
horoscope.marumura.com/wp-content/fonts/roboto-condensed/
19 KB
19 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5XpjLdSL57k.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
44e4d961813f71a34e995007d1137b2ad53508d7decd2f0e272351aeea304495
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:12:50 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ico_travel.png
horoscope.marumura.com/wp-content/themes/authentic/images/
11 KB
11 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/images/ico_travel.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f8534d93da83a0fbbb300cbc00cca18d6a3f08925c51a073ba90bc48542147a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
nKKU-Go6G5tXcr5mOBWzVadrNlJzIu4.woff
horoscope.marumura.com/wp-content/fonts/kanit/
8 KB
9 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWzVadrNlJzIu4.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
45d61531fa79a09724615074961c66c4060d8fe4606cadd771b9b1a71a7cb7ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:12:40 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
horoscope.marumura.com/wp-content/fonts/kanit/
13 KB
14 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7470a14b8058cb8e35ae75127e935c4036071fb9aa0422351830c9bec6b2764d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:12:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
7-Day_sun.jpg
horoscope.marumura.com/wp-content/uploads/2020/04/
114 KB
83 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/04/7-Day_sun.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7dd416b391a01b21e4db22e2d63e78c35ca71f41891b03dfb990e68740c6a3e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
WeeklyAll2020.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
159 KB
139 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/WeeklyAll2020.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c1c31da6701c069a64de4558efa94add8da398c77422a890c9ae1d6f7033d5ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
MonthlyAll2020.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
195 KB
175 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/MonthlyAll2020.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dcaf67b5503a2b2d8944fad0d26468c7205bf8c2975e1c86a1500da7f2b5a5f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Horo-2564-cover1.jpg
horoscope.marumura.com/wp-content/uploads/2021/01/
202 KB
189 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2021/01/Horo-2564-cover1.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b17254ce09af2cd16eb778ee73037172a21dd952a03e1850eefcf6c39a80a576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
2-LoveDaily-01.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
116 KB
85 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/2-LoveDaily-01.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48669812a425fdeaf56ffd4edd0e5a816603c63c8730343096f9af36a6236025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
LoveWeekly2020.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
157 KB
117 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/LoveWeekly2020.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fab1b142df68e9bcbca68839925310211f33989c4da5b6143fa6276dbaa7f219
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
1-Fortnightly-mon.jpg
horoscope.marumura.com/wp-content/uploads/2020/04/
294 KB
283 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/04/1-Fortnightly-mon.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
abb054f2c20ea3f385f53a9077a74f509d811bf6faf8215b5dad6dbffd02c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
2-Monthly-tue.jpg
horoscope.marumura.com/wp-content/uploads/2020/04/
336 KB
327 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/04/2-Monthly-tue.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d7ce17565c2a0c106bd39bffc6b4ba0baec2f9946f2c3bbfb0775269f4b630dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
0021-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2015/09/
19 KB
19 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2015/09/0021-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c1e63b51e56737f962aa57de3ee19c02846b40990a3234d785818df127908aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:04:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
5-%E0%B8%97%E0%B8%A3%E0%B8%B4%E0%B8%84%E0%B9%80%E0%B8%AA%E0%B8%A3%E0%B8%B4%E0%B8%A1%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9...
horoscope.marumura.com/wp-content/uploads/2016/04/
67 KB
66 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2016/04/5-%E0%B8%97%E0%B8%A3%E0%B8%B4%E0%B8%84%E0%B9%80%E0%B8%AA%E0%B8%A3%E0%B8%B4%E0%B8%A1%E0%B8%94%E0%B8%A7%E0%B8%87%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B9%83%E0%B8%AB%E0%B9%89%E0%B8%A3%E0%B8%B1%E0%B9%88%E0%B8%A7%E0%B9%84%E0%B8%AB%E0%B8%A5-%E0%B8%A0%E0%B8%B2%E0%B8%84-1-320x240.gif
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
46da426936c56abae3784c590958a4029fab6886218e91340924b23fade940bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
9Committowedding-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/05/
39 KB
39 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/05/9Committowedding-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ce658b59c64c9591d7dec80588f8629f37fe0cb594c405eb4942a1bb76dcba4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Color-all-01-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/07/
13 KB
13 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/07/Color-all-01-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
704563b588aa1b28b49d192ef2ea7ff6cca3ba76f397aebf1cef3bfa2d15e8f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Gem-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2016/05/
23 KB
23 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2016/05/Gem-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
91040c8238aed2f09ce6719c809a0197410805e46a7cbee7d5aad74d94cbe77b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
p1300002-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2015/09/
27 KB
27 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2015/09/p1300002-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3b1e7b3e0eec1cdc333c7a0d9ae90531ba47b3a46b99365c22f7c5956c530e7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:04:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
%E0%B8%84%E0%B8%B3%E0%B8%97%E0%B8%B3%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B8%95%E0%B8%B2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B8%95%E0%B8%B8%E0%B8%81-320x240.gif
horoscope.marumura.com/wp-content/uploads/2016/03/
31 KB
31 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2016/03/%E0%B8%84%E0%B8%B3%E0%B8%97%E0%B8%B3%E0%B8%99%E0%B8%B2%E0%B8%A2%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%87%E0%B8%95%E0%B8%B2%E0%B8%81%E0%B8%A3%E0%B8%B0%E0%B8%95%E0%B8%B8%E0%B8%81-320x240.gif
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
137da3a02b0207fbcb70cd734e066073d8523422ceac7317855d748d69aa53d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
%E0%B8%9B%E0%B8%B5%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B1%E0%B8%95%E0%B8%A3-%E0%B8%AA%E0%B8%A1%E0%B8%9E%E0%B8%87%E0%B8%A9%E0%B9%8C-cover-01-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
20 KB
20 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/%E0%B8%9B%E0%B8%B5%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B1%E0%B8%95%E0%B8%A3-%E0%B8%AA%E0%B8%A1%E0%B8%9E%E0%B8%87%E0%B8%A9%E0%B9%8C-cover-01-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b63a4e458767b1f4cd47370e93877e706d1e7b798a2bba9e7b1de960391d056b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
001-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2015/09/
17 KB
17 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2015/09/001-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d808a17e3af8a81ba0c3f9f64ff580af3ba53b11580d2a9c4fa4504760d90b75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:04:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
horoscope.marumura.com/wp-content/fonts/sarabun/
12 KB
12 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4fb031caa17064d63bad6a66b503a2af1e73a3266b226056302f2447070d79e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:13:39 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aBVJmXYO5gg.woff
horoscope.marumura.com/wp-content/fonts/sarabun/
14 KB
15 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aBVJmXYO5gg.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f99faedbb1ca9dbf0c9261bc88c42afdcab10f792bd42873638d67f4930aada9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:13:40 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
Money-pay-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
27 KB
27 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Money-pay-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5a787c63f0d6f4a19cbd3a90bc03d6f65514eebcd6ce472bb1a59c9bf9269643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Love-Science1-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2015/09/
28 KB
28 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2015/09/Love-Science1-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9f74b28455a9eb67a249458c44376615e1ee2912b878254291282220b99fd2ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:04:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Gift-cover-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2015/09/
10 KB
8 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2015/09/Gift-cover-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c98c501f3abd11bc6d5f77d9ba30a0ff8b52af44f7ec0dba9b64b0e6e059e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:04:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://horoscope.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42503
x-jsd-version
1.0.1882
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63a-NecRQpEq1uzv2Kl3Q8ftGEfSD4M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viiCaV%2BlZuvXtR6bBwdwHpxARoId5Ty8q2pQX29ymKLdgEwq3fxdC9dK58gfc%2FtcHoUvx%2FUzpm9TN74KlrEsYq4VXXum8Q%2BXB9RytWV3MARF7SYnunfLSYRcs%2Br9MyHzj2vwZNNuIBh5TnPqqLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aeae3ab81e049b-FRA
/
www.marumura.com/ Frame FC58
295 KB
26 KB
Document
General
Full URL
https://www.marumura.com/
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be2ffa28912e8c4640e66d61a3b6436971dd4873cd25764939de24cef5cf5118

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.marumura.com/wp-json/>; rel="https://api.w.org/", <https://www.marumura.com/wp-json/wp/v2/pages/763>; rel="alternate"; type="application/json", <https://www.marumura.com/>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
ico_item.png
horoscope.marumura.com/wp-content/themes/authentic/images/
1 KB
771 B
Image
General
Full URL
https://horoscope.marumura.com/wp-content/themes/authentic/images/ico_item.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48c98e8609af4dbef60b052a9e7f468721bae298b23325ae7f9a99a7707d38d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:59:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
horoscope.marumura.com/wp-content/fonts/sarabun/
12 KB
12 KB
Font
General
Full URL
https://horoscope.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
16614edb31cb210f98c4980e88e9461887b094d09ab3809d1d2587de1fc5c8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 11 Nov 2023 15:13:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
6843-cover-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2016/06/
12 KB
12 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2016/06/6843-cover-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1f1f0ac78072eef4d16a1bc01daea2cd53b6899ec5ba3474882dd8efc10c124a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
logo_marumura_w-1.png
horoscope.marumura.com/wp-content/uploads/2020/04/
8 KB
8 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/04/logo_marumura_w-1.png
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2c322ddd1ab256136b78fa5ccb99138d80c23ede846aa9f0136e3c055b6281f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
sdk.js
connect.facebook.net/en_US/
302 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ab2c8d9c0c46308aa10c728c149c59e7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae87f41773c5bbe6c60bd0450288e260f1a41918b458f0cd808b4534ad852df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://horoscope.marumura.com/
Origin
https://horoscope.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:11 GMT
content-md5
J4OdNz2fkvFxXNShu8ds2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88329
reporting-endpoints
x-fb-debug
xa3so93hkPXc4A3QDLFIRc7/nrHPT76mxXNk9yysLX50/eMt3sFZiq/5CO6OTu4sHwmLbWldzSUZGzvUyYtYWA==
x-fb-content-md5
175299b5af26fd20765aaa79d5ccdeff
cross-origin-opener-policy
same-origin-allow-popups
etag
"a40153204555e07e227d4ff5b7d8434d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 03:15:10 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A55
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=3025194257&lmt=1700797751&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_r&format=0x0&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=1&asacwct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751254&bpp=26&bdt=804&idt=323&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=170811255513&frm=20&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=365
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=horoscope.marumura.com&bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:11 GMT
expires
Fri, 24 Nov 2023 03:49:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E8D
119 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=horoscope.marumura.com&bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2755880a302e6a7798832cca1e37a952a57c1fad0e16ce8dbfc6acdb99ea8db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41299
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:11 GMT
expires
Fri, 24 Nov 2023 03:49:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/
429 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15316
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:33:55 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C535
36 KB
15 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=horoscope.marumura.com&bust=31079653
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd2fdc1cd07ff5d490035bfcd453ff8755a3b25a1a8eecf94181dfe3e9a576e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14681
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Fri, 24 Nov 2023 03:49:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
261 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba5fc39844de982947817307cdf44c2355351bca821c7f3df52290c7a2d78993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:11 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7173
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 03:49:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8981
39 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=horoscope.marumura.com&bust=31079653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31fa0eb14e02feec1108591398123b9a3a5ab1f4c5e8218ac040afa2a4e2ecf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Fri, 24 Nov 2023 03:49:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6A6E
39 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=horoscope.marumura.com&bust=31079653
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b78f8fef13572495cebed9f3ce52729b8f80941aef6109d849111ba3a13938a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
16478
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Fri, 24 Nov 2023 03:49:12 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
wp-emoji-release.min.js
horoscope.marumura.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://horoscope.marumura.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
/
horoscope.marumura.com/
65 B
331 B
XHR
General
Full URL
https://horoscope.marumura.com/?essb_counter_cache=rebuild
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
102e056bb19e5438541542aae480b9003c3a1a4c8ceaf8728722ce7d94ac6a1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
server
Nginx_Rc-Cr
x-cache-status
MISS - 15m desktop
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
truncated
/
483 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b773acd824b6444c4c07523a131ef56b0371920ae17e69cba022d332a6311128

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
486 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13e2601fd28db576414bf4d48107d9318c3a789f4a0d3e7fd891046088383ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
Heartbroken-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/07/
10 KB
10 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/07/Heartbroken-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a2b5544f12c0e42555dc45675cdb4b76e9e6d973da7fbb223ab3c6090a7c3d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
%E0%B8%9B%E0%B8%B5%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B1%E0%B8%95%E0%B8%A3-%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%A1%E0%B8%9E%E0%B8%87%E0%B8%A9%E0%B9%8C-cover-01-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
24 KB
24 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/%E0%B8%9B%E0%B8%B5%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B8%B1%E0%B8%95%E0%B8%A3-%E0%B9%84%E0%B8%A1%E0%B9%88%E0%B8%AA%E0%B8%A1%E0%B8%9E%E0%B8%87%E0%B8%A9%E0%B9%8C-cover-01-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
612eeca9f9cd5259f3270d8c08e877dc6cc6dbd4fca48aff38ce4cfdf7d82818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Dream-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
8 KB
7 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Dream-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
bea9c6f394cbae24278ea3b46fa3dc7e13efe94a76d96c38b7b839be4b4eded9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Secret-cover-1-01-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
19 KB
19 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Secret-cover-1-01-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d31f9b55e9a81bc18ddbdff6580753ac5d6a2536f7f709171c4d98d206ae5da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Career-320x240.jpg
horoscope.marumura.com/wp-content/uploads/2020/06/
22 KB
22 KB
Image
General
Full URL
https://horoscope.marumura.com/wp-content/uploads/2020/06/Career-320x240.jpg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
74341c9a0a07533331c409a84321579f7663974f93e2ac1f7191121aaa659c09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 28 May 2021 15:05:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
css
fonts.googleapis.com/ Frame 3E8D
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 02:14:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 03:49:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E8D
2 KB
875 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3E8D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E8D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E8D
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3E8D
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:12 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 3E8D
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236397
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 10:09:15 GMT
collect
region1.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4R68YF3NQ8&gtm=45je3b81v880762829&_p=1700797751253&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893264436.1700797752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700797752&sct=1&seg=0&dl=https%3A%2F%2Fhoroscope.marumura.com%2F&dt=Marumura%20Horoscope&en=page_view&_fv=1&_ss=1&tfd=4328
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://horoscope.marumura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C535
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C535
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C535
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8981
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8981
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 8981
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS16XLdORKBAsqdssDHPk2qE5Z80HLtIZn_J0IloKSyB2azsYxAJciugGWs4XBdKJKnMNrCRE2H4fqS-l6CaQQUmwZ04w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8981
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:12 GMT
collect
www.google-analytics.com/j/
2 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1679820595&t=pageview&_s=1&dl=https%3A%2F%2Fhoroscope.marumura.com%2F&ul=en-us&de=UTF-8&dt=Marumura%20Horoscope&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=445137145&gjid=1595531633&cid=1893264436.1700797752&tid=UA-126552441-1&_gid=2113727439.1700797752&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=780317657
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://horoscope.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://horoscope.marumura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A6E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56055
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A6E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63597
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6A6E
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:12 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 2266
52 KB
20 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
134bde9b160a6af9315c1ed8c695b42e5551ea4e6d390a6a66a4624254885136
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cm-YxETPs9aHMANRpaukL-KDBxOibQSPsi8eJazyJzFUT6BmAk0Xu6rjXDtVC2BfaZJdHsgdYFeOEQ8mUDxtcrP8rMP0rKHoMdVbT2MvzmVf-_fsjAL_4nJ_ghP_iFnBFuIkFnRgtA7YF1EgrhkTPBAI92mecTDl4a1v3cUDcyWrMTSb_rQjdpHS-IrSxxqy4qb7CW2Ih_rNOk4AMOtui6Oml2sRyt6mNOxz59oH6qtSDSYKNUrV0R6qYrMNz954CZ5KIw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2870261
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
14763004658117789537
tpc.googlesyndication.com/simgad/16843844777869566459/ Frame 3E8D
36 KB
36 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16843844777869566459/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f2da7813fbea4f37ed994e7f4995e9046463b9fbe26e5195cca3bcc743eaa55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 01:58:40 GMT
x-content-type-options
nosniff
age
6632
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36386
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 07:52:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Nov 2024 01:58:40 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5109791488021911621/ Frame 3E8D
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5109791488021911621/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8f07b8a7817a205b52694f8e68fd86cee6027cc257af92d3e7767645dd2185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 21:00:23 GMT
x-content-type-options
nosniff
age
24529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2469
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 13:09:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Nov 2024 21:00:23 GMT
dr
as.ad4m.at/ad/ Frame BA8B
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1jrph2hw4dp6t97kepzc0azdjznxempj36f4bf96b5wvnrb354c0sw7kh11724abbw2twzymfzwc4hrxnr5adej5tv2s8670dnntqqr7f1s8v54zhsgp7drkvkz97511f702pch422gc654zgge4pt6d3cjm11eds66gennyxd199pe6hbbbaxyks7aggpqw2dpbpy7rjy7c2v6aj7syt2pasq63g6fb0ffgtrmjzm8s313s7m5hge7r8hhvya32xsmknpm5rqfvz7a9b8y7ej11yspek2qg5djebg38hcmyzdmjcf3ckatvq11rjyph1nad2nzp692t71rb9sg17mkx8409jyv2my4jv3nec888a9daa6rqb189qds8becn8vc6q8ev8vna2ccf5szsabtxna7cczkf1yy1acyn4mm0dmcckxyq161ehqpf8rd0syzpanz0s4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93bbc818559fa12ddb145f162e92721bc22b3b74444c91ce9cab7a8c10c7c8f8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae403ef22c1c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0D0E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:28:00 GMT
content-encoding
gzip
age
800472
x-guploader-uploadid
ABPtcPosiWJMTi6DpSufSORNQNukYiP051dDMboge2ChLaAOCj32gcVycc6YGc4ZmCsMil6S048JGg_x_bo6NsyokUiiiqWjYCfy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 13 Nov 2024 21:28:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35064
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230091-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDtYL06i671PVozI4a9vJKm5C32ym0DutnzwB0OtefnQk3AyadV9WfMaNOPySow9Ktz98TV7csg3jyKr1wAErrWo0PZo%2FL%2FEnm2omV2kYs0qH%2BhVlsAIh4SKanVB4gmATXkuoBeBzvCAym1lxBA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aeae406bc79a3f-FRA
uid2SecureSignal.js
cdn.prod.uidapi.com/
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Thu, 23 Nov 2023 10:03:28 GMT
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
63945
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
Och4b4VVINfiFB9Ib3IOmJ7q46sqEr0ztfisi4ltDEc4O7WJKTaU9w==
publishertag.ids.js
static.criteo.net/js/ld/
42 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 25 Nov 2023 03:49:12 GMT
ads
securepubads.g.doubleclick.net/gampad/
29 KB
12 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3898294889357657&correlator=196976726997803&eid=31079666%2C44808652%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_ImageAd&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700797752339&lmt=1700797752&adxs=800&adys=5138&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhoroscope.marumura.com%2F&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=true&dlt=1700797750451&idt=1664&cust_params=url%3D%252F%26ref%3Dnull&adks=3109747243&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
380561ebc04aa3b51054f0437acc42edd874a86263a34e58370d79f6edbfca6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12361
x-xss-protection
0
google-lineitem-id
6189322005
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138418233143
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://horoscope.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
78 KB
24 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3898294889357657&correlator=196976726997803&eid=31079666%2C44808652%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_article_right_300x600%2C160x600%2C120x600%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250%7C300x600%7C160x600%7C120x600&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700797752355&lmt=1700797752&adxs=1080&adys=4484&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fhoroscope.marumura.com%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=true&dlt=1700797750451&idt=1664&cust_params=url%3D%252F%26ref%3Dnull&adks=489959713&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79eea35917caa693c0f48a68a035d706e73105d08e216cd1a613bf6b918dc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
256202
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24933
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
385360
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://horoscope.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1971
6 KB
3 KB
Document
General
Full URL
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Sat, 23 Nov 2024 03:49:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
4 B
353 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-126552441-1&cid=1893264436.1700797752&jid=445137145&gjid=1595531633&_gid=2113727439.1700797752&_u=YADAAUAAAAAAACAAI~&z=519941047
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://horoscope.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 24 Nov 2023 03:49:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://horoscope.marumura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 2266
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2266
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 2266
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Nov 2024 03:49:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 2266
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Nov 2024 03:49:12 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 2266
43 B
348 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=KIzS45SdAITy1Ulo9HjmEAakjX0j-n22IqTwOExFkcMk46HeboUUSrmY9_DYCRKt-_WZ25b6Z8g6nhMeci7_HP4IyJU7wVNYMea40D8BrS70Sl60M5d30oMX8hUwE8NGiXA_EywubPCQ3K15Lzek5lkO2b3JuosZO6mkRyrXNkI3f9qWZfVmziQEF6Iw6em_-_pesnskhNw_UpWUFytqWvk4CfZeJdgu-VqLTSgleN4GzBPAZKje7G2ZbtwZbssJLVbTUKUcsKhBh10tI3z3TdecwL5974t_t-vgRpwAIanxbqkLmxT47Oe68XGuma9iJB_pN3ggfRn9JzBuZWPIt_mdGoeyx4bqGoN6kgYx1imviHyk135oABOeFl6Yx-q3n_ZR2IRXObg7jQJCvHvjnGq9yOClNIgGNWxgTUkA12u5evf17zC0Q-UvZwLGfHHKZcLdIQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2067749
expires
Mon, 26 Jul 1997 05:00:00 GMT
daaf91380e0a4f43a45b0bfef9bfdfb3_image_ad_300x250.jpeg
static.criteo.net/design/dt/19906/5102260/ Frame 2266
61 KB
62 KB
Image
General
Full URL
https://static.criteo.net/design/dt/19906/5102260/daaf91380e0a4f43a45b0bfef9bfdfb3_image_ad_300x250.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5409b00c1531cf7e989e59f50a440f3a70c019dbefd5379327661fcb8d16bdc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 14 Nov 2023 12:35:17 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"65536985-f57d"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
62845
expires
Mon, 18 Nov 2024 03:49:12 GMT
dr
as.ad4m.at/ad/ Frame 58A8
2 KB
1 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1k3q9t6bwc2njabx9r3fqvkwyn3nyy5311r87m58tqmz14rkcgaw862fd2zcwczfhedrrzvarjdbh65kjw5y2dz0gm8my2shh7k3nbvknahfyqyjv48zz6c97p4encxdqj4v4c862h6tvggwckkcejxejx7831t5d0gkpbrk827mhz2r5rsjbd2dkw73fj3nfszvfvpjzj45afbfmmsec3q5jdx9kvn5731x4wat93ze8g7p464czsf2tpdw0s05ck25wvwvbkp5vxynz7m4ze2829pdpj8yt189eqh7remsxjwt0f5bs1f7jzpksws61jv2b68fghfchnmdv1q2j521k1j8ecwskhwhh4mg8mfty7vx7z3ewabafnhsez4a5atray0dywmt16ecjdq2vea8tjjg0d370bnw6ytwn7vw3gpzzamacdg8k80jyvwpnhxbp846tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a69fdcb76cedff3988c06646cb604910ebd690df73ea280f5607f6890e053b82
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae40bf402c1c-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 15A9
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BA8B
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jrph2hw4dp6t97kepzc0azdjznxempj36f4bf96b5wvnrb354c0sw7kh11724abbw2twzymfzwc4hrxnr5adej5tv2s8670dnntqqr7f1s8v54zhsgp7drkvkz97511f702pch422gc654zgge4pt6d3cjm11eds66gennyxd199pe6hbbbaxyks7aggpqw2dpbpy7rjy7c2v6aj7syt2pasq63g6fb0ffgtrmjzm8s313s7m5hge7r8hhvya32xsmknpm5rqfvz7a9b8y7ej11yspek2qg5djebg38hcmyzdmjcf3ckatvq11rjyph1nad2nzp692t71rb9sg17mkx8409jyv2my4jv3nec888a9daa6rqb189qds8becn8vc6q8ev8vna2ccf5szsabtxna7cczkf1yy1acyn4mm0dmcckxyq161ehqpf8rd0syzpanz0s4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jrph2hw4dp6t97kepzc0azdjznxempj36f4bf96b5wvnrb354c0sw7kh11724abbw2twzymfzwc4hrxnr5adej5tv2s8670dnntqqr7f1s8v54zhsgp7drkvkz97511f702pch422gc654zgge4pt6d3cjm11eds66gennyxd199pe6hbbbaxyks7aggpqw2dpbpy7rjy7c2v6aj7syt2pasq63g6fb0ffgtrmjzm8s313s7m5hge7r8hhvya32xsmknpm5rqfvz7a9b8y7ej11yspek2qg5djebg38hcmyzdmjcf3ckatvq11rjyph1nad2nzp692t71rb9sg17mkx8409jyv2my4jv3nec888a9daa6rqb189qds8becn8vc6q8ev8vna2ccf5szsabtxna7cczkf1yy1acyn4mm0dmcckxyq161ehqpf8rd0syzpanz0s4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1544877
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9uCFUe6I0fvRKKXCliwamdW9DvAPZ7jlIm1E5%2BTiH1zjwTU3ytd9Zqh8czeaCgwDzzHqjohjXbPtSB%2FPtIWlx7bXT0iPFSHG9azhOgtkg8%2Fjl%2FC1Mw3pS6T3DRVKpa1pP%2FdYoxA%2BJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae40cf4e2c1c-FRA
expires
Sat, 25 Nov 2023 03:49:12 GMT
r62eglto.js
ad4m.at/ Frame BA8B
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jrph2hw4dp6t97kepzc0azdjznxempj36f4bf96b5wvnrb354c0sw7kh11724abbw2twzymfzwc4hrxnr5adej5tv2s8670dnntqqr7f1s8v54zhsgp7drkvkz97511f702pch422gc654zgge4pt6d3cjm11eds66gennyxd199pe6hbbbaxyks7aggpqw2dpbpy7rjy7c2v6aj7syt2pasq63g6fb0ffgtrmjzm8s313s7m5hge7r8hhvya32xsmknpm5rqfvz7a9b8y7ej11yspek2qg5djebg38hcmyzdmjcf3ckatvq11rjyph1nad2nzp692t71rb9sg17mkx8409jyv2my4jv3nec888a9daa6rqb189qds8becn8vc6q8ev8vna2ccf5szsabtxna7cczkf1yy1acyn4mm0dmcckxyq161ehqpf8rd0syzpanz0s4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
178845
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pH7YMl9klDHvMpI9IhByBhir7U3KNNgpHT6UXW0NcY0sqMLJdveqmkRd8RxfYoDVQQiUCkLXPC%2FS44J8KnABXZpthMJeqWwZxflLQjRy1ajQHOQSOhtrqRDWCRYNDpQVBwvruQE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae40cf582c1c-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 22 Nov 2023 02:08:27 GMT
truncated
/ Frame 3E8D
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b68f78330614e2fd21a8f9a7c789c8bad65c2399654b3426939763669549625

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C535
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
052fdbb140642c604a160f547dc78c9019b540c6479dbf5df2397bcf4c86567c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
all
csm.eu.criteo.net/ Frame 2266
0
128 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cm-YxETPs9aHMANRpaukL-KDBxOibQSPsi8eJazyJzFUT6BmAk0Xu6rjXDtVC2BfaZJdHsgdYFeOEQ8mUDxtcrP8rMP0rKHoMdVbT2MvzmVf-_fsjAL_4nJ_ghP_iFnBFuIkFnRgtA7YF1EgrhkTPBAI92mecTDl4a1v3cUDcyWrMTSb_rQjdpHS-IrSxxqy4qb7CW2Ih_rNOk4AMOtui6Oml2sRyt6mNOxz59oH6qtSDSYKNUrV0R6qYrMNz954CZ5KIw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2266
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 2266
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:12 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 58A8
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3q9t6bwc2njabx9r3fqvkwyn3nyy5311r87m58tqmz14rkcgaw862fd2zcwczfhedrrzvarjdbh65kjw5y2dz0gm8my2shh7k3nbvknahfyqyjv48zz6c97p4encxdqj4v4c862h6tvggwckkcejxejx7831t5d0gkpbrk827mhz2r5rsjbd2dkw73fj3nfszvfvpjzj45afbfmmsec3q5jdx9kvn5731x4wat93ze8g7p464czsf2tpdw0s05ck25wvwvbkp5vxynz7m4ze2829pdpj8yt189eqh7remsxjwt0f5bs1f7jzpksws61jv2b68fghfchnmdv1q2j521k1j8ecwskhwhh4mg8mfty7vx7z3ewabafnhsez4a5atray0dywmt16ecjdq2vea8tjjg0d370bnw6ytwn7vw3gpzzamacdg8k80jyvwpnhxbp846tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1k3q9t6bwc2njabx9r3fqvkwyn3nyy5311r87m58tqmz14rkcgaw862fd2zcwczfhedrrzvarjdbh65kjw5y2dz0gm8my2shh7k3nbvknahfyqyjv48zz6c97p4encxdqj4v4c862h6tvggwckkcejxejx7831t5d0gkpbrk827mhz2r5rsjbd2dkw73fj3nfszvfvpjzj45afbfmmsec3q5jdx9kvn5731x4wat93ze8g7p464czsf2tpdw0s05ck25wvwvbkp5vxynz7m4ze2829pdpj8yt189eqh7remsxjwt0f5bs1f7jzpksws61jv2b68fghfchnmdv1q2j521k1j8ecwskhwhh4mg8mfty7vx7z3ewabafnhsez4a5atray0dywmt16ecjdq2vea8tjjg0d370bnw6ytwn7vw3gpzzamacdg8k80jyvwpnhxbp846tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774314
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZzeiWzWdeOVLc%2Fh4XQ21ALgsIo2H9lpGjMt3h9ZncxJA4DSFD4m0zl%2F8U0BUMLuxZ19TPA3obdnddyQ59z9rbtbZDoYxrETnllNZ%2F0PJMwRgoBD3UdSCERiFXbB8Wmd4EW9ti6kgxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae417c179116-FRA
expires
Sat, 25 Nov 2023 03:49:12 GMT
r62eglto.js
ad4m.at/ Frame 58A8
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1k3q9t6bwc2njabx9r3fqvkwyn3nyy5311r87m58tqmz14rkcgaw862fd2zcwczfhedrrzvarjdbh65kjw5y2dz0gm8my2shh7k3nbvknahfyqyjv48zz6c97p4encxdqj4v4c862h6tvggwckkcejxejx7831t5d0gkpbrk827mhz2r5rsjbd2dkw73fj3nfszvfvpjzj45afbfmmsec3q5jdx9kvn5731x4wat93ze8g7p464czsf2tpdw0s05ck25wvwvbkp5vxynz7m4ze2829pdpj8yt189eqh7remsxjwt0f5bs1f7jzpksws61jv2b68fghfchnmdv1q2j521k1j8ecwskhwhh4mg8mfty7vx7z3ewabafnhsez4a5atray0dywmt16ecjdq2vea8tjjg0d370bnw6ytwn7vw3gpzzamacdg8k80jyvwpnhxbp846tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335274
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MLKn0VwDJwIMzuZhp3tR1ODE74xE1AIaP3KBxaxFb5Au1A80MeqFL%2BMhg7K8ba5FTVJ8cVB%2Biw4UiuerKs7zlrdMJzv5CSLPld5uUaWxprNCsIJXinIdJPaQuCZKQO1l2gBBmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae417c189116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
truncated
/ Frame 8981
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ceeedf14e053d8796846ae37946887e0d8dc046ee424da7246b7f449e3dc4b07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0D0E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPAxB18YDJR-Q3QInKfhJN8&google_cver=1&google_push=AXcoOmTu2XNV5Gbk4KZaRWR4I9It0cByodHke7jhxmzlNfzYGD9WYFZTsk8iftHoBN9pj67wbnU92JbzpJSmtI2MeYpcmd-1tKUL4o4
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDExNjE1MDk2NTk0OTc4MTcwNg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF1Wug_zuNOEy5sV0Ngdziw&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF1Wug_zuNOEy5sV0Ngdziw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF1Wug_zuNOEy5sV0Ngdziw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0D0E
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEAeQLR1GJG4AKUfrxRzMreI&google_cver=1&google_push=AXcoOmSn_uirG1tQBCvWcSCpzvPNCf-FdskeUQpkYfe7Q6tmipoF97_n-9LauW4eIo39AwoEI7Aza6eCudhBkYVw6i_a6ukBGaTvZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 0D0E
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJopko3Y3zik1QpgWbk6xh8&google_cver=1&google_push=AXcoOmQ-DTbsvq0F4m5F8IUIjyu-wedtHJkg7fUuIHmfioxQGtvIo7HVTGW14BLNP-itayjQHuQtj88DwAcEgf8e3uljjy3_QlpL_3E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
server
Kestrel
content-length
70
content-type
image/gif
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0D0E
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGXLKo6i81eZCbvhwbXyPPc&google_cver=1&google_push=AXcoOmT6kFowMpXqXFX8qpny7GzlvVE5aly8lN6oeyYn1hlZiVOsosrQV8C72C_TiPIly7WpHQWMDbdSCmiX5jie4vkxJviUpF6vYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 0D0E
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMdbjesBCAc2XDCJTVaHXiU&google_cver=1&google_push=AXcoOmT0q3KurUELlxuPxxoKduavh2nTg5OkGtQZ-_q8GuzVIPJP898LGvnp68001ULwRHFVSlTxznuz1ZNoFB...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDg3MDcyMTk2MDkzMzUxNg%3D%3D&google_push=AXcoOmT0q3KurUELlxuPxxoKduavh2nTg5OkGtQZ-_q8GuzVIPJP898LGvnp68001ULwRHFVSlTxznuz1ZNoFByzDc...
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDg3MDcyMTk2MDkzMzUxNg%3D%3D&google_push=AXcoOmT0q3KurUELlxuPxxoKduavh2nTg5OkGtQZ-_q8GuzVIPJP898LGvnp68001ULwRHFVSlTxznuz1ZNoFByzDcPREQ6o-Me6rQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDg3MDcyMTk2MDkzMzUxNg%3D%3D&google_push=AXcoOmT0q3KurUELlxuPxxoKduavh2nTg5OkGtQZ-_q8GuzVIPJP898LGvnp68001ULwRHFVSlTxznuz1ZNoFByzDcPREQ6o-Me6rQ
Date
Fri, 24 Nov 2023 03:49:12 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 0D0E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJvmPY-UtkG16KEcQZHU43c&google_cver=1&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgothB...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJvmPY-UtkG16KEcQZHU43c&google_cver=1&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cv...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgot...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgothBv2aHZwbuaCp9sZCZf32AbJc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQu5rZdxqzSC7A5T850BTC2p5Dp2tcjlQiFyWcT1xMcDDz1fd-Xl6N2-3vLZietoTMD9cvgothBv2aHZwbuaCp9sZCZf32AbJc
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 0D0E
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEB8C1t4FCy9P...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSKiVYjySbE0xFcDwFYXO98IGGd9TXDzPvw381fP64JpkuhW3Cg0lIn_IZUBTPSxrL29KSDvLLSxi5KzJl3ntteRqLAcBqS9zU4
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 03:49:12 GMT
pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0D0E
0
139 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbmF_4c4HOV7tr4X2_mUciMZ-3D0nvMKSfai3pG2lwE9SuqTGlpEN2pZAaRtcuoVahtPM3-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 6A6E
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ed188f42e3f76c96d6e3e2fde1374273186b82068412ad0460ad4e721db06a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhoroscope.marumura.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhoroscope.marumura.com%2F&rid=esp&cc=1
85 B
194 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fhoroscope.marumura.com%2F&rid=esp&cc=1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
73c7fa0824b4410bbbce093e126ae60c8f8b05c66df0664e49022c2c964e0881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-8WADmtKoKzI4/ph+44ECZisEtuY"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://horoscope.marumura.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 24 Nov 2023 03:49:12 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://horoscope.marumura.com
location
/esp?url=https%3A%2F%2Fhoroscope.marumura.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
powerkit.css
www.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame FC58
25 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
www.marumura.com/wp-includes/css/dist/block-library/ Frame FC58
93 KB
11 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
posts-sidebar.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
4 KB
862 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
527086ffd8aa5bdb2b00dd5be1b15e7d0d282ec26955944b49fe40dc21a7c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
twitter-slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
1006 B
378 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7e5fab99472dc83e9e5bcd23c18083cb02c196b5a9724b4a78d8e44b6ec40e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
4 KB
711 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d0fd465e6448ac9eac534b1e2b4a3db8452a384b95b1f2c8133a07ee3754976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
horizontal-tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
4 KB
713 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1667635447
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e9eb0dfb3e114bd11eaa4cbe8a05836cee318b60cca12c94c3b0d3f5f2bfd8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
full.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
4 KB
735 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1667635446
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
77e62403c5cf03c97081a20ccba81971391e554663c76f39b323a2e6045958c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:06 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b396a226099848f402ef5695b662acc20430fddd59d405586e1afb3b8d95c0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
carousel.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
3 KB
561 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cbf736f12d658470e6926d309bc0b77d6f2d48f3412f7659aca07a96f5f90897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wide.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
20 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4ace7cb9bf8a3cd67c5d43ab6b1e29e5733b05fd71babbe32d9230d8d1e7b720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
narrow.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame FC58
9 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37be9771bb7032cccd856084f2489bdd36728c670ab8fec9b459615911cbb2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
classic-themes.min.css
www.marumura.com/wp-includes/css/ Frame FC58
217 B
320 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:29 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
styles.css
www.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame FC58
3 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame FC58
2 KB
684 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame FC58
21 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame FC58
1 KB
572 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame FC58
9 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame FC58
3 KB
843 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame FC58
477 B
364 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame FC58
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame FC58
4 KB
910 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame FC58
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame FC58
3 KB
825 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame FC58
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame FC58
1 KB
642 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame FC58
3 KB
814 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame FC58
1 KB
512 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-share-buttons.css
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame FC58
71 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a9c8c9a37641484b70c3f306d5bdbddec691a1c219ae95cb3dceac43b0560324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-social-links.css
www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame FC58
149 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3b274ccab22ae80e2b294f5c99ad5519b374e77c6298a1ba82949374fd778b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-table-of-contents.css
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame FC58
3 KB
1014 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-twitter.css
www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame FC58
3 KB
946 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fc418b8f556aca3aefbf6f6e0208c2bd88b8badda8828b27c366bbf91784c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-widget-about.css
www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame FC58
1 KB
506 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
frontend.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame FC58
101 KB
14 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
143ed41fe58e7d412f14a6ff4f8c0f38094ac683f3f8ace929bd0c4f3c54ede2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
flatpickr.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame FC58
14 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
select2.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame FC58
15 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wpcf7-redirect-frontend.min.css
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame FC58
316 B
273 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
if-menu-site.css
www.marumura.com/wp-content/plugins/if-menu/assets/ Frame FC58
929 B
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
last-modified
Wed, 19 Apr 2023 15:14:58 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic/ Frame FC58
243 KB
29 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f520476b3c7e02702e80af9a07d6633860bca07fa529f68eb52cb4ef1260e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:53:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
subscribe-forms.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame FC58
23 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
bdbf202cd096103d51142548fbc224c54daec112d86dc4fd4a1bd123dddc9927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
click-to-tweet.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame FC58
3 KB
737 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/click-to-tweet.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dc15061d8c788e977befdf83b405f229f96556c3fb1c31e18958a66f20754f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
essb-display-methods.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame FC58
10 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-display-methods.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dc39b26a60ca5c40eb1b737bc7811ff55431197a284ffbe690aff85c641ed600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
social-profiles.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ Frame FC58
32 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
easy-social-share-buttons.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame FC58
71 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic-child/ Frame FC58
15 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be3ba7e056677a03577a5228783d4c2d12a85bfd84c2f4c0db2a610ddcd7cd0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
legacy-features.css
www.marumura.com/wp-content/themes/authentic/css/ Frame FC58
13 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5c6fadfb3fd62eca8b226de74d73b64e2235f1d7962b5440f136aa6cff0ac35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
jquery.min.js
www.marumura.com/wp-includes/js/jquery/ Frame FC58
88 KB
30 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
www.marumura.com/wp-includes/js/jquery/ Frame FC58
11 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.dyngroup.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame FC58
2 KB
1022 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
534e0339d7dd364cde1afcf77eef6a88b4b9c6cfdd1b450c622f0ad1004a04ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.clicktracker.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame FC58
365 B
394 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
flatpickr.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame FC58
49 KB
14 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
select2.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame FC58
69 KB
18 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FC58
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4fb42ae8738d17ee3744def47860b403e435e1f2504bfca289a38e2cb339d6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52742
x-xss-protection
0
server
cafe
etag
7074473575154128707
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:12 GMT
js
www.googletagmanager.com/gtag/ Frame FC58
132 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d28d76d0a17f0452a261d11245ef69967a4e9fbba9b5766973e117009e2238b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:13 GMT
ats.js
anymind360.com/js/6621/ Frame FC58
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51203
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797753.711338,VS0,VE1
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 1
atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame FC58
0
184 B
Script
General
Full URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cloud-trace-context
72234f698a56364e6fc048b006a1e88a
cache-control
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
application/javascript; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FC58
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53e7c89065e0bbb78c6265df4a262b70b5edd1d03568548c2c4915bbebdb86f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52730
x-xss-protection
0
server
cafe
etag
15833478217165527402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:13 GMT
logo_marumura_b2.png
www.marumura.com/wp-content/uploads/2019/07/ Frame FC58
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b2.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
689914cf34ba4bec16ba9c2c275d7b9c5fb5f2d82e68e8ae96807b525bff5297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_b.png
www.marumura.com/wp-content/uploads/2019/07/ Frame FC58
16 KB
16 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4a4916c174a4a973131449091d8ca84fed7b6460dab15352d24cf18a787e4cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_w.png
www.marumura.com/wp-content/uploads/2019/07/ Frame FC58
13 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_w.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Kintetsu-Yunoyama-Onsen-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame FC58
0
0

Jewerium-Enoshima-Aquarium-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame FC58
0
0

Umekoji-Potel-Kyoto-_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame FC58
0
0

Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame FC58
0
0

Asuke-Toyota-City2_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame FC58
0
0

Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame FC58
0
0

AD_side_banner.jpg
www.marumura.com/wp-content/uploads/2019/07/ Frame FC58
88 KB
87 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/AD_side_banner.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1382c8a53f7b1507aa7097e398a8d966d9fbf892cf6d659b75d928c1a2b0838d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
wajapan.png
www.marumura.com/wp-content/uploads/2019/07/ Frame FC58
23 KB
23 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/wajapan.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c813626711a109d161fc3d9ca62ee2f06c4b513be96c9d32a2ebf505959cd741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
maichaiguru.png
www.marumura.com/wp-content/uploads/2019/07/ Frame FC58
56 KB
56 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/maichaiguru.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
96982b32c280ec6fcfbaee6e8640f8aeb2b726b8e44ff8763f0d5be4e1d7d01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:18 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
sdk.js
connect.facebook.net/en_US/ Frame FC58
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
546dbfba402775472f914f6b2779552efa3db2c3eb4affb0d0356da5bdc3132a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:13 GMT
content-md5
SgtZir7OSpxnvEyn8wTirA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
x-fb-debug
p5SNpLxMcG2FKxE75nq9yifTRSI1JO3Lo8gTDE/wvKTunt+IRijX+QrENVSRHkC8PitzXobKp/13A4C/azaZ8A==
x-fb-content-md5
8641cbb1b22a237b23e68d67db198b70
cross-origin-opener-policy
same-origin-allow-popups
etag
"d9ef1f105944d222f87ea32b2f06fe91"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Nov 2023 04:09:13 GMT
front-flex.min.css
www.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame FC58
2 KB
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f0a79b76f29f3b28b2f8995f7bd635bc5fe214d434bf0deb43d91c2c36219b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:22 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame FC58
10 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame FC58
13 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-basic-elements.js
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame FC58
1 KB
556 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.justifiedGallery.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame FC58
18 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-justified-gallery.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame FC58
2 KB
761 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
imagesloaded.min.js
www.marumura.com/wp-includes/js/ Frame FC58
5 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
glightbox.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame FC58
55 KB
15 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-lightbox.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame FC58
4 KB
1 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-opt-in-forms.js
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame FC58
1 KB
643 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
565637476a6f33a1187e3dc40aa6f65fda018dd1ed19f088490bdd2c2076b6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-scroll-to-top.js
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame FC58
507 B
417 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-share-buttons.js
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame FC58
3 KB
975 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
flickity.pkgd.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame FC58
53 KB
13 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-table-of-contents.js
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame FC58
3 KB
985 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6abe50ef3e60504ea153ca28d383b84b8b184428f316d1038feebd6282463d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
frontend.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame FC58
19 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wpcf7r-fe.js
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame FC58
8 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
owl.carousel.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
43 KB
11 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
colcade.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
9 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
ofi.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
3 KB
1 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
15 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax-video.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
17 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
scripts.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
60 KB
12 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
327ad04216c88f3f35ac035e4451fa3a0bdaa3267784ad8ecb99ce5946051ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
sharing-bar.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame FC58
2 KB
768 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/sharing-bar.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
30ec71893c027ac54602cb5eb38d30a97c39540f4a5384f6a175a4d49935118e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
pinterest-pro.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame FC58
9 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
599fc36cdbfa2e704431b32f80c0da4d9f1207860923856f9aaf94ec34485b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
subscribe-forms.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame FC58
10 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4dacabc4dabd01ad27708f6444f4e6353ad90a4c9426483bd4806f94a640db2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
essb-core.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ Frame FC58
36 KB
9 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c6be7331c3d44a11a2eeabf7bfa52816d79b6ddd7a4cbac40edd973d2e93c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
api.js
www.google.com/recaptcha/ Frame FC58
1 KB
885 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&ver=3.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6beeecb273015521bdee590f53b5cf839ed939c39767689df623d19d74f56e4f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 03:49:13 GMT
regenerator-runtime.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame FC58
6 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wp-polyfill.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame FC58
17 KB
6 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/ Frame FC58
999 B
626 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
legacy-features.js
www.marumura.com/wp-content/themes/authentic/js/ Frame FC58
11 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1aa871bfe9fa89c6f4f39426df6c430a7fe26afe36c01a8464aa9eb4d2573f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
adview
googleads.g.doubleclick.net/pagead/ Frame C535
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cg484Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTKAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVtOUtQfGSWGYFJ6HhNK0a6uTUlQGPuFtzxE2FYSOhSxgirDSKkeImABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=i1--5tTL7mA&uach_m=%5BUACH%5D&cid=CAQSTgDICaaNWRjBzTQRRxtyu4m1dcvgZpFqoa3ti682hkXPDYaS7sZc5nAXBkLAyNZ1kMHIM7pul4_XRU6qkPJ_trMk5wSWRjCNkaVSAWXLVRgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C535
0
126 B
Image
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kOz_GMc1rAL6AZ2DYgICAAAA0rEKI8Jw7jsQNx1gZcWCFAsSLl49BWEAABIAAAoKQVFVRER3RUJEdw&wp=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
130624
server
Kestrel
content-length
0
ga-audiences
www.google.com/ads/
42 B
324 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-126552441-1&cid=1893264436.1700797752&jid=445137145&_u=YADAAUAAAAAAACAAI~&z=454597814
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-126552441-1&cid=1893264436.1700797752&jid=445137145&_u=YADAAUAAAAAAACAAI~&z=454597814
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 4083
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=horoscope.marumura.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
server
Kestrel
server-processing-duration-in-ticks
323244
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6C65
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWn92MRxvB-Xd3SwzBESGvlo-WXTk2XYkYOYquKdUDkpITwin6tt8110-SEanFfuZwXXgbs6ZHkb2H4DhjcgUPGPyO0wkpc_HxXRXHGoEe_3gPwUDi5nq_hsPFewCBaDzHOScsIOkX6VQU2JsruaEEk_a_yTgu9_gDSPvOP3iVH2HXXczoVlBl2SDDAt0AmP8J6tV9Gcvdcxw8aHz87nslEmw9jX5tuzJVCfp4maJo93Yh3NAkuEC1pNoq5w4Hp_MiXdGbiPUQqb0kB4aL6k1T8EccoI0ljSJCM3n9xvgXe4xLZSQ_Xay0eL8Kl6WUVV6ZyjKDUdSRnmC9I3496WKdQy-CLXvR6-dUZNLSyLuJqwobHuE-XwVOgPTOzwcIqPn2951B&sai=AMfl-YRRhscrWVk8AIPH-HHXrzuAtxOd9p44EotD7CnBVBfb0VvxKkj2WrAIz0cy_oEscSusZ5ZeWMJONF4FW6rNQ9d6jGr_S5MmawsVbvSHGDqptRg5XG3qCvQtO4o5vRc&sig=Cg0ArKJSzF5uRpqjSzEtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ptag.js
tag.adbro.me/tags/ Frame 6C65
33 KB
10 KB
Script
General
Full URL
https://tag.adbro.me/tags/ptag.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 21 Nov 2023 17:35:08 GMT
content-md5
Kre+pSjv/5704F++6Kckdw==
age
360
server
cloudflare
cf-polished
origSize=62811
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82aeae432f7dbb7a-FRA
alt-svc
h3=":443"; ma=86400
puxatzts.js
tag.adbro.me/configs/ Frame 6C65
1 KB
656 B
Script
General
Full URL
https://tag.adbro.me/configs/puxatzts.js
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:30fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4053b9ade974c2b27717a436f3e6ccacb96460eb8d46b3b579a720a94542984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Tue, 14 Mar 2023 06:00:36 GMT
server
cloudflare
cf-polished
origSize=1458
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
cf-ray
82aeae432f7ebb7a-FRA
alt-svc
h3=":443"; ma=86400
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6C65
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3E8D
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
532261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 23:58:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3E8D
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
541410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 21:25:42 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 15A9
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmTA0npIOfgLAZnrxTgSy7l-sq9GfPqELE-IB20hB_m51yj8Ryjmmy_zISeGfoEpFJ06bmaWwB_B0I4bRQmqLTaFsTYTJvSQvhM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 15A9
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfE...
43 B
437 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae44bde65b5c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1685
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ7Ic1OTwWakLOq1J0UdIPUKFeTzHzzDRb4Cd6SY6GHsQOIo7DI-pizjdHovvwYGNUfBLBds4gT16BvWX4CggyjzGpmpfEf7BA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae438d795b5c-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 15A9
0
0

pixel
cm.g.doubleclick.net/ Frame 15A9
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEE5u_HrIxY8bQLsVHCsHMlA&google_cver=1&google_push=AXcoOmTFtjpG9QSuXeVT78YDX8A_b5zmBfgBtYhPsY6_Y-dX61dYMr4HLsOKPO-YxRuT7PvZCSta_xdOF5p6ig-nX5eW6fRE_OdUfxY
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68AA1CBDC4D34F58A256AD01C577AE39&google_push=AXcoOmTFtjpG9QSuXeVT78YDX8A_b5zmBfgBtYhPsY6_Y-dX61dYMr4HLsOKPO-YxRuT7PvZCSta_xdOF5p6ig-...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68AA1CBDC4D34F58A256AD01C577AE39&google_push=AXcoOmTFtjpG9QSuXeVT78YDX8A_b5zmBfgBtYhPsY6_Y-dX61dYMr4HLsOKPO-YxRuT7PvZCSta_xdOF5p6ig-nX5eW6fRE_OdUfxY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=68AA1CBDC4D34F58A256AD01C577AE39&google_push=AXcoOmTFtjpG9QSuXeVT78YDX8A_b5zmBfgBtYhPsY6_Y-dX61dYMr4HLsOKPO-YxRuT7PvZCSta_xdOF5p6ig-nX5eW6fRE_OdUfxY
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 23 Nov 2023 03:49:12 GMT
pixel
cm.g.doubleclick.net/ Frame 15A9
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGLEG8b0myYJ2S141jpNwIY&google_cver=1&google_push=AXcoOmT9DS_8N6AsQgkmuJ97Ib_8sFdcgOMv6jN5PAuYigsYNuuBZSXuO2iP6C8gIqXBQ3SXXQkH94Jf75M...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT9DS_8N6AsQgkmuJ97Ib_8sFdcgOMv6jN5PAuYigsYNuuBZSXuO2iP6C8gIqXBQ3SXXQkH94Jf75MzokQDw0vdtO3g4s6RX2A&google_hm=qI3t8BJLQsCDnbhag...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT9DS_8N6AsQgkmuJ97Ib_8sFdcgOMv6jN5PAuYigsYNuuBZSXuO2iP6C8gIqXBQ3SXXQkH94Jf75MzokQDw0vdtO3g4s6RX2A&google_hm=qI3t8BJLQsCDnbhagLb515k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT9DS_8N6AsQgkmuJ97Ib_8sFdcgOMv6jN5PAuYigsYNuuBZSXuO2iP6C8gIqXBQ3SXXQkH94Jf75MzokQDw0vdtO3g4s6RX2A&google_hm=qI3t8BJLQsCDnbhagLb515k
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 15A9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJZmlqseNGHC3Ao0x1O8eEw&google_cver=1&google_push=AXcoOmRnKIj4mn2bw4IJHgZw9ikEM9DjAGJ2sY5GLy-G9gH_of1SD3Y9CO5Axf7Tg5DAae-GKvy4sCdyds7gCdmmN0Wgbq_...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRnKIj4mn2bw4IJHgZw9ikEM9DjAGJ2sY5GLy-G9gH_of1SD3Y9CO5Axf7Tg5DAae-GKvy4sCdyds7gCdmmN0Wgbq_XKnQgmA&google_hm=eS1zanJwRFQ5RTJwRUdV...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRnKIj4mn2bw4IJHgZw9ikEM9DjAGJ2sY5GLy-G9gH_of1SD3Y9CO5Axf7Tg5DAae-GKvy4sCdyds7gCdmmN0Wgbq_XKnQgmA&google_hm=eS1zanJwRFQ5RTJwRUdVb18zdHlIYl9saUp4aV8uYmZCbH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRnKIj4mn2bw4IJHgZw9ikEM9DjAGJ2sY5GLy-G9gH_of1SD3Y9CO5Axf7Tg5DAae-GKvy4sCdyds7gCdmmN0Wgbq_XKnQgmA&google_hm=eS1zanJwRFQ5RTJwRUdVb18zdHlIYl9saUp4aV8uYmZCbH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 15A9
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEOkIoiGP5djlUUSC2ZnEDUE&google_cver=1&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOkIoiGP5djlUUSC2ZnEDUE&google_cver=1&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_oM4OrqDs
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_oM4OrqDs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSA9Tl9gDTpXobFNAweqDA3WxxuSox7YisI4TDgNbWF5ydjMr9R-aumZQylJBNEXhCIGbRA91jUd1CX6FvBQLA07k_oM4OrqDs
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 15A9
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lt7A3KMqQQpKMGjhau9Jeb9J8wFsrD_o6Rwzl69OZz4mSU_DJTmKnzPuMANJ6I8uJHvzBt
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame BA8B
350 B
639 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315000
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE5BqGXwoVIgGgoOljFWokeNMDO%2F2nJHNvGmcizZdiYXjnUKBGpsy4I6dms1G0LuR8MY5rEjhGOsrxNqtjg6xJ66Iklm7EJryhCpk6L%2FmFPkheGs5wbhPNPSRNTVZM2Mgj3%2BxJFywmWpjZ%2Bt6LGMuVXq"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae43dc943a84-FRA
expires
Tue, 19 Nov 2024 12:19:12 GMT
container.html
7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0DB5
6 KB
3 KB
Document
General
Full URL
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Sat, 23 Nov 2024 03:49:12 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 58A8
350 B
906 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315000
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxZn85sKaHS4q2nUYEcikt5Pn6KA4QhtpReN8P7%2Fhu5BNuGfF6DitWEzNFHHlKMjIiZOdXtmm82FIjewu9YL0BbklTKUKch%2FHgd3wRMM6KoGegC7bJoYizkZYUfMmM6VWiqllT6EZE5wWw7FoJL6Zg8u"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae43dc953a84-FRA
expires
Tue, 19 Nov 2024 12:19:12 GMT
frame.html
ad4m.at/ Frame 3327
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774315
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae43bf589116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4IrOO3d%2F3bnmYhZYOk3DCrmHlc%2BX%2FCHpFPVa4uxnbOHlpf%2FXI4RJ3%2FdbUDNkN10HrscxUxsejL26c%2BDkhK4YlLRiDqPAJ0w1nXBf%2FJhCJbtX3fbiG5%2BAQ6cETd2a%2FSHrG2wvEw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4083
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=marumura.com&sn=ChromeSyncframe&so=0&topUrl=horoscope.marumura.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=FfUo0nxZaWFXU05XL3dBVHR0Vk9kRjQvS0J2cUc0ZjYxdVBTNkN0Y1FrQXAwRUZvWWVldWZNeFV6QzlkVXVGc01Mc0JhZloySzg3eVg1a3gzUm5ZUHhhQVpRVUcyZStzSHl0NkdHb0dGa3NKMUJQazV2cmNQZkNrc2RwRj...
422 B
648 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=FfUo0nxZaWFXU05XL3dBVHR0Vk9kRjQvS0J2cUc0ZjYxdVBTNkN0Y1FrQXAwRUZvWWVldWZNeFV6QzlkVXVGc01Mc0JhZloySzg3eVg1a3gzUm5ZUHhhQVpRVUcyZStzSHl0NkdHb0dGa3NKMUJQazV2cmNQZkNrc2RwRjdTa3A2eGhCaEVYSllBcnpvZmFJNzQ2aHZESEhTRnNVY2NiWmZIa2FCQjl5VGkyTkpmZ3pwWDVIVStkRnFyWS9jVjRBYVpISlgxQVMrS1g2a0tZNzIxYjhKUk5iQVRoN1NKMTZjM2QwL2tOa2djL3VCdzE0UmVVQlIrWklsbGgwYnpGL0VXVS90amFwSUNCK3BsbGp3V1RuOWtZaHo4UT09fA&cppv=2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
259eda99ee3624cec41cf232d583d78cc9260cec0ae6ddb7f4f41bc9cdba8b40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1175352
expires
0

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=FfUo0nxZaWFXU05XL3dBVHR0Vk9kRjQvS0J2cUc0ZjYxdVBTNkN0Y1FrQXAwRUZvWWVldWZNeFV6QzlkVXVGc01Mc0JhZloySzg3eVg1a3gzUm5ZUHhhQVpRVUcyZStzSHl0NkdHb0dGa3NKMUJQazV2cmNQZkNrc2RwRjdTa3A2eGhCaEVYSllBcnpvZmFJNzQ2aHZESEhTRnNVY2NiWmZIa2FCQjl5VGkyTkpmZ3pwWDVIVStkRnFyWS9jVjRBYVpISlgxQVMrS1g2a0tZNzIxYjhKUk5iQVRoN1NKMTZjM2QwL2tOa2djL3VCdzE0UmVVQlIrWklsbGgwYnpGL0VXVS90amFwSUNCK3BsbGp3V1RuOWtZaHo4UT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
266710
content-length
0
expires
0
frame.html
ad4m.at/ Frame FDB2
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774315
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae43ff879116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:12 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZCMNc%2Fhw17HLwzgkYmgngXidAOy9yOYyleYd%2FLeuGbmsU2CDKsboUFD3iHAgx5VBkowuqwSpUTkByy3M4%2Fpw0FovxR1xIQ8ECpiS86QLhfhBVMTVonPo6jfM6RWx%2BgGPIBuMTE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ Frame 6C65
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
217262c398ef2b0bfe90ded0d49887f3276022fb9953f8cfbbd09509a39e4556

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 8981
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cs6-jNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoEzwFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLGvvUtyGMbb7TZ_36KzsOic62KTvkT4NrtQldqOnb8khRsPwjCa-6ABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=pyarx-QGNzw&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN60S3KutOdyl3TNYBLxa3VFWQv8Dj1AZZpc6zeNanxo5d_M8RGix4TVdTUAxJNEOeKXxNjZdaGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 8981
0
103 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gyjmdh0eshpx0j8wsxeqt81s2pgaesyph1j0hxg3eyhhc0bbyrzpsv78aq5ptry1kctjzv6jw163rb9yw8c38bna9ggwxfn9jkh6seh8086ptg9zbhxkwktn88brj6qkyjxf6s69tx0qnrwamm56f22y7n2styhyxgxg8a0m4nrgqyyhkmpg3c0e1svxkj3c3kb7vr3m9mghwv5b75sq62gnv2veyvg12ksg3x9637j153m0f1ykax6dj5te467nmghkrd2za03cd124qq0vaz725dn9q6hd9cr8ktt44p6bbhsqjaezpshm7xveexhrbk38acxp1j4kzade8v45t9gjebfczvxq7vc21wqhjyk13039qmygcezhq3y77r8v922nzc2cxp7b5r&b=ZWAdNwAM9XIDog2XAAZ2RVpVYjiBQKIsf8V2SQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
css
fonts.googleapis.com/ Frame 0DB5
5 KB
814 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=th
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5fddd158ce7c6a55fa321359162cbe94a34b5990db6a94bcc38715b4e737bfe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 03:38:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 03:49:13 GMT
css
fonts.googleapis.com/ Frame 0DB5
4 KB
728 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 03:26:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 24 Nov 2023 03:49:13 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0DB5
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 17:26:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
37353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14410
x-xss-protection
0
server
cafe
etag
7890425002344327526
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 17:26:40 GMT
40933678460698624
tpc.googlesyndication.com/simgad/ Frame 0DB5
1 KB
757 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/40933678460698624
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 17:27:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
728
x-xss-protection
0
last-modified
Thu, 26 Oct 2017 18:18:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 22 Nov 2024 17:27:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0DB5
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
236390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Nov 2024 10:09:23 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0DB5
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0DB5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56056
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0DB5
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 0DB5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUmwGB_7nPmbqpLUPuNPpbicZRsv_8Kh3WEKNoRos-Xl20ZtpUWDUU6XGxAnnl7cev2sADdkkWfrrNzeBnppqEFgNhyQ
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

adview
googleads.g.doubleclick.net/pagead/ Frame 6A6E
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2YWMNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzwFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBSIFIhio2HFZKKbVkPSQX4FM_9m0Nx7ySDLALIoGfZmaRrEXQ4nCABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=2rFDUBvyw1w&uach_m=%5BUACH%5D&cid=CAQSPADICaaN9-CkHPVouXm34sbz70nI2GFnu0RdUKLBCCTjrKZoQjiv1s4Ic25LqE0ZTiTEGfBMh3rvWRcQWhgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 6A6E
0
39 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gj04zg8ff6p9cxa8dayedy2f690tg7b8147ew3ghbazhz3p6whzamkb4dpzc12c4s5hx04ppxjhw8g1cj3gfstq92085kwr0ed435h84z0rh9wvttgd8h5n9n76y4hvyyqtx3z4h6d65mtgva009ncxz6nn9cz2q6emmn3jmavt92j4vbj9m5ny68q94mb9f5kxgfa6t4wrp2k3jjdkj0wejwyx96gjs0ngpf2n2sta21reys3bjwx0q09tda1rcxkqke57g8jtqa1x84jgk6g5ncpcggzyjh9qsavvwbk7mykjqt86h3dy7crn5h8wfkpypgzbk5fmbpk8fj7jshj1mjzrhzq2pc6gjxrcp87ftj4gxem45w7mhajbxcr9n5fzbg5k0k1w4hr&b=ZWAdNwANK24Dohd-AAvo1g_wSsJoSK_A4HBvzg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
pd
google-bidout-d.openx.net/w/1.0/ Frame F8C7
0
167 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 24 Nov 2023 03:49:13 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
www.googleadservices.com/pagead/ar-adview/ Frame 3E8D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CUydgNx1gZYz5KuKniM0P2pevsAuh-tGEbJrMot28Dtac3siEORABIKGkxmpgleKQgqAHoAHGlqfwAsgBCagDAcgDywSqBNkBT9CcAqiQkA5wCNKo5nzXaLmBqs3gVl1-6v0bEVfncCZHALw...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213166640955667595940%22,%22debug_reporting%22:true,%22destination%22:%22https://win-industry.com%22,%22event_report_window...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213166640955667595940%22,%22debug_reporting%22:true,%22destination%22:%22https://win-industry.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22772393798%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228549471452360419297%22}&andc=true
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"13166640955667595940","debug_reporting":true,"destination":"https://win-industry.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["772393798"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"8549471452360419297"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 24 Nov 2023 03:49:13 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13166640955667595940","debug_reporting":true,"destination":"https://win-industry.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["772393798"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"8549471452360419297"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 5D98
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=280&slotname=5449908357&adk=1163775930&adf=2558224467&pi=t.ma~as.5449908357&w=970&fwrn=4&fwrnh=100&lmt=1700797751&rafmt=1&format=970x280&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751286&bpp=19&bdt=836&idt=348&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=315&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:34:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
555262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:34:51 GMT
rs
ad4m.at/ Frame BA8B
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a189e2639e82f3fe4b5219c9437248ce278ca41b2091c9836aa9f36038647704

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UE5fK%2BqrLLXtnbFyxpCAq60%2B79nF%2BzFDllfxXZTU%2BIU6ICPpq3XEeDu69bn2gI6orLq5GTZy%2FuVK4r1XQ7IrJudNJk9FxMCYeO8uvv0MBblOLd%2F7pqV2GrFDGWalcUzZIBiWvww%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae44f8249219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae44d8019219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJHnXVnXiQi6lZpMXlIvbinWBAUeGpxNF6F0O50j96v22ftUyubb8Me4GSxXtSfjO9TK8BpVa7V6%2Fwp6AtVUcckJR%2BmN4PJNlsSkOM1Fv5Bd7jFef5b9U4bLlw5ceI07RYxRS7g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kjgm
rs
ad4m.at/ Frame 58A8
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12283f9864f47dbc4fdc26a2bd17d27154f7659893bf2c2e188cf476f53a27be

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=miphkRqni5MTnhiTzFvwJZgc%2B09zyTQRgBCSGalzIdnOA0gQKk0zFjafGuQG1gKcjHNpMKSdfhdvAcZmDkzdXRsiGjh2ESdO3O2dXMOR90p3WtxegrAPoCOJ3n%2FbQ5beGb83vrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae44f8229219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae44c8009219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItQBe%2BUakyX90QKKUQ37O6Dcz7i2i1%2BveMyAEx7L5U3HK2GI8pqFVfylTfNIjzeT6%2FsM6436MpF0hp7SdpP0%2F7S3Ouxp4TPildPP2CtswmGgOizWLhRRkCe54VAqinLVsju665A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kjgm
truncated
/ Frame 0DB5
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
th
www.bing.com/ Frame 0DB5
88 KB
89 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.7422334569216_1NIFL6JJPIRG03RR2O&pid=21.2&c=16&roil=0&roit=0.1667&roir=1&roib=0.8333&w=600&h=600&dynsize=1&qlt=90
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42695f05784ca153268152fc8d6ec39f8477dcd7e1c1a38557917500ab30bad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1700797753.24d23b24
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
90380
alt-svc
h3=":443"; ma=93600
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DB5
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=th
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:58:11 GMT
x-content-type-options
nosniff
age
532262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 23:58:11 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DB5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500|Slabo+27px:400&lang=th
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:25:42 GMT
x-content-type-options
nosniff
age
541411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 21:25:42 GMT
rar
as.ad4m.at/ad/ Frame 8228
9 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0cff2fd3597c88f1b982ddb521951c0b1b16dad809a2ee804fa1eb0cd4d246e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1k3q9t6bwc2njabx9r3fqvkwyn3nyy5311r87m58tqmz14rkcgaw862fd2zcwczfhedrrzvarjdbh65kjw5y2dz0gm8my2shh7k3nbvknahfyqyjv48zz6c97p4encxdqj4v4c862h6tvggwckkcejxejx7831t5d0gkpbrk827mhz2r5rsjbd2dkw73fj3nfszvfvpjzj45afbfmmsec3q5jdx9kvn5731x4wat93ze8g7p464czsf2tpdw0s05ck25wvwvbkp5vxynz7m4ze2829pdpj8yt189eqh7remsxjwt0f5bs1f7jzpksws61jv2b68fghfchnmdv1q2j521k1j8ecwskhwhh4mg8mfty7vx7z3ewabafnhsez4a5atray0dywmt16ecjdq2vea8tjjg0d370bnw6ytwn7vw3gpzzamacdg8k80jyvwpnhxbp846tr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae45685a9116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:13 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 8161
9 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942ec3e04b2aef7efccfd107f3884aeff4f8e945275165114246ba702a6fd68c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jrph2hw4dp6t97kepzc0azdjznxempj36f4bf96b5wvnrb354c0sw7kh11724abbw2twzymfzwc4hrxnr5adej5tv2s8670dnntqqr7f1s8v54zhsgp7drkvkz97511f702pch422gc654zgge4pt6d3cjm11eds66gennyxd199pe6hbbbaxyks7aggpqw2dpbpy7rjy7c2v6aj7syt2pasq63g6fb0ffgtrmjzm8s313s7m5hge7r8hhvya32xsmknpm5rqfvz7a9b8y7ej11yspek2qg5djebg38hcmyzdmjcf3ckatvq11rjyph1nad2nzp692t71rb9sg17mkx8409jyv2my4jv3nec888a9daa6rqb189qds8becn8vc6q8ev8vna2ccf5szsabtxna7cczkf1yy1acyn4mm0dmcckxyq161ehqpf8rd0syzpanz0s4&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae45685e9116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:13 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213166640955667595940%22,%22debug_reporting%22:true,%22destination%22:%22https://win-industry.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22772393798%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228549471452360419297%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:13 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8228
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774315
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPS2LwDouNM4r9%2F4d5noOwO54hHBBFXfo2Av9iJNWytQqwwjlQDZ1wtupNVpyAtVCk7ESK0ITc%2FzhK1B8PGF0WbSAfMexi5d4K7SUOZM7qAugOTV8Xpc%2F5FPyJFnH3o4Aas99sTbs30%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae45a8849116-FRA
expires
Sat, 25 Nov 2023 03:49:13 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8228
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280134
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGlhYtkBLn2Jsey%2FiAW8csX6DqzOmGbb9Wad6uZOkeV3DeM6k1ko6pYl0qhio7RpTbOKhmiYdtZfjK69T%2BGlxAigVXHWkphh4M%2F3akpQsLKHwJnJXIq54HEyjli4JUL8OvsiO8tNtwUJXZrx"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45ba952c1c-FRA
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 8228
32 KB
33 KB
Image
General
Full URL
https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280513
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
33043
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:07:19 GMT
server
cloudflare
etag
"4248eb804269666620fb86952a326d7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryD0TKyMA1eauxbJq%2BhbV2TbVA1bkvi8675Xwg9xybJp148hy9qKpsdY00k9uuNnNcJEbL63ikErU1Dp48hyDjZV1IEpqSmU6Nk4y5WRA09fdcyKnvpoRLQQPJRbPa21y1OY3t715yZQqm54"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45ba962c1c-FRA
view.aspx
pb.media01.eu/ Frame 8228
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actio...
0
628 B
Image
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 24 Nov 2023 04:49:12 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
40027
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B9D59B99:E6A6_91EFC182:01BB_65601D39_7407947:1E878
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidKXRURfZfk7dT5HMHktPteG4S7SAT88qcp25boneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=981741&produktid=&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 8228
4 KB
5 KB
Image
General
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207737
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3QWyU16lyawjZriWZBmh%2B9G0q1cnn14c5KJVdWZdJlZpM%2FTQVxcpBul%2B7iSAnobOnjD8Vsow3DLe5Pa4CtqQRLI%2B%2B%2FsoOfSODpatkpN1urzG%2Fwchuc%2FKwfeVsqC%2FGpxKtPI%2BWxn4BbwmKY5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45ca9f2c1c-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 8228
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280359
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlgK5aQNXl7h6BUX8ciS7waKMz0YzDjnRXSKLqnuvtRReLRdzPe6DxYDBJ9gh%2F4LfRAt%2BM4noNC5anmAIDjQSUWfKH6tS2JWfRt81l%2B2qXkGsdKPWhvMRdgpN24VePExwhRRbXkerDjVz%2BKg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caa12c1c-FRA
cshow.php
www.awin1.com/ Frame 8228
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 8228
2 KB
2 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192570
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SjK0xVqYbuu5oxewPmDrP5e80yDRSXnTpMfLU3LeB9cOjcaJ%2B4eLE7R8LPdc5Qi%2BfZ4NjSgcSX%2FWggw5HoayeBcnDyUDM0hmGIF15SJHCiXyHlfgsbBbSW1DbhjSNS1HF0rlRIBs%2FKAO%2FOrY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caa32c1c-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 8228
23 KB
23 KB
Image
General
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280434
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vQztjOHQIRdh523rSA4UdPzC70jekRMbjNdwJGovgXz1zQkbL0kD4VXOBSosLPdAzcRzNEPldcDLHLL9n2vrgk0nA5L0VSeOy3n17Ctwa8PJJrps3lQxXjXYJrRj%2BPX62BnJ6omXDaJMRgt"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caa92c1c-FRA
cshow.php
www.awin1.com/ Frame 8228
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19769%2C117569&b=KXRURfZfk7dT5HMHktPteG4S7SAT88qcp25b%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=kkDa5f3fBKMa4HwHetmCw5WuZSjTmmAa91Ye%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=ad2dd73800adcb37a3898262cfeb6b18%2F8348238490420149961&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753133&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1je5n02z36retwx53wjjt2n06t07fx3aa6e99dp29xf5ypdbmevkdrjm21zpvgsnedcz8rwarwnxjsf130mdzmk95jjskz9b3ctyxaytr7an7nvmrj930m39wkkvn5yx4xvzdmremp1zzrabwg3r6qcwpr32yz0schbmf1zsa8mrt4vg72cm22tb8cr4vrghzqajevetpa6p3ncyfaevwaxetnxgwnyct85m8py1kxnjvw0szfh56j7xbzkv0hnaty7xpe4xj702z1emb6tdd0px%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCfDGZNx1gZe7WNP6uiM0P1tGvgA2Q4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0N-9jze-s178puN3DUfFLqkYnQab5B1MGf_Bz6Nv9VwDjipcgZaEBFXM5QRhSkZRx7QnDn4EWVhwsTJ1wso6o-03Nsn4OfKMIUScYKmfMOiWUJ2rHedKgC_Gkk316dkibEC8afqYi88bcrYOvHm9fStGeyFDS1QrO94JzuvUaxEpMbujaE2PtpasvD7gUEKf4VbYXIAdwUCJvN-c1-5j4ibpfzNHkDCBCoNpFP3PmxaCrv3y522FEmor_MAH6aRPjHJCsHkLeEqJeZlPorjFwZOABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_33QIjJfOryZfCJYncrha7fIGPvnQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 8161
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774315
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSoozDSSHYGvswRFAp3Wh2Kdo5aQZwlQekOD1KNY8tY6rdqtf0TS2o1%2FYRGTGl0unvSoPHpmxwNHsy133KM6LBVdAZlusL7xg%2BmPz7MktU5Ajz19e0NADnwEr%2BPbZDx%2ByFM25Cjwymg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae45b8879116-FRA
expires
Sat, 25 Nov 2023 03:49:13 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 8161
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280134
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzCOVhYwIYj8h%2BncIe2ynW2WhbWE1FT6cMfueJ3Qk5TKvTWydQwrYtvBCAlKe4XPLY0v8FU23E8rxgitlkXlsWHFZiy3wynUPxLnZ%2FNkkVyfhiyyy7TQok%2ByGetGAlk3yX5KMEDQxqaXFjxT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45ba922c1c-FRA
279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
assets.ad4m.at/ Frame 8161
22 KB
22 KB
Image
General
Full URL
https://assets.ad4m.at/279BCE6B9568D9AE2B8C70E08B2EFB9090E70FAF0A57016F1FF1164C3FD10E76FA99D7B60FDBA51FCD5C0021F8A6AF19B45972E81F9CF2D592514708334D146B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280425
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
22596
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:47 GMT
server
cloudflare
etag
"80c578a48f16f48e135bcb3d2ea2c9e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6SF2Rg3X0go3StPAn1O97i%2FEZM9Q%2F%2FOQXiIUiWyxVzRqcfuMZLbFxAr19WlKMX5r8DPylXgGHCAtyrSGpgo1oJ0%2BaGkgc1MZKOlelpyvsBlatNNPxTZlQJ%2FK0dteT5RgyNOR8lMFGyX5jT9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45ba972c1c-FRA
view.aspx
pb.media01.eu/ Frame 8161
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b777481d90b61d111f?t=htlp&subid=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=4566...
0
201 B
Image
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=456654&produktid=Freshmoney&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:12 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 24 Nov 2023 04:49:12 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
40027
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200573720105030","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B9D59B99:E6A8_91EFC182:01BB_65601D39_740A4C7:1E879
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidzGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3koneid__suite_Netmix_Reach121_BESTPERFORMER&actionid=456654&produktid=Freshmoney&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame 8161
4 KB
4 KB
Image
General
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207737
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za9yMBE0QezWRr5XlLJFwH3f8u%2FgPPE%2B4Syd654BjudLmqpu4TTu75zhXb3NkuAKoMpTOkrBa3OLjn0Y0y%2Fmj9HSrLFQdrcVUTGtLRPI8l3xaaVoEGhkbZ6%2BNQUlmHmgqnJzHaeflF%2BcEoL%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caa42c1c-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame 8161
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280359
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV5tRlp67rOMeikhbdQ7NzTuptBp%2BNYemjzXl7AFKBIf2dwJrvUw6KaRxWA8kzoLFLbCUMkSPD5R%2Bt4u76eS%2BOTsFR2hDAnIabVHFBYSRyZj4Of%2BniCh1rzMZrIwIBeU2zPx%2FDGjicCPwky5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caa52c1c-FRA
cshow.php
www.awin1.com/ Frame 8161
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneidjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 8161
2 KB
2 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192570
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJKyloxC%2BSWHoWX0HgYdaV%2BswBmTC851R0%2Bh9Th%2FeooVT86PUEeRwnAe5PYQkz%2FFJQNm7PgziAA2Paoc41Z4RVvHUJiOmav1qYEgukqlaK8ABNfSMzQocgRfG1zuSg%2FyzvqiNVX5zSkfXZcM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caa72c1c-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame 8161
23 KB
23 KB
Image
General
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280434
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRhZQutEm2LrmIiwlE%2B%2FTkTHaQ8gvITqbRbQnLE1s3FG%2F1kcdMIejhdIP7on66yO4ajbc%2Bz6TpxPr%2F%2BLeqYQO%2BPxqepLtkIWloNHE52eG3kivgVDiEK5UQmCMXSW8h7t9USnaplQlFJwnwqJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae45caaa2c1c-FRA
cshow.php
www.awin1.com/ Frame 8161
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=59372%2C19769%2C117569&b=zGDuRfYfZq4XapHBHMtqtbkACVSwTQQ8fGm3k%2Cjk8aEfGfP4JCYHEH2t6tRMDTZSzT11bTdrg7%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=816tDf8frRwgHgHJHEtqCQjYCGSwTpprSbw91%2CxmDFQfAf3RbSPHdHztDCRzpT7S6TKKps17xd%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=da91f16f3efd8ebeecd4b91e4173e086%2F10261856365199609444&i=26474%2C21630%2C29981&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797753134&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gcmtdwd3bh05xtdn0fsg6bycxn125scsa6tn618k38bqmbzrvc3990yr56c0gp76waq1zdjx8as63zpxbpg5qfhj7m6vvgq6vevczs9jps2jghm3y1fnv4x0m5ya6jgttrg4as6t76238egmp0ygrjwed7d142k2t34d3vxp80s5d48hy45wwgc5kdsw99tazmn62q98svras0z0kq96gz7mxdjt0azjd0ayhd78dcp6189x3yd0wr21nx460w8tpdn3e5ycdyxrt57tsqk9619%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCShwqNx1gZfLqM5ebiM0PxeyZyAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLtqjbYdUuyPqgDAcgDAqoE0gFP0JP7scRKvOJruGh1fGgdnOFO3rWSYdgVazl8Zz0v2G4nouYV1iBno6qAz8ufOcslY3kp_mlGAMAeKJEWWco_MnMOshIYlqihfroUHLTMhLYI9pyhD5sO3XV79LAYN1bcuBQJe8jUrWjSpaR6rt-6iO0VB_ZpRwCNfDt0OCgc_A8ukqyKAFkq6C6KaScDd9mtY7J29bwOSDZxzERWpKfdB62X07fZVmLG_PcMWrTi6PQReDYcFIowgZSeRFQZzsIwwpUjqI5ojDh06tRdKyYbmHSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_38DVstXNMuf2TUyn6MV2p7LgWGtA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:13 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1A5A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:21:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB92
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22340
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0DB5
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
674586cdf3f2575bbf0910b5cce3a250c50c750b730d6196567a53f7fdce8efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 0DB5
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAvOROB1gZZSeH8mA7_UP9_WdmAbukrWTXL-ihcfkBcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMByAMCqgSzAk_Q4tdz9fXDzXw-TeXTDnaDIHkuUcz2geX1uC8fNPKURnZa1xo2Yj7U0ymxLhGzrPtWcYMF4czltQWysh6DDiNZwRKMUnpOMU_LdXDL5RgY-xk1Qy_ok7Vg4OkRz915kDn2e7Ajyg1vupE2w1xdR5oXN8XEHdnRqj_a6xqPxapZr2fhU_usfMn_zeT-kzjbivfgMF_l4HnbkeCjMRnyyhM45TEEfHcC_ApUZ3kn1O0ZVCsZGRjaKrsnv7whu-JJ14FAoxczyQITF4HhtPso91c5FhRgL8xe7ST3O75OE9d4-uAZn8OCTt7ZP9_YfOIkXpwxlCC2ABO6bRZmlSvjq6TphY1bN60ZjbgR4NQLoIJExlhQRfj2_xatcfWsib6psmTj293s5oIa_eJ0uN68xpiMijngBAGABozvre3q7suRJ6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tODYzNDYxMDYzMTg5NzE1OYAKA_oLAggBgAwB4g0TCPnP967d24IDFUnAuwgd93oHY9AVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=m2_uKdpgn3w&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNsrr8xoG7tLv2tnVHAf9mqOk_-PGH40zb_qEkkI8p1HCzWJCjNEnHkD1VCXfyxbNFUiBDfuxNGAE&tpd=AGWhJmvEzCjwYfIKdBEdMhl7qwhF8HtVScCv1L-t1bq0Y4t3m5GAM1S1nS_e6dfryHIeMlfWKronkarBEZKTeoqnJL4_D2ZwFYXG7f4L4gOUbczxLovhFRQx_QUpnGixTl1Hkdt52QvimT9SCHpdwPUMUW0NbNrSk5aMIfQuXlNaorPwPBf1bTK5GUZ98jhJXCCWhJ6Qxh9NV2HDdWkru7ze5OewKF_4-JO7NIp6j8fsquneGySC7g7A--XrjpSa8oKWpj_v12eB48aYwEHY79oM2KNF3UXfsdRdvOruTGJkcF4wi8S8Kvz1jh3lh8ChueeKvzX89beNYPLkWPjQrclPcF0ISQ1KwJDf64IRXBXLcDLr0UJWeWzMFVSb13Pbql-6n4NMs9QQEKVkxqIHyCfxerDNKH87GJGOiVBA9I__0F9BkSHsn-Eii2ZCkBweNlKZg6wW_wqCBhkXVLVyGdIdtsAXa_hyGxeZ8m8_xW3uH_DIOBhgQphJbnWH9mUW44Ro_El-Q7a1iSU4oo_16brorB7GeiIQONxiDpL9q8Zt1BqkjYRtM6i7cqDFAcrS8g2D_o3sOw3Vn8nAElk7fQETIzPNQy4HM3ztsaSjotT77Ehk1lXo4AhshxUUrBwpUIhSWXRt3czp4DrZo6YpKh68GmBka8rwYfj4jvvKIktFCc1_x8IVq1hL4V02O-aejk4pmrnb9C4HZgi6FT1ceUXg2x-F0kJwyb0Ye25MFsiDpALNHrl3VHRjinX34svKYNKucDV8PKKcgS_RgSBWvrl0RTz8eQylfZcou5bV3UsDqR_s1h5TzMybNuMI4f4F70ae_MxbD3S772B66AEtM0Ycnw0FbRyBkDSx0LCB6BiansDWO_9rNwl085GPGRPwWzNVat4ZoPou5V78OVldZJY42wMwIq1EoykEaAt7q1wCfW5qS-_j2mIHMpZu1sVvnn7bA3lxUt3ZJgNPyWKYXcjRBhyqc_EaLgJuDJvvzWvHCwV6FHQ1dFXKNB8R9zgG55CUtaX9oSfHnhdCKtqFELUDNjHQm0M-QWCj3_yAyhOuQz-i92ksPxzkqodNd4lAkerJhPSXWL6zkDgMKFEFHYtHuQw98BEdb2JjM7kGpquCD8pKjkYuA6oR9B397D49dUg1m5MabqfMwtgbkIpcaqzYNPkggYOxpbY2-9_rgZwApLL3EyPJHSn11NdQxLxIyMDUoZRcVm0EJQXW955GuHDlT_SZ4oF-uRw5oCcoem5p4ilYjhbO285BPDCtoCpdfU01BQXaYR7W6qsY4KP0vRpIYcxDWC4AAQC0eKnVDpa-j5XspRQqUR1Q5bF8OCiC7AoTHZPn_9OaaC6VbDXZlhddNSyH-DVO0DBK6NcKlo0gZyz9zuOJQeTTLp7u6Y1Zj7_GFrMJQRyKwBxpu57HO47SRnoUxS_OPB2smJId5EygzOUk-uxAEHVRRGmihTl0RGdGSREfbJNG_285o7sK_TsdeMxtzsTkwAFfv4RErwLKt7N7hasPxU9IEV7GchqPSUnclBOplHw1weH6-6WeuqmPOUscQAww2w1MQDJ9O-f71VJvXdILo9RtR7I3bTw9-kL7mhD06Yu8cJbqUuDKGUUk0x2ATNE1o8Xib1shEcNrKvN0D8nYV7gaOH8k4QW1HCZ_c3kB0v5j1wqU1z3yynOclezXQOfqAUP-I_cWCWgGaXfNwdohoLhz2MQ_-g0v2pH6hOd0h6NafsmL0qKVhhVZkchVSfn7vQoQYdHKsEQ0xWJ1CBcgTpZ6_aqkT1WwrPQJitcdZ-zOSlTsyH4srEKsdwH0sMTKC9CSKN4ZB5CR0MjkWNgFJBU9GX2NK85cKbscZKNMnbAMUq68FD67d0PGJhh6MTC-DKPfGRx3-WA9NQHoWyOTNnJNbMTGIcpdBCfDryRdnkFATYazbODE76FR7Vjmv5fNEqQ-wtyxEbOXAHdmEVhtEX1muAOnk4xpXCXqG7-lIqu_f91OTAh_P5OjMeYmeT-FLaGRQV3JgsUxDm_t8Z-3Hpgd6KPtopTInEaUPJSddQbGalvhQ71eJrWpQ_nVp8aPUSZj7RYQLH3Q8qkbf3TiJFVDFnyEEi46E-zgJPQhtO57MqEYm5WqkfKjXWNr-1hAv9qdcSTHDlCtJQo0Cp_COXzFvhmc68dllKxY0KXNROxivqakQJs619gLry82IDk5-vTuN4NDXM5TO4wWsJRkjulgcfU_n-JpZ3_OpwnvpCXZRa3ATp4Edmd6hjQhIxlN75hV3z8FSMX9Lq8eucs5csJ1rWzUnS4dyxF4PCwYjUtGQSEaoDuAOtKlhGDUW2ttV76CMSCdf47YSC_WH_JJ-Irwob5hPZdeEED-BKMS-K0&cbvp=2&vis=1
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 0DB5
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCY7MOB1gZZSeH8mA7_UP9_WdmAbukrWTXL-ihcfkBcCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05MDU4MjkxODU0NDQzODgxyAEJ4AIAqAMBqgSzAk_Q4tdz9fXDzXw-TeXTDnaDIHkuUcz2geX1uC8fNPKURnZa1xo2Yj7U0ymxLhGzrPtWcYMF4czltQWysh6DDiNZwRKMUnpOMU_LdXDL5RgY-xk1Qy_ok7Vg4OkRz915kDn2e7Ajyg1vupE2w1xdR5oXN8XEHdnRqj_a6xqPxapZr2fhU_usfMn_zeT-kzjbivfgMF_l4HnbkeCjMRnyyhM45TEEfHcC_ApUZ3kn1O0ZVCsZGRjaKrsnv7whu-JJ14FAoxczyQITF4HhtPso91c5FhRgL8xe7ST3O75OE9d4-uAZn8OCTt7ZP9_YfOIkXpwxlCC2ABO6bRZmlSvjq6TphY1bN60ZjbgR4NQLoIJExlhQRfj2_xatcfWsib6psmTj293s5oIa_eJ0uN68xpiMijngBAGABozvre3q7suRJ6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tODYzNDYxMDYzMTg5NzE1OYAKA_oLAggBgAwB4g0TCPnP967d24IDFUnAuwgd93oHY9AVAYAXAbIXHAoaEhRwdWItOTA1ODI5MTg1NDQ0Mzg4MRi212k&sigh=SicHPh49dJ4&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNsrr8xoG7tLv2tnVHAf9mqOk_-PGH40zb_qEkkI8p1HCzWJCjNEnHkD1VCXfyxbNFUiBDfuxNGAE&vt=10&cbvp=2&vis=1
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 6C65
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDNJ0VzOpQldSqca9YTW88vwASU_muG3o0mFK-FdGcinqhpaHCZsnjGQFPWXMKQkAfV_dLumkmBHAzg-bRExNz4XUsQwXrSFfzfbnOdpVesVnp0AvWLAR7EFHAZEY2YUvwJ7yaYU_E4MM0pL9H5fXwm8f2iTiTfSnBYKyVpRwHN5YIGTGhGvni4j_EXxo58etFYCpXK3skTUiociK-9tTuv2r9v357me6iEK8QGhgUlkStUC_9yUVFqBfvJL72tz7RmNuepcN3zdOLoPrOdagtT19pAvo2an8tf5nwsb7ZShc3bzEK8U7lj0VZG39yBz493OPVhd32LY7ne2a3Nc-HcA9MZWi8yNvwC1xE5bnz1A3k5Z70FqhkQ7kXZnkDV_R6ikXnlHE&sai=AMfl-YTLP9cK4iIvsj4ZyM6bmgdl2DQHtIMlxTknrzpWqxgalvQ7dthlXqQgkF_eYb_BMbziLhP1ayQiI--W2cgGVRh7cLA7NSnK65-kBhEOnJZ0L7UfNmxM058PfwTQkbk&sig=Cg0ArKJSzMQt3vd_8bttEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 24 Nov 2023 03:49:13 GMT
dpixel
cms.quantserve.com/ Frame EB92
35 B
464 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONVUMmrOEgcjCy_BQ5bu9Y&google_cver=1&google_push=AXcoOmQhyvqRfo9-0luzdJUgNNVnik9juheyQ_u7yux1Ko7CebEK8HpUMIoSHnBeoEKXt460xys4umxupCPIbmtZWhCS9kdzKLqX
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB92
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT8KI...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lPOcC26NzCuVUZtfYK8Z-1Tp3mCf_lGnBrE5mQ&google_push=AXcoOmT8KIRl78x81WsxywcUDYuGYNS-6w8c6_RWCyfCKXhggw7d0zhC0DXgsNDf9OBjlz1e7CEG5ai_iYYZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lPOcC26NzCuVUZtfYK8Z-1Tp3mCf_lGnBrE5mQ&google_push=AXcoOmT8KIRl78x81WsxywcUDYuGYNS-6w8c6_RWCyfCKXhggw7d0zhC0DXgsNDf9OBjlz1e7CEG5ai_iYYZjAusX1ZQXEyKdmPa
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:12 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-lPOcC26NzCuVUZtfYK8Z-1Tp3mCf_lGnBrE5mQ&google_push=AXcoOmT8KIRl78x81WsxywcUDYuGYNS-6w8c6_RWCyfCKXhggw7d0zhC0DXgsNDf9OBjlz1e7CEG5ai_iYYZjAusX1ZQXEyKdmPa
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
773684
content-length
0
expires
Fri, 24 Nov 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EB92
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTiW3WANpqEj3z3b5Kh781cmsFFoT2FXks2WfV0ZH6I-90GebJ6fdSHXqxoGvqesLw3Ya4WaPQk...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTiW3WANpqEj3z3b5Kh781cmsFFoT2FXks2WfV0ZH6I-90GebJ6fdSHXqxoGvqesLw3Ya4WaP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTiW3WANpqEj3z3b5Kh781cmsFFoT2FXks2WfV0ZH6I-90GebJ6fdSHXqxoGvqesLw3Ya4WaPQkAdBuUNy0mVSrQ6NUqkry
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTiW3WANpqEj3z3b5Kh781cmsFFoT2FXks2WfV0ZH6I-90GebJ6fdSHXqxoGvqesLw3Ya4WaPQkAdBuUNy0mVSrQ6NUqkry
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame EB92
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYInNcKlqt_9iVVx842cBIFIRzy1tlKVnUYqvHVcpwiQ
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1A5A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
URL: https://7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:13 GMT
expires
Fri, 24 Nov 2023 03:49:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:13 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame FC58
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8eaf58dc7665361afc4e458d32a340c78f656c2758f4302a98b2ffcb740a70d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31560
x-xss-protection
0
server
cafe
etag
910 / 19685 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:13 GMT
prebid_2023_8_15_7_52_11.js
anymind360.com/js/6621/ Frame FC58
301 KB
95 KB
Script
General
Full URL
https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70f5afae2896e4f0428eaaa8b95691bef9b84851a34de854b12f5205a123f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 04 Oct 2023 16:08:53 GMT
date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
2674730
x-guploader-uploadid
ADPycdt4JmOgxg6p11J3aZJO15MoE2tZp5cDSmikpRQzLfU6iueAizdZ4lzZjQzwrzsd-PKLo94
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
96646
x-served-by
cache-tyo11959-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797754.561842,VS0,VE1
etag
"7c3d582f641391d2eafe31b502454859"
vary
Accept-Encoding
x-goog-generation
1692085963456049
x-goog-hash
crc32c=K30Atg==, md5=fD1YL2QTkdLq/jG1AkVIWQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
96646
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
2, 1
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ Frame FC58
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com&bust=31079757
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bac6d1edb06778ac423302cbfda1156c9a9be7476bd7851f7e547d64a400da88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137281
x-xss-protection
0
server
cafe
etag
10089638446787764689
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:13 GMT
fbevents.js
connect.facebook.net/en_US/ Frame FC58
202 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 03:49:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
og3GIsvYEydM5eLy4PD2RVrXhnnCpaHiH6JfOi+z9bCQods1GuXFzx7CL8/AewaoRjtNpImnpGezoUXEBfbEug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame FC58
112 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS8VMC8
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f791f62920f18fda3fd609e00303fbf575836812b561a05fb7d230a189127f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44346
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Nov 2023 03:49:13 GMT
icons.ttf
www.marumura.com/wp-content/themes/authentic/css/fonts/ Frame FC58
15 KB
9 KB
Font
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/fonts/icons.ttf
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-ttf
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
www.marumura.com/wp-content/fonts/roboto-condensed/ Frame FC58
19 KB
20 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d448991d15499edecfb0ad39bf668320897c3dba15c73aa6e13fbe6356569183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Oct 2023 15:08:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame FC58
15 KB
15 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
899651971d6c75117d28df0030f881b94f93c8b0540364cc3d569cd3c8195010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ico_travel.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame FC58
11 KB
11 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_travel.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f8534d93da83a0fbbb300cbc00cca18d6a3f08925c51a073ba90bc48542147a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
nKKZ-Go6G5tXcraVGwaKd6xB.woff
www.marumura.com/wp-content/fonts/kanit/ Frame FC58
13 KB
14 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKZ-Go6G5tXcraVGwaKd6xB.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
de702bd87ba6644b1e1079ebe74385a9f1ca64ecc82b79a4888e8af5533a540a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKZ-Go6G5tXcraBGwaKd6xBDFs.woff
www.marumura.com/wp-content/fonts/kanit/ Frame FC58
9 KB
9 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKZ-Go6G5tXcraBGwaKd6xBDFs.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
61b770106aa1fa33606ec43fe30c388740ee75176f2482403a48d55ce3a3163a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ico_lifestyle.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame FC58
19 KB
19 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_lifestyle.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b1a4765c4086ab9a52000087ffb5f15b35b51394467987a50040e7e43b6c89a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_foods.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame FC58
18 KB
17 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_foods.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7f7337abd33251d4467aa6cb7244c1a3b5cbf90efcf474f9383479fa4fcc6d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_item.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame FC58
1 KB
771 B
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_item.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48c98e8609af4dbef60b052a9e7f468721bae298b23325ae7f9a99a7707d38d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
nKKU-Go6G5tXcr4uPhWnVadrNlJz.woff
www.marumura.com/wp-content/fonts/kanit/ Frame FC58
13 KB
13 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr4uPhWnVadrNlJz.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c8d72610219d3200ba9ffc11cad1dc796ef68ebe94d7f75d50c41e063a22d2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame FC58
12 KB
12 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4fb031caa17064d63bad6a66b503a2af1e73a3266b226056302f2447070d79e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
powerkit-icons.woff
www.marumura.com/wp-content/plugins/powerkit/assets/fonts/ Frame FC58
26 KB
17 KB
Font
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
84bcb397ee8fb28950639b02674337575578302143c9d6f1bfc6c6fb2584c4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
www.marumura.com/wp-content/fonts/kanit/ Frame FC58
13 KB
14 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7470a14b8058cb8e35ae75127e935c4036071fb9aa0422351830c9bec6b2764d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aBVJmXYO5gg.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame FC58
14 KB
15 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aBVJmXYO5gg.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f99faedbb1ca9dbf0c9261bc88c42afdcab10f792bd42873638d67f4930aada9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
/
travel.marumura.com/ Frame 1A65
0
0

DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame FC58
12 KB
12 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
16614edb31cb210f98c4980e88e9461887b094d09ab3809d1d2587de1fc5c8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame FC58
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42505
x-jsd-version
1.0.1882
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63a-NecRQpEq1uzv2Kl3Q8ftGEfSD4M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9Tp7MdzMqPm0gYztd0nlHxjgAv4QIU34U6aTfrsW0vxnebbPSsGrnznETnz812j3lw6hywW1tGBhExd9ZpfcrDPdEiV8mp0ddhaKmIGlblifXEOuVe%2BTOmEZWyGRUzU9cNrbz1ZoGMTzqyafpc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aeae484af9049b-FRA
activeview
pagead2.googlesyndication.com/pcs/ Frame C535
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumQXVnw_qcxKGblopOP47yRn15Ycgt5qRyIErEZP0KaRbeuvXCmT6Z9y9H82_xcbwRwAGRbGCuUZ_Z7vC4tuPs9zQXeLyFp0GooZi3xdd1fqC4ZSr5&sig=Cg0ArKJSzA1bqGwFBWunEAE&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.58&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700797751719&rpt=818&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1429288180769098
connect.facebook.net/signals/config/ Frame FC58
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1429288180769098?v=2.9.138&r=stable&domain=horoscope.marumura.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45169a0288f8652815bbffc2f599b8c93686fdaa4aaed19484dc59e639fe3768
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 03:49:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5flsrM5kO/OX8NoK5mpVwi77w36FKsuQi6Oh7ge/uxs9zwrqRRKLkAWp+rbaLEVu66UqqA8T0+8lrmNvz/Aptw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame FC58
297 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f89d20c2ea67c5559c6c1ed8b31c43ec
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e552518e914bcb389ac1c194bc39611583e6d672b646f89a2589dd4604e446e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:13 GMT
content-md5
KuZ9jiOH3ecfNYDKEB53Hw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86879
reporting-endpoints
x-fb-debug
IkalQRQlhJV3h5OzOvq9BBA+Mo3oq62vyt8Ao4T0OG6hz49TmPkSesDpGTScZ15Y/i1f0kUKOJBqfOAIIsucYg==
x-fb-content-md5
8afc949efa74c7e3095a374be13de70c
cross-origin-opener-policy
same-origin-allow-popups
etag
"14074782ccd6222eb58dce3dc8d6f510"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Nov 2024 03:16:29 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame FC58
429 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15318
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:33:55 GMT
js
www.googletagmanager.com/gtag/ Frame FC58
261 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba5fc39844de982947817307cdf44c2355351bca821c7f3df52290c7a2d78993
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90227
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:13 GMT
analytics.js
www.google-analytics.com/ Frame FC58
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7175
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 03:49:38 GMT
/
www.facebook.com/tr/ Frame FC58
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1429288180769098&ev=PageView&dl=https%3A%2F%2Fwww.marumura.com%2F&rl=https%3A%2F%2Fhoroscope.marumura.com%2F&if=true&ts=1700797753777&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700797753774.1010096808&ler=other&it=1700797753664&coo=false&rqm=GET
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Nov 2023 03:49:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
all
csm.eu.criteo.net/ Frame 2266
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cm-YxETPs9aHMANRpaukL-KDBxOibQSPsi8eJazyJzFUT6BmAk0Xu6rjXDtVC2BfaZJdHsgdYFeOEQ8mUDxtcrP8rMP0rKHoMdVbT2MvzmVf-_fsjAL_4nJ_ghP_iFnBFuIkFnRgtA7YF1EgrhkTPBAI92mecTDl4a1v3cUDcyWrMTSb_rQjdpHS-IrSxxqy4qb7CW2Ih_rNOk4AMOtui6Oml2sRyt6mNOxz59oH6qtSDSYKNUrV0R6qYrMNz954CZ5KIw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdNwAL1LEDog5yAAW8BgeQ-TnWYx0wiNh1Aw&u=%7C4%2BcDXGkmWJpe2ZWv5tl7eP681o9UJMrc3lxwiIPGY5Q%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZegnr1D5uy3PZVTcDBqK9MN1TCHaPaJCRX7xUKd9g1AGXEgw4uCfKwmRiDSxUhRi1TAc8eqsgqP8JJ952YMnU9zeX-eyPvNVk3UFXc7Sh8mbv5FSFOvfcbH22VuqYywOyiH9UHv8kUbQyeaKMf_Tsu9EYdIcEHC3yDUv0JhFhCiDFnpP5agow75z8u3P2NATFSGReHCkMKVu6e4KdkNCC02ZoAzCzWMQSLHkx_N9BSXANYkN_X8mvG3CH4IBoRsP585E9qCH349qwFRj__d9CkPoMl_RQYR4z_ZdKQ74YUvs-Az9DGzioK-9G3dQzSwo2LUpFcQYmMDX5CfX0sPh0pa7fLRPLzoPpkagEBFSCzb7SLcLKa5z4utpPkrk1e8-eZ9G3SyxF9e91vBYEr5uiWvot3VNd0WSpdJ0eLEMQlU3LNh09H1X2lAqieWEgOs50tMal3ZjjP_Aa851D8z5DFtNxWdlnKEVjXEKOnwv82aPCam4-Vhs8kSpsEpXkCmSRkQxISpTFkQgRLxTaNRETKEFuepCShrgBX7x8q4VkVQuLsoKUzDGOOQt6mIU9bZa0Xw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCfDa5Nx1gZbGpL_KciM0PhviWkA7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAu2qNth1S7I-qAMByAMCqgTNAU_QBCMHTedL7gGwfvVFN6QlHkam3nr8r-tjIVP3V79DiB4-QBVVyzCHLqb525G5nZBgXaLmEM-GpFtSuO149YZRzNWv_YH1Eur585uFwMDi7s5KNCUCoG86pcuMpx1eoxz03BYWv6RXm2pzP0YrogFN5e5q8NiKyc5yk9h_4r4G3_vtQGGU1eelVF8dosCMzmcgtdcXBhKBjiADCPMDzvTO7oVte0lx7uQFybzvOF-Xp2ZTHTsCStXkOMRzp6ll7hrt2CSzlegwWGBZY22ABviF5cKri-CxggGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0rUYjNwmBhy6FJ034LgdhcAfZCjQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5155
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=3279755396&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753540&bpp=24&bdt=855&idt=271&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=1047774126216&frm=24&ife=1&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.jtq1fkxkqq67&fsb=1&dtd=326
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com&bust=31079757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7ACB
37 KB
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=1844481270&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797753&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753571&bpp=8&bdt=885&idt=306&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=1047774126216&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.i9nvrn79u379&fsb=1&dtd=316
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com&bust=31079757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15133
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F67E
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2828400960&pi=t.ma~as.4574689270&w=300&lmt=1700797753&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753594&bpp=20&bdt=909&idt=347&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=1047774126216&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.3cv2ioiilllk&fsb=1&dtd=352
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com&bust=31079757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15198
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BF95
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1816246101&pi=t.ma~as.4574689270&w=300&lmt=1700797753&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797753620&bpp=1&bdt=935&idt=350&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=1047774126216&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797754&ga_hid=498841654&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31078301%2C31079757%2C44807763%2C44808148%2C44808285%2C44809054%2C21065724&oid=2&pvsid=2135424220208984&tmod=141266612&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.hhrkrab6dcqe&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com&bust=31079757
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15204
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ Frame FC58
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=498841654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marumura.com%2F&dr=https%3A%2F%2Fhoroscope.marumura.com%2F&ul=en-us&de=UTF-8&dt=Marumura&sd=24-bit&sr=1600x1200&vp=300x528&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1893264436.1700797752&tid=UA-126552441-1&_gid=2113727439.1700797752&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=175802808
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 16:54:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39299
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7ACB
0
0

qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7ACB
0
0

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7ACB
0
0

recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame FC58
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 3E8D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYCUTiOUPDwGaGYFY3TK8wx1JEVXBIb3LgECyybe5tMVAHrMe4msoLzmbN84IHBjKndE4eAadGDh7tsC6fA4vVdGkDcquwTMzFEH3xieBwo-Z_FLtch-VAEbJFcsCLUd00hzoZYQWelC-v&sai=AMfl-YQpdPBhYvyH-HGXiy5j3x1uIYgMW6iUjG2MkU1nC1r-8yqMnOXhxKgg_VvhWe5i8gk5dZsfl1eF1OwNZaSKV8HBRU7cRNqRbibRCJAz11hi-1jqWY1w7T27qt6OMGHEkQgFAf-lJivR5xWou-8BKg&sig=Cg0ArKJSzKK0OisbLNasEAE&cid=CAQSTwDICaaNT8PmpHVdeF5fzcTKtZN7Ef_C21Y8L_XTI25aWBJIexSBxJ4Z5qlNFbN2uIey5r6YTihSiC5W9GCFumywe0021YBTY6yapWz0KwAYAQ&id=lidar2&mcvt=1083&p=0,0,280,970&mtos=1083,1083,1083,1083,1083&tos=1083,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1163775930&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700797751648&rpt=1414&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.marumura.com/ Frame FC58
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame C535
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame 28A7
115 KB
42 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf836e56f5a3409da4bde7aac38bff468625a7e37862bfedc347450a9b70fb89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
43038
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8981
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame DDD4
37 KB
15 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
998993c4252cc2f4f061efa2af29ce32a3a8ba07e6d27f722b2a1a38a0fe58c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15395
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 6A6E
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame 3FAC
37 KB
15 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85b691a046695d4457e6c0f3eff33e9dd528378df87be3af0244da33e5e1de2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
15235
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ Frame FC58
0
0

/
www.marumura.com/ Frame C09D
295 KB
26 KB
Document
General
Full URL
https://www.marumura.com/
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be2ffa28912e8c4640e66d61a3b6436971dd4873cd25764939de24cef5cf5118

Request headers

Referer
https://horoscope.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.marumura.com/wp-json/>; rel="https://api.w.org/", <https://www.marumura.com/wp-json/wp/v2/pages/763>; rel="alternate"; type="application/json", <https://www.marumura.com/>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
2b55.svg
s.w.org/images/core/emoji/14.0.0/svg/
238 B
573 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/2b55.svg
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
5902ffd2b365f06db61fbebe2addae16082240141877fa5fbe2d6a7cd35ea5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://horoscope.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Nov 2023 03:49:14 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:59 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
content-length
238
expires
Thu, 31 Dec 2037 23:55:55 GMT
powerkit.css
www.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame C09D
25 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
www.marumura.com/wp-includes/css/dist/block-library/ Frame C09D
93 KB
11 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
posts-sidebar.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
4 KB
862 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
527086ffd8aa5bdb2b00dd5be1b15e7d0d282ec26955944b49fe40dc21a7c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
twitter-slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
1006 B
378 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7e5fab99472dc83e9e5bcd23c18083cb02c196b5a9724b4a78d8e44b6ec40e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
4 KB
711 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d0fd465e6448ac9eac534b1e2b4a3db8452a384b95b1f2c8133a07ee3754976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
horizontal-tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
4 KB
713 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1667635447
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e9eb0dfb3e114bd11eaa4cbe8a05836cee318b60cca12c94c3b0d3f5f2bfd8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
full.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
4 KB
735 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1667635446
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
77e62403c5cf03c97081a20ccba81971391e554663c76f39b323a2e6045958c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:06 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b396a226099848f402ef5695b662acc20430fddd59d405586e1afb3b8d95c0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
carousel.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
3 KB
561 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cbf736f12d658470e6926d309bc0b77d6f2d48f3412f7659aca07a96f5f90897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wide.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
20 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4ace7cb9bf8a3cd67c5d43ab6b1e29e5733b05fd71babbe32d9230d8d1e7b720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
narrow.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame C09D
9 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37be9771bb7032cccd856084f2489bdd36728c670ab8fec9b459615911cbb2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
classic-themes.min.css
www.marumura.com/wp-includes/css/ Frame C09D
217 B
320 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:29 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
styles.css
www.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame C09D
3 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame C09D
2 KB
684 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame C09D
21 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame C09D
1 KB
572 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame C09D
9 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame C09D
3 KB
843 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame C09D
477 B
364 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame C09D
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame C09D
4 KB
910 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame C09D
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame C09D
3 KB
825 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame C09D
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame C09D
1 KB
642 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame C09D
3 KB
814 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame C09D
1 KB
512 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-share-buttons.css
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame C09D
71 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a9c8c9a37641484b70c3f306d5bdbddec691a1c219ae95cb3dceac43b0560324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-social-links.css
www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame C09D
149 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3b274ccab22ae80e2b294f5c99ad5519b374e77c6298a1ba82949374fd778b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-table-of-contents.css
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame C09D
3 KB
1014 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-twitter.css
www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame C09D
3 KB
946 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fc418b8f556aca3aefbf6f6e0208c2bd88b8badda8828b27c366bbf91784c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-widget-about.css
www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame C09D
1 KB
506 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
frontend.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame C09D
101 KB
14 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
143ed41fe58e7d412f14a6ff4f8c0f38094ac683f3f8ace929bd0c4f3c54ede2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
flatpickr.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame C09D
14 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
select2.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame C09D
15 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wpcf7-redirect-frontend.min.css
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame C09D
316 B
273 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
if-menu-site.css
www.marumura.com/wp-content/plugins/if-menu/assets/ Frame C09D
929 B
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Wed, 19 Apr 2023 15:14:58 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic/ Frame C09D
243 KB
29 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f520476b3c7e02702e80af9a07d6633860bca07fa529f68eb52cb4ef1260e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:53:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
subscribe-forms.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame C09D
23 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
bdbf202cd096103d51142548fbc224c54daec112d86dc4fd4a1bd123dddc9927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
click-to-tweet.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame C09D
3 KB
737 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/click-to-tweet.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dc15061d8c788e977befdf83b405f229f96556c3fb1c31e18958a66f20754f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
essb-display-methods.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame C09D
10 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-display-methods.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dc39b26a60ca5c40eb1b737bc7811ff55431197a284ffbe690aff85c641ed600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
social-profiles.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ Frame C09D
32 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
easy-social-share-buttons.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame C09D
71 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic-child/ Frame C09D
15 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be3ba7e056677a03577a5228783d4c2d12a85bfd84c2f4c0db2a610ddcd7cd0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
legacy-features.css
www.marumura.com/wp-content/themes/authentic/css/ Frame C09D
13 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5c6fadfb3fd62eca8b226de74d73b64e2235f1d7962b5440f136aa6cff0ac35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
jquery.min.js
www.marumura.com/wp-includes/js/jquery/ Frame C09D
88 KB
30 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
www.marumura.com/wp-includes/js/jquery/ Frame C09D
11 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.dyngroup.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame C09D
2 KB
1022 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
534e0339d7dd364cde1afcf77eef6a88b4b9c6cfdd1b450c622f0ad1004a04ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.clicktracker.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame C09D
365 B
394 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
flatpickr.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame C09D
49 KB
14 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
select2.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame C09D
69 KB
18 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C09D
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4b6193c71ca1a7dc4113c81856c09de19c58212f6e7adc67cefa506db0daa4af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52726
x-xss-protection
0
server
cafe
etag
18312043521056723674
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:14 GMT
js
www.googletagmanager.com/gtag/ Frame C09D
132 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d28d76d0a17f0452a261d11245ef69967a4e9fbba9b5766973e117009e2238b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:15 GMT
ats.js
anymind360.com/js/6621/ Frame C09D
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51205
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797755.532092,VS0,VE0
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 2
atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame C09D
0
75 B
Script
General
Full URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cloud-trace-context
d4602ba60bed697ca03b34a557b894a6
cache-control
no-cache
date
Fri, 24 Nov 2023 03:49:15 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
application/javascript; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C09D
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1499b12c8439713c3313a96820d953e1fb5eb3cf3a9a0f670415e96f068fb648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52743
x-xss-protection
0
server
cafe
etag
10995252112261927050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:15 GMT
logo_marumura_b2.png
www.marumura.com/wp-content/uploads/2019/07/ Frame C09D
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b2.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
689914cf34ba4bec16ba9c2c275d7b9c5fb5f2d82e68e8ae96807b525bff5297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_b.png
www.marumura.com/wp-content/uploads/2019/07/ Frame C09D
16 KB
16 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4a4916c174a4a973131449091d8ca84fed7b6460dab15352d24cf18a787e4cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_w.png
www.marumura.com/wp-content/uploads/2019/07/ Frame C09D
13 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_w.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Kintetsu-Yunoyama-Onsen-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame C09D
24 KB
24 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5f4be103da5669c15790e1c4307e13ab2a95eee475d1e8d0111fcc91c77b28d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 00:51:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Jewerium-Enoshima-Aquarium-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame C09D
17 KB
17 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
11b27fb8be1f5de613fe7512317c2412afdcdb86b9ea19fa9b26781504b93b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Nov 2023 18:56:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Umekoji-Potel-Kyoto-_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame C09D
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4384361fa2e71faf7990051ab247fec44e3a7c7a0c8f81cc73269c867da0b207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 10 Nov 2023 13:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame C09D
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
79833636acca510b690d7e89aaf35a10c54a335085bf27adeeffb9edd5b0fc73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 27 Oct 2023 05:11:56 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Asuke-Toyota-City2_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame C09D
30 KB
30 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
57bb80202f72a1899e8eba944001bbbdf2c5b089730dad75b0f477ac2d57b790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Oct 2023 09:58:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame C09D
141 KB
141 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
41b4bb5f1b18aa7756c1cfad4745dfe33833aeb0f9f4a75698f5a830b5283296
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Oct 2023 13:04:10 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
AD_side_banner.jpg
www.marumura.com/wp-content/uploads/2019/07/ Frame C09D
88 KB
87 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/AD_side_banner.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1382c8a53f7b1507aa7097e398a8d966d9fbf892cf6d659b75d928c1a2b0838d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
wajapan.png
www.marumura.com/wp-content/uploads/2019/07/ Frame C09D
23 KB
23 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/wajapan.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c813626711a109d161fc3d9ca62ee2f06c4b513be96c9d32a2ebf505959cd741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
maichaiguru.png
www.marumura.com/wp-content/uploads/2019/07/ Frame C09D
56 KB
56 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/maichaiguru.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
96982b32c280ec6fcfbaee6e8640f8aeb2b726b8e44ff8763f0d5be4e1d7d01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:18 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
sdk.js
connect.facebook.net/en_US/ Frame C09D
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca63359f06714f8efe2191d9d3269b178dc27b13f342ba5b1693a159c2c1b0aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:15 GMT
content-md5
EjK0GqqEzn3bHt8o5CxB7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
x1/KtQHG5IToVngk6HMahzmsTgSJNjXa35r2keHJ4ZA/oITNGVY0FgoszKFrhFG2vzQZmmpxOBAlbuAgvaTFuw==
x-fb-content-md5
7ea1f12f750d7bc5de8d00e729689e9b
cross-origin-opener-policy
same-origin-allow-popups
etag
"c105a1184abe580d1e13e3daaaff6a34"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Nov 2023 04:09:14 GMT
front-flex.min.css
www.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame C09D
2 KB
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f0a79b76f29f3b28b2f8995f7bd635bc5fe214d434bf0deb43d91c2c36219b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:22 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame C09D
10 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame C09D
13 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-basic-elements.js
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame C09D
1 KB
556 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.justifiedGallery.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame C09D
18 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-justified-gallery.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame C09D
2 KB
761 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
imagesloaded.min.js
www.marumura.com/wp-includes/js/ Frame C09D
5 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
glightbox.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame C09D
55 KB
15 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-lightbox.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame C09D
4 KB
1 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-opt-in-forms.js
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame C09D
1 KB
643 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
565637476a6f33a1187e3dc40aa6f65fda018dd1ed19f088490bdd2c2076b6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-scroll-to-top.js
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame C09D
507 B
417 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-share-buttons.js
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame C09D
3 KB
975 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
flickity.pkgd.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame C09D
53 KB
13 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-table-of-contents.js
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame C09D
3 KB
985 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6abe50ef3e60504ea153ca28d383b84b8b184428f316d1038feebd6282463d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
frontend.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame C09D
19 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wpcf7r-fe.js
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame C09D
8 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
owl.carousel.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
43 KB
11 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
colcade.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
9 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
ofi.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
3 KB
1 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
15 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax-video.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
17 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
scripts.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
60 KB
12 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
327ad04216c88f3f35ac035e4451fa3a0bdaa3267784ad8ecb99ce5946051ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
sharing-bar.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame C09D
2 KB
768 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/sharing-bar.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
30ec71893c027ac54602cb5eb38d30a97c39540f4a5384f6a175a4d49935118e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
pinterest-pro.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame C09D
9 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
599fc36cdbfa2e704431b32f80c0da4d9f1207860923856f9aaf94ec34485b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
subscribe-forms.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame C09D
10 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4dacabc4dabd01ad27708f6444f4e6353ad90a4c9426483bd4806f94a640db2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
essb-core.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ Frame C09D
36 KB
9 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c6be7331c3d44a11a2eeabf7bfa52816d79b6ddd7a4cbac40edd973d2e93c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
api.js
www.google.com/recaptcha/ Frame C09D
1 KB
885 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&ver=3.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6beeecb273015521bdee590f53b5cf839ed939c39767689df623d19d74f56e4f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 03:49:15 GMT
regenerator-runtime.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame C09D
6 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wp-polyfill.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame C09D
17 KB
6 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/ Frame C09D
999 B
626 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
legacy-features.js
www.marumura.com/wp-content/themes/authentic/js/ Frame C09D
11 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1aa871bfe9fa89c6f4f39426df6c430a7fe26afe36c01a8464aa9eb4d2573f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DDD4
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DDD4
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame DDD4
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXoKg0mDrDH6hsAtt_wscB-689rApQAA5a_yGPYnwRkwkL4i3Q20LtQlFPcmhgJ5mkDruulY7aZPg8gDRL14in2OkkeA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dr
as.ad4m.at/ad/ Frame F31C
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1ghvtts2h0ybny4sfcqbt5263rwgdg34ksp73g2bcspbt9zz5nbn30t3g8jgtzk7c7fqxcxkeb58a9ee1g4kapp9xe3yyet9pqtndfzwe6jrfeb0vhe9rhvwbz9acqjd431n7mr62emxw1kwnkvzh1xc3e36n3e32b1e3ytpapz6y4n74bemha82hkxwdx8wk758w0km3w8t3sxzwdbpdtayy0k3jgh6gj8m6hk48qrx3vbnn3cqdtfg9c5qfkreztk8cdgcnwyh5bzxtcve9akyxmjf8jmzbt7vas5wg2x2pv4b7yzy1ryx6bw8n1s8mc6ddr7b6k54mgyd8g53r4m9wfnkpv7ytb332t114zeqna7chhqjfh5yyn9pwm3a8keg5s090wvf8f93ksdffbqetfjjsptw5k1kvnnk9j3tay0yhdg9ym5ac4ftt4qegtav39wtcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ed86099be0bb589d176e7b01dcde9fb2e179e8b2dc847e8ac149701f86c0a6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae4e1e019116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3E7E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DDD4
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:14 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F31C
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ghvtts2h0ybny4sfcqbt5263rwgdg34ksp73g2bcspbt9zz5nbn30t3g8jgtzk7c7fqxcxkeb58a9ee1g4kapp9xe3yyet9pqtndfzwe6jrfeb0vhe9rhvwbz9acqjd431n7mr62emxw1kwnkvzh1xc3e36n3e32b1e3ytpapz6y4n74bemha82hkxwdx8wk758w0km3w8t3sxzwdbpdtayy0k3jgh6gj8m6hk48qrx3vbnn3cqdtfg9c5qfkreztk8cdgcnwyh5bzxtcve9akyxmjf8jmzbt7vas5wg2x2pv4b7yzy1ryx6bw8n1s8mc6ddr7b6k54mgyd8g53r4m9wfnkpv7ytb332t114zeqna7chhqjfh5yyn9pwm3a8keg5s090wvf8f93ksdffbqetfjjsptw5k1kvnnk9j3tay0yhdg9ym5ac4ftt4qegtav39wtcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1ghvtts2h0ybny4sfcqbt5263rwgdg34ksp73g2bcspbt9zz5nbn30t3g8jgtzk7c7fqxcxkeb58a9ee1g4kapp9xe3yyet9pqtndfzwe6jrfeb0vhe9rhvwbz9acqjd431n7mr62emxw1kwnkvzh1xc3e36n3e32b1e3ytpapz6y4n74bemha82hkxwdx8wk758w0km3w8t3sxzwdbpdtayy0k3jgh6gj8m6hk48qrx3vbnn3cqdtfg9c5qfkreztk8cdgcnwyh5bzxtcve9akyxmjf8jmzbt7vas5wg2x2pv4b7yzy1ryx6bw8n1s8mc6ddr7b6k54mgyd8g53r4m9wfnkpv7ytb332t114zeqna7chhqjfh5yyn9pwm3a8keg5s090wvf8f93ksdffbqetfjjsptw5k1kvnnk9j3tay0yhdg9ym5ac4ftt4qegtav39wtcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774316
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1abO0hTde26FujC%2FFxfrAti579CJ%2FiqXdrOtkQynouF1a7J01OB8HvqzguxJ7NjpMjDynVyLMqp5wLPeCS5vebZTKwwgnn%2FIdqslKakY7cSsZPTCt7qcfyC3N1F2kW%2FiZy5pLWYbeHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae4e4e189116-FRA
expires
Sat, 25 Nov 2023 03:49:14 GMT
r62eglto.js
ad4m.at/ Frame F31C
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ghvtts2h0ybny4sfcqbt5263rwgdg34ksp73g2bcspbt9zz5nbn30t3g8jgtzk7c7fqxcxkeb58a9ee1g4kapp9xe3yyet9pqtndfzwe6jrfeb0vhe9rhvwbz9acqjd431n7mr62emxw1kwnkvzh1xc3e36n3e32b1e3ytpapz6y4n74bemha82hkxwdx8wk758w0km3w8t3sxzwdbpdtayy0k3jgh6gj8m6hk48qrx3vbnn3cqdtfg9c5qfkreztk8cdgcnwyh5bzxtcve9akyxmjf8jmzbt7vas5wg2x2pv4b7yzy1ryx6bw8n1s8mc6ddr7b6k54mgyd8g53r4m9wfnkpv7ytb332t114zeqna7chhqjfh5yyn9pwm3a8keg5s090wvf8f93ksdffbqetfjjsptw5k1kvnnk9j3tay0yhdg9ym5ac4ftt4qegtav39wtcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335276
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gELe2C%2BkMWXmlsmIN8ZHHig30%2FnPztXSbIycGEvxZKlQzr9RfceJYfLBq%2B%2B9kavDsLIWvpEx3d41nJfQyrB41Ajv9rAF6icNs0%2BJbH5AINYLWgU6nJHR2Xk0IiizjMYnGRlAZs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae4e4e199116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
dr
as.ad4m.at/ad/ Frame 5197
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1j61219tzwxgk3xdd1xrxz05sbghw66mmfwp6c2c9y5vn1zmvas90ge8z9tsv93n60aggnpdwtn1nejzsc5yww8tnd2z0249k3axw6f2w0wh2w272njzhad309te86new1crkn93j5egfq4bxmskw6msh1d0agtchcf5ehs67skfsehdfr030635n06qctkj6b3c24ad0bj9p5t54vb5rkrt7z3xm554cbrtb42hyg9bgm3nw0kvg7rqky6axwhaqj62mtrmkaww5t5y044znthccehfjv54q2s7kk6te8f2qy82fxzqqvahp1kye8yc5ck7139rk4kacndj99n4075q2yjs61gfh10z3q9ky12rfqy33gm8hrsy001vfkd4fe3gaw5jvzk8rvndz64ayf8xhrgjr7t65b79pdq6qx0q152n1d90fpchrfc137pjp7b2qa3098&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0cc9843febfdb9725f2d2c9f089bfa46dda9da40d13278d97e4e52bba7e84a
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae4e5e279116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3FAC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1322
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3FAC
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3FAC
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:14 GMT
truncated
/ Frame DDD4
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6bbd8458be64c8c625de5592476e38bdc09721245b5220cebe8f0b8a44e3c10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 3E7E
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONVUMmrOEgcjCy_BQ5bu9Y&google_cver=1&google_push=AXcoOmRWerSovN_DpVac7fJfROCeEjdwmcN5dznzgFQ5MU_lpX0djIOagI...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRWerSovN_DpVac7fJfROCeEjdwmcN5dznzgFQ5MU_lpX0djIOagIw0vA0VOo4IS_C2mHXHKnb_Q0l_4HQ4d6YCEJe_-o2u8bA&google_hm=UI_6A4PML...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRWerSovN_DpVac7fJfROCeEjdwmcN5dznzgFQ5MU_lpX0djIOagIw0vA0VOo4IS_C2mHXHKnb_Q0l_4HQ4d6YCEJe_-o2u8bA&google_hm=UI_6A4PMLZ9a0DQBhrB6Uw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRWerSovN_DpVac7fJfROCeEjdwmcN5dznzgFQ5MU_lpX0djIOagIw0vA0VOo4IS_C2mHXHKnb_Q0l_4HQ4d6YCEJe_-o2u8bA&google_hm=UI_6A4PMLZ9a0DQBhrB6Uw
pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3E7E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmSFjWvjOgPLmWsRcCAMwoN502FGu90AHw46JRu0xgqIlRkIlcmnQ1udsul-WeZOnLfJErjB01CM...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSFjWvjOgPLmWsRcCAMwoN502FGu90AHw46JRu0xgqIlRkIlcmnQ1udsul-WeZOnLfJErjB01...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSFjWvjOgPLmWsRcCAMwoN502FGu90AHw46JRu0xgqIlRkIlcmnQ1udsul-WeZOnLfJErjB01CMX2d13ykeXdGd0tgeXdgFow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSFjWvjOgPLmWsRcCAMwoN502FGu90AHw46JRu0xgqIlRkIlcmnQ1udsul-WeZOnLfJErjB01CMX2d13ykeXdGd0tgeXdgFow
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 3E7E
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMGh0F0oh8FR4N0b9w6a6FDVGcDEPO5o6n944
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 5197
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j61219tzwxgk3xdd1xrxz05sbghw66mmfwp6c2c9y5vn1zmvas90ge8z9tsv93n60aggnpdwtn1nejzsc5yww8tnd2z0249k3axw6f2w0wh2w272njzhad309te86new1crkn93j5egfq4bxmskw6msh1d0agtchcf5ehs67skfsehdfr030635n06qctkj6b3c24ad0bj9p5t54vb5rkrt7z3xm554cbrtb42hyg9bgm3nw0kvg7rqky6axwhaqj62mtrmkaww5t5y044znthccehfjv54q2s7kk6te8f2qy82fxzqqvahp1kye8yc5ck7139rk4kacndj99n4075q2yjs61gfh10z3q9ky12rfqy33gm8hrsy001vfkd4fe3gaw5jvzk8rvndz64ayf8xhrgjr7t65b79pdq6qx0q152n1d90fpchrfc137pjp7b2qa3098&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1j61219tzwxgk3xdd1xrxz05sbghw66mmfwp6c2c9y5vn1zmvas90ge8z9tsv93n60aggnpdwtn1nejzsc5yww8tnd2z0249k3axw6f2w0wh2w272njzhad309te86new1crkn93j5egfq4bxmskw6msh1d0agtchcf5ehs67skfsehdfr030635n06qctkj6b3c24ad0bj9p5t54vb5rkrt7z3xm554cbrtb42hyg9bgm3nw0kvg7rqky6axwhaqj62mtrmkaww5t5y044znthccehfjv54q2s7kk6te8f2qy82fxzqqvahp1kye8yc5ck7139rk4kacndj99n4075q2yjs61gfh10z3q9ky12rfqy33gm8hrsy001vfkd4fe3gaw5jvzk8rvndz64ayf8xhrgjr7t65b79pdq6qx0q152n1d90fpchrfc137pjp7b2qa3098&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774316
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyVgKUYYCR2xj82g3dXHYJiuFHzWXlxJawf45Tplx7Jlb81WWrsXwOOul13ikzixtqqSvBFg%2Ffwmit%2FgnEyVuSv2vfmFIRRJniWhoZSRKZ63oxKPGos8qk3oWOB4bHiaNrNCqHtpLKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae4e8e3e9116-FRA
expires
Sat, 25 Nov 2023 03:49:14 GMT
r62eglto.js
ad4m.at/ Frame 5197
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j61219tzwxgk3xdd1xrxz05sbghw66mmfwp6c2c9y5vn1zmvas90ge8z9tsv93n60aggnpdwtn1nejzsc5yww8tnd2z0249k3axw6f2w0wh2w272njzhad309te86new1crkn93j5egfq4bxmskw6msh1d0agtchcf5ehs67skfsehdfr030635n06qctkj6b3c24ad0bj9p5t54vb5rkrt7z3xm554cbrtb42hyg9bgm3nw0kvg7rqky6axwhaqj62mtrmkaww5t5y044znthccehfjv54q2s7kk6te8f2qy82fxzqqvahp1kye8yc5ck7139rk4kacndj99n4075q2yjs61gfh10z3q9ky12rfqy33gm8hrsy001vfkd4fe3gaw5jvzk8rvndz64ayf8xhrgjr7t65b79pdq6qx0q152n1d90fpchrfc137pjp7b2qa3098&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335276
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbd0wMpPA1gmqozRlTepUpqwElTduXEXuvqAN43kiK%2BirbaDs4n8EURAwMABMGGDR%2BSomxh4PGhUyYKQRoe8vAQrINgEdORJSKjpoTguOeL2HiZn0Qzuh0Y9JgV%2F8v4mSQS3YCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae4e8e409116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F31C
350 B
672 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315002
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLUJ%2BVojg9A%2BUzChXTolICHxT2blz7aYGCB4U0nPGqetk%2BIyRO9xlwilkhluG27jmYIMm7WzJTFa4WCP4SFN%2BGZHy%2FKzThAzlhMQG%2BDUt5AZm%2Ba3J4J5xoTgdTFjoXddbO%2F3MlW2rYVrsuNtuIKi529R"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae4e8c873a84-FRA
expires
Tue, 19 Nov 2024 12:19:12 GMT
frame.html
ad4m.at/ Frame F5FB
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774317
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae4e9e479116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROcB4Zk%2FMuODsczmbFpqg4sa3IY7GU%2Fx9moBzKNe2vOAwcFpEDKWnCMEvUtAZ1VIucB7aayBWKDpZnAZ%2FfJpu1Oxa1RcKF5E16TDhsbYherI9DT9roy0VKhs4x2VdLczDnQ7S94%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5197
350 B
911 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315002
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l31av7ct36Sb9WjF9e%2F%2FDhMA8N3Q1JlJJguaAX0lPBMNKYdl5uAsSCZ4VrO519MVJOYNllpmdbLv3LCzd%2B8c5fiBgeUoA3gh6HWRkmfVdxPrPEquXtQIkiyfUGpx%2FHtEoRcFs7HOoiKAPfuNhBulRF8Y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae4f1e4f9072-FRA
expires
Tue, 19 Nov 2024 11:23:05 GMT
dpixel
cms.quantserve.com/ Frame 1322
35 B
210 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONVUMmrOEgcjCy_BQ5bu9Y&google_cver=1&google_push=AXcoOmT_Xfm11xytwuYA0kX-a8s9Bk7xSlGgL3h5GpdjitPyyv3o8Lh03ZyxB_HUDzyG3StcVHNv-JvoXc5JKwz3hzR2OyrMvbegJeE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1322
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmSygYC7uVXaNoxGwUBF_6iS7cWdBchVo36Dq_DdsyRxIswTPQMjwft1J-RfwlRAHT2T3q_L_45e...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSygYC7uVXaNoxGwUBF_6iS7cWdBchVo36Dq_DdsyRxIswTPQMjwft1J-RfwlRAHT2T3q_L_4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSygYC7uVXaNoxGwUBF_6iS7cWdBchVo36Dq_DdsyRxIswTPQMjwft1J-RfwlRAHT2T3q_L_45eMrEHYJVr3Xr6GzM3B7szZmmz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSygYC7uVXaNoxGwUBF_6iS7cWdBchVo36Dq_DdsyRxIswTPQMjwft1J-RfwlRAHT2T3q_L_45eMrEHYJVr3Xr6GzM3B7szZmmz
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 1322
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdJXr-SLL9e6pJR2YQfW67BPyOm3WbpSYLiUE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 3FAC
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1333e43ea716bb908af6f9f1e55f751fe41652b41bd5080a1d1f1c204c4a8ef6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame DDD4
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjPOTOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzwFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1-uSDq8Mk6EhSlIwpzGmCqY5rjRQ5VdlaZhe92-kEcHXthdLOAwSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=X5QB6Rp9J5c&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNbfQn2-SYiV18YwWd2QhfwoSHB4phntI6JDBs8rYt-pq-iVXvv8GfbgLi1EgRiLQv15Vofk9PGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame DDD4
0
39 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k2bpzqkkzx6qhsp91v90fhce44h3vzh5529b3jzb28rfrwwb6qd3ra2dhnaayhsyk91nw9e650kt9s20735fvqve3vk9ef95yhszwsswnyzxrkj689ct9jvyspwjj6qqdrtcwxhej8s6ze8nt0fj56d9ny2qy18ka2xx57x3trkdc48k9xm08zqrxp4neaadg109x8s3pk0pqmhh06vncw26km1kb89dx8t97azb24m3mg318151fpnvc28rsmfsncq8hp1vd4tt8kgaf5np62j0my4na078awq0n8bdtsgbgrf7360yp45d24y50e1kg407hjqe6nv1me2fqb5f2mgdxwhew23ydwa5g52twyrhx4hd19xxbwfna2gwg3wgfqfn0339sfwme0&b=ZWAdOgAE5y8Dog7bAAfS9FVJ7rgXPXtdm2qUSw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2597947251&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751391&bpp=12&bdt=940&idt=394&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1523&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=397
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 28A7
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 28A7
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 28A7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 450B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 28A7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 28A7
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSr8pNTIhH5URnp-YaLGwtKtVc9VzsOwkfYUkdTIBStANXSBG9Xf65eAh3EABDpwX_e2zIVry55WN99Qify3S-kqb_z5A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 28A7
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:14 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 28A7
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236399
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 10:09:15 GMT
frame.html
ad4m.at/ Frame 6D99
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774317
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae4f6ea59116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNMOwdy%2FoP3RAUqJ0FlIRt4uVF1Tb6%2FFDJn18gb%2BnFPNuvNsXXFLwFbepKL%2FqcbIYkmd4zFnyyhV6st032bTYVCezqeajR5gmFFx9YLUIjQ3oCzXxqNMS0DjX9KHFMjING0Ya6c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
15918918283360233041
tpc.googlesyndication.com/daca_images/simgad/ Frame 28A7
16 KB
16 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/15918918283360233041?w=300&h=250&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89db90ba811ebed9e4e7f1b0f9ec1e3f4c6b414e05b43b6fab023a4dc3782f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 01:17:53 GMT
x-content-type-options
nosniff
age
9081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16310
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 23:25:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Dec 2023 01:17:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3FAC
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2JLmOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoEzwFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_fut7mRbry5f0pC85D8bRKPl6uJnuuYx7KY82IutEck0dgP9dYDSABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=7kxGsmfAPZE&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNXcGQiZbAEipJ6sFbbLrJzlLWY9bFJb268en1iNB6_tqrxwCIJAbL3j9f4ugWiTEqV9muddF-GAE&cbvp=2&vis=1
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=2749385951&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751451&bpp=1&bdt=1001&idt=344&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280%2C300x250%2C300x250&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=348
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 3FAC
0
39 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j8hcz7q7yxg3mjrv6w1ms40mfgbrbx4pyt6m0szg7yg53tbxhvkzhssqfw5rccfvac3mptxh1p2v5k3g0ejhm79dg5wnb1hxd5gdt50jhnp5yr4710etszs8g6h17dfbpn7263rahy0h3raw2twyqzrb4phjp05hkvbteh9ee7ex09xgtavmkm29zhwhccr2segavamxb3zt4n0qv64a3e36w6j70gjns948gk8tz8tmyqmphbckzp6p25p0v40sky4wxk5ber5v6vr6zrr5r5gqm3g8jnpypwcnn3dawz4w75r971qbbkt6yzfcr9n8gym51423tmww0weg2313v2hnmtyezhtgfdxj47643ke4z0pm914ya0hysdgfbxb9pmd6sjvsdae8sr&b=ZWAdOgAFGo4DogdhAA0PqUwJSMx29h9m5g8J-w&cbvp=2
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rs
ad4m.at/ Frame F31C
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7841767a161e16c74ba1c0a511b6370579266df69a3fa207d955bc502a4dcc

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5V4l%2BqwWr%2FkaFBDmesqux9v1AYzzallkBQ0uV0IrBh6UvjNLMt0quVtALEkID4Z7kPh6ah1Ly92OedpllPlQK%2BNJSQdR6hN%2BNe67KhWWQkshjsoUY1aaQs8clQrf9%2BCPj01Rxk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae4fdfc39219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae4faf9a9219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j5et0%2FbowHLenz2q7PQWQev2SwtrEiN5GS8t1AJeOnqEQmFVWuCo75h5dkpKHocgyK3X%2BZfV8ncuLAF8YedrJYlCSCiBQAZu0IxG8Ln4Gxlev%2FWc19Ljl6bH9E5l36t6CfCZtH8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kr25
rs
ad4m.at/ Frame 5197
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d518aa745e59d7399def706fa5e1b3ca1bb9acdcd5d31518c31f61d27dc758a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06yfC7T4Wj4bpdpcLMVqhOVGkvO%2BW%2FOHPucNVtjtB7yvj0QWCvtCfA%2FfZzXAwRtWYTUEvdOYDJz%2Bkn5GB9HuSFLeaO76YpdXxIKqbpHQAUf9%2BMRIWWVmoacL8v43aHt7XY4ldN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae4fefca9219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae4fbf9c9219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5s1nIJ77m6EuBHPAHgbB0Up6JcixlH6v0YFKRk3yW6EcnpN%2FIZxuPbLgCuLcTOUAZfBeBeHYcIFb49Nf9y0EXOpwAss%2FxmTw4QpQmUyToSNXQ85qF0Imq6mlhZ1fJ64KrqtwNmI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kr25
truncated
/ Frame 28A7
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93d7ac14b726f72c7b7b1d9574f0486ddffc43d365d65cf69550971d6acfdd00

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 450B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEONVUMmrOEgcjCy_BQ5bu9Y&google_cver=1&google_push=AXcoOmQNklv94G_gbRIoUUXVM9RnBRM2_DILRZT_O0HElvtHPpuXGtHDNI...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQNklv94G_gbRIoUUXVM9RnBRM2_DILRZT_O0HElvtHPpuXGtHDNIUs3sEJQKF1wvYi0SbINtqQJbxGbfYah_xynDyXa52L-90&google_hm=UI_6A4PML...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQNklv94G_gbRIoUUXVM9RnBRM2_DILRZT_O0HElvtHPpuXGtHDNIUs3sEJQKF1wvYi0SbINtqQJbxGbfYah_xynDyXa52L-90&google_hm=UI_6A4PMLZ9a0DQBhrB6Uw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmQNklv94G_gbRIoUUXVM9RnBRM2_DILRZT_O0HElvtHPpuXGtHDNIUs3sEJQKF1wvYi0SbINtqQJbxGbfYah_xynDyXa52L-90&google_hm=UI_6A4PMLZ9a0DQBhrB6Uw
pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 450B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmRF1bUIhsob_-i6kgxooZViyWNf4Ot9FeaaOX8O3Wb0WTkm4MsUeX-1dwRonmjknEJDI_9zQ5bL...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRF1bUIhsob_-i6kgxooZViyWNf4Ot9FeaaOX8O3Wb0WTkm4MsUeX-1dwRonmjknEJDI_9zQ5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRF1bUIhsob_-i6kgxooZViyWNf4Ot9FeaaOX8O3Wb0WTkm4MsUeX-1dwRonmjknEJDI_9zQ5bLoJAGEzO6YGELPawNn3XWKH0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRF1bUIhsob_-i6kgxooZViyWNf4Ot9FeaaOX8O3Wb0WTkm4MsUeX-1dwRonmjknEJDI_9zQ5bLoJAGEzO6YGELPawNn3XWKH0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 450B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-vEN_BJcAAdeiYvkKpHeaHxChIibMJ3LbVXc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rar
as.ad4m.at/ad/ Frame A00A
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b3ea36d1d500f5de1750a65a3f9cedfe724ef337523786fedb2eac56fa6c66
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1ghvtts2h0ybny4sfcqbt5263rwgdg34ksp73g2bcspbt9zz5nbn30t3g8jgtzk7c7fqxcxkeb58a9ee1g4kapp9xe3yyet9pqtndfzwe6jrfeb0vhe9rhvwbz9acqjd431n7mr62emxw1kwnkvzh1xc3e36n3e32b1e3ytpapz6y4n74bemha82hkxwdx8wk758w0km3w8t3sxzwdbpdtayy0k3jgh6gj8m6hk48qrx3vbnn3cqdtfg9c5qfkreztk8cdgcnwyh5bzxtcve9akyxmjf8jmzbt7vas5wg2x2pv4b7yzy1ryx6bw8n1s8mc6ddr7b6k54mgyd8g53r4m9wfnkpv7ytb332t114zeqna7chhqjfh5yyn9pwm3a8keg5s090wvf8f93ksdffbqetfjjsptw5k1kvnnk9j3tay0yhdg9ym5ac4ftt4qegtav39wtcg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae505ef79116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 9D6A
13 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6dfd1a863b123c4a61e4598992002fe5dd22d492a74125e0f2c53ad2efec27e
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1j61219tzwxgk3xdd1xrxz05sbghw66mmfwp6c2c9y5vn1zmvas90ge8z9tsv93n60aggnpdwtn1nejzsc5yww8tnd2z0249k3axw6f2w0wh2w272njzhad309te86new1crkn93j5egfq4bxmskw6msh1d0agtchcf5ehs67skfsehdfr030635n06qctkj6b3c24ad0bj9p5t54vb5rkrt7z3xm554cbrtb42hyg9bgm3nw0kvg7rqky6axwhaqj62mtrmkaww5t5y044znthccehfjv54q2s7kk6te8f2qy82fxzqqvahp1kye8yc5ck7139rk4kacndj99n4075q2yjs61gfh10z3q9ky12rfqy33gm8hrsy001vfkd4fe3gaw5jvzk8rvndz64ayf8xhrgjr7t65b79pdq6qx0q152n1d90fpchrfc137pjp7b2qa3098&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae506efb9116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:14 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
/
www.googleadservices.com/pagead/ar-adview/ Frame 28A7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CGxgnOh1gZaiPEtOZiM0P1uy66AbBvr7scr6sx5a0DtnZHhABIKGkxmpgleKQgqAHoAH1mI2LA8gBAakCIIAz_TlMsj6oAwHIA8sEqgTXAU_QWQiujnor3ehzaT41fAp9twAL3KYnBqddZQw...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228993534012767872275%22,%22debug_reporting%22:true,%22destination%22:%22https://capmo.com%22,%22event_report_window%22:%222...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228993534012767872275%22,%22debug_reporting%22:true,%22destination%22:%22https://capmo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22828591221%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229735366185313061121%22}&andc=true
Requested by
Host: horoscope.marumura.com
URL: https://horoscope.marumura.com/
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8993534012767872275","debug_reporting":true,"destination":"https://capmo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["828591221"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"9735366185313061121"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 24 Nov 2023 03:49:15 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8993534012767872275","debug_reporting":true,"destination":"https://capmo.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["828591221"],"4":["11-24"],"6":["true"]},"priority":"500","source_event_id":"9735366185313061121"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 484B
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 17:34:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
555263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 17:34:51 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A00A
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774316
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZdM%2B31oV1M0o5gXxRyvx%2FN1NlVcXvmIsW9sAl7JjdIIkzRpwVXN9sSiyq4U96tiRY8ENyMJScl8gMq4x5FcBAqSP8jPDZSVeuskMJbGzbjVHcQAWo4fIsTOt03KleR3dU%2BoNIF9UJk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae509f099116-FRA
expires
Sat, 25 Nov 2023 03:49:14 GMT
B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
assets.ad4m.at/logo/ Frame A00A
5 KB
5 KB
Image
General
Full URL
https://assets.ad4m.at/logo/B62FFE09B86673D2BFA4F5D5B62840ACABBB5D68277A6CC7FC488887E41CB7AE8C6CC3D5F186CAA1A6711EC0C251982312B5C565DD7A7905BCB44E3633432F8A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
200058
cf-polished
origFmt=png, origSize=5231
alt-svc
h3=":443"; ma=86400
content-length
4680
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 09:43:53 GMT
server
cloudflare
etag
"f16f7910a6ef14de318e485901cfa4a3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tq2DwWlTVKhZaRNo6B46NSGEpo8J71mVRbssMPdYYDnWfBsjSJJchB5LPTuurrO3%2FMGfDsDsF1EtxD7EhEUWFwMjZsEJbGlSUZDqhUntlNyFDFiFXFBgu7biMVPVdebtW7k7oJJeQGt0VfTH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae509f0b9116-FRA
B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
assets.ad4m.at/product_image/ Frame A00A
34 KB
35 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/B7B46C67E32C8811CDC434C085DAC11692C95AC4470651A2A0ED9ED376F6F61F2A60C696B2F96D97291A7B9462A184BB5383BBC9E9ECDB66ACD89DA815902BC8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71340
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
35068
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 08:00:13 GMT
server
cloudflare
etag
"b517cdc8d5c29fc9ccb387e83f875610"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tpSjUvCQmBShzSVMA%2Fs6Bo0xsNe7svYzVADHfph2OmmWQSg2%2F7oiaRkj85EAiaORUkvyx%2BzT0wlmGxFZ3qaYP14lzQvgGi77N%2Fz0HzzE0%2FpC0uEGOs95JbjRKVjLawF3AJAKh1W8NETOOhE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae509f0d9116-FRA
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame A00A
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190950
cf-polished
qual=85, origFmt=jpeg, origSize=12951
alt-svc
h3=":443"; ma=86400
content-length
7758
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Oct 2023 22:22:01 GMT
server
cloudflare
etag
"12e3523b35b31c7ddfe7c77dcdb14a34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znOi38lDmCmHULihaGl79%2F3FaIhb1Z0qbJNtd%2BmQCBHbsmTcajmlowbIlAePLAo%2BqQa3UuD46BNafmiOHj4Z5n2g7FszaI6n8aP4uQFlErDqQBGYjofeuoTlVOoRVfrcjtaTkVLo0IRpEI9a"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae509f0e9116-FRA
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame A00A
14 KB
14 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0354c512fe9ac534670f42761c954a5cb683ae7a1c74b6e93e866113cc76863

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190224
cf-polished
qual=85, origFmt=jpeg, origSize=16323
alt-svc
h3=":443"; ma=86400
content-length
13986
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 11:42:12 GMT
server
cloudflare
etag
"2bec681a82cced862b1f711ea5cf61b5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pl90fM7XQ7atia%2B9dE%2BJb4L3aI65VYk305ID15QDCltZqL07hzsqTHtCVFc6ESTUf4pyitW6OSmee5efYD2uKGQh7tE%2BuN2UkLVIk%2B%2Be%2FTjA%2FdjK93l81Cc%2BPtXtTOGC%2Bd7Bnf0CU9%2F8cWDc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae509f0f9116-FRA
/
partner.o2online.de/a/ Frame A00A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJWEm7Dd24IDFXSR_QcdAQQKfg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite...
49 B
1 KB
Image
General
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 03:49:15 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023112404491590772424943X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Fri, 24 Nov 2023 03:49:15 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame A00A
7 KB
7 KB
Image
General
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190918
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZJeBrvpMQMhhhgLij4GTOBjyRU1Vi7c6rU0njNmrBZRaUkZh5iBxirebPo7%2B6LPIBsASaogUSAKh7yU3%2F1ZpjCNVVa%2FFirLrFcJKjG0Zc4CZpisctRzLy6mWYnnTZzQYjs1%2BEfDXPYyrZoQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae509f109116-FRA
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame A00A
30 KB
30 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d5734555f36812cefe3ea85714d1ccaebb39a42f9452af15264e5677631df1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
156753
cf-polished
qual=85, origFmt=jpeg, origSize=32740
alt-svc
h3=":443"; ma=86400
content-length
30322
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Nov 2023 08:16:40 GMT
server
cloudflare
etag
"26fbd4bf7557a21892931002dde7fe41"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66hysPTxPy8tbi3ATQUSNGB%2BjajFINM9G%2BSkEfZI0OP8fryJ5O1mX4fl8ywoDUI%2B17IoVqsG2W0ITJLE6y3fD%2Fov%2Bm%2BJUa%2BZ%2BCVetGz3dE49mPuo%2Fv9mnQBmYDC0wWl47Nxho2MnF0dWi34l"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae509f119116-FRA
ztpv.php
www.conrad.de/ Frame A00A
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBXoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1700797755_6fbb7cc0-8a7c-11ee-b3f6-2239b4908fbf&insert=AW&&gdpr=0&gdpr_consent=
0
493 B
Image
General
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1700797755_6fbb7cc0-8a7c-11ee-b3f6-2239b4908fbf&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
82aeae5178a137e3-FRA
content-length
0
expires
-1

Redirect headers

Date
Fri, 24 Nov 2023 03:49:15 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1700797755_6fbb7cc0-8a7c-11ee-b3f6-2239b4908fbf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 9D6A
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774316
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lq57yHjLR13W4HNv6IRmVyu2YiVOvwTfV13aJjdcgBAvLS4wQi5DOt0rob5d9PzU6z5sEiD%2By5SJcPrc3vkJ6ridL%2BzmC%2Fkmzta9ypOUNOFiz3Ce97kTOLh46RXbAavSaQjfw1ZgGcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae50af159116-FRA
expires
Sat, 25 Nov 2023 03:49:14 GMT
AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame 9D6A
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
194859
cf-polished
qual=85, origFmt=jpeg, origSize=10446
alt-svc
h3=":443"; ma=86400
content-length
7728
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Nov 2023 16:41:23 GMT
server
cloudflare
etag
"bddcb815cd8abad672404f9cdec6f97c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vuuULSVMT5IBvW2r%2BKJBXHy5DdQt6ub1N%2BhoER7VD5sSx3bkiuSASJUidvdl5gJwCH7As%2FDDSrr8Pjt0xQpe5LfePz3GMTSmowzHyYy%2BSbbuXMfYX62zWvOM%2FGhZ9WAmcflhE8X8c00D88A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae50af169116-FRA
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 9D6A
11 KB
12 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197604
cf-polished
qual=85, origFmt=jpeg, origSize=13532
alt-svc
h3=":443"; ma=86400
content-length
11268
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Nov 2023 22:13:51 GMT
server
cloudflare
etag
"d9fd29c7a268fd485230a60f0d2e0192"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w16kZOXoQoRebJIL1QVKwtsQMqkXXyDQ0Dlzf2SnDo5HcZXgGLir5BWHJaQfq8jrWACP%2FDmcUwhtQEpRL1dGqnbT8Ue4Yq4MiQUJBm71qIy84850asTxiKWbw2f%2Bc0I8tUVKlykd0QuZx2H4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae50af179116-FRA
F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 9D6A
9 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192631
cf-polished
qual=85, origFmt=jpeg, origSize=13332
alt-svc
h3=":443"; ma=86400
content-length
9604
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Nov 2023 17:02:02 GMT
server
cloudflare
etag
"23e86ef8ba51d351917574e3e8d33ca5"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JujNTrosjEgASxaBqJRZLQ9z1EJlb8s%2BdLnEnWljh0PPYp57E85MrtWpW%2B0v75SO6F7Q7hzUsVrSPAErpiXYfC8WX36knnixMDWMxcUyNyHlLQ1V9ee8DHrSBYOn1d73dW9F%2Bshmo%2BnxCRjt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae50af189116-FRA
BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame 9D6A
28 KB
29 KB
Image
General
Full URL
https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
71443
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28954
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 07:58:31 GMT
server
cloudflare
etag
"85b2952dc2f72512aefd9f8454909e82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX61Hi5PzZLPL10T1Sl0RIxcOcQ7oG6FPNFTykRcmy9ifcJRaX5QOHg3RKDBtwKwz3YOyRSijkQLjgkjxj5b60EO3j3Z4nKj14HE6zQYMJ%2FBN56y5k3gXe80FCNBsMrnXKn6WKo%2B26wUsjer"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae50af199116-FRA
/
banner.congstar.de/cookie/ Frame 9D6A
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIaIm7Dd24IDFVco4Aodz0sHNQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYGoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1700797755_6fd9b320-8a7c-11ee-b3f6-2239b4908fbf
0
549 B
Image
General
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1700797755_6fd9b320-8a7c-11ee-b3f6-2239b4908fbf
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
km36617.keymachine.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:14 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Fri, 24 Nov 2023 03:49:15 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1700797755_6fd9b320-8a7c-11ee-b3f6-2239b4908fbf
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame 9D6A
10 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190919
cf-polished
origFmt=png, origSize=10653
alt-svc
h3=":443"; ma=86400
content-length
9924
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 11:11:38 GMT
server
cloudflare
etag
"ca1cf24fc82b7541b262f0d4b15a8100"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkWhK%2BUzfCfIoXO0sIW5d3VINCbclIWaNpdHqx2%2B1uuzUfo%2B9iSZgTlhtMZ%2FTJVeBITVEd5YKvrdxWcm7%2BHyIt2THJfbA8eYxDEYvpC8WHV3P%2B%2BReay5YsOtjaOlpngkzBeIdqDPsIDT8JxA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae50af1a9116-FRA
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 9D6A
28 KB
28 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
782960
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28452
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:32 GMT
server
cloudflare
etag
"ad60aab65075d58e4390c75c7ea7b04e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0mpNf3sRtDikBDbND%2B6j3GfJ3T0ceHA3AqxTN6ZC5UYfLjF9NVsDMYQZ9KypK1dhNdYYCSjIYI6SiClUl9PzAswghspwNZcplEMxQVhGtHKJHT8%2FJNiBUDy%2B6JJMr1vi%2FMFhsti4V78FIM1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae50af1b9116-FRA
link.html
track.webgains.com/ Frame A00A
2 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h668zswqp715t7nsk2sz68ktvpa3s63d4y5v8f70681fngachp2xxhknpa5t7pwzktakra9b4z7fr6295pkr77kj913ddrd0hn755yd38hygacf11jfcyy75cpehzc384n29xwknhzhtspp2wkphcx0fq9yf4hn1q0qgeev8bp92jp6e8h98mzn2z2p8kq4enk2vwy886gxjqs7cp484z3k2x0py0a3wq872hfe3n9zjd3xa58w0djm9f059r786f32r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%252526client%25253Dca-pub-9709291217657452%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.85.236 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-85-236.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
45dc509eada8751cd1e902f5df9e27627f4a4b08cc187ea24c7b9232b096c7b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
last-modified
Fri, 24 Nov 2023 03:49:15 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Fri, 24 Nov 2023 03:50:15 GMT
f5bfe45bb2
tm.simptrack.com/tm/a/channel/tracker/ Frame 8C71
44 B
939 B
Document
General
Full URL
https://tm.simptrack.com/tm/a/channel/tracker/f5bfe45bb2?pub=ad4mat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.9.97.176 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.176.97.9.5.clients.your-server.de
Software
nginx /
Resource Hash
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
44
Content-Type
image/gif
Date
Fri, 24 Nov 2023 03:49:15 GMT
Expires
0
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
nginx
link.html
track.webgains.com/ Frame 9D6A
0
0
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnpz4kqmrpvjf4tsnt399s2pmhxcdjq37q47xv85b3bq0g5bt37dbhh3mmgj7b7k2m8m1awa2s5bnkam74yz4acrk47c1t8qq51456rjja4z3bvbmde0q96rq6s4zm0zeat88qrpat0tbvpprswekf08gsh0848skfsdprt8smedmxnd52p3y9k742am3r39e96ay4pnyad3zgwtpzrq75cx1vs8ch36zbx7mv384wpcex146skdtv3cyj6ttyd79wg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%252526client%25253Dca-pub-9709291217657452%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.85.236 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-85-236.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
server
awselb/2.0
content-length
45
content-type
text/html
link.html
track.webgains.com/ Frame 9D6A
0
0
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C196438%2C183975&b=3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3%2C61wtef3fMW9daeHmHYtkt5kmtYS1T33PTERYG%2CZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jB&f=WPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W%2CXr8CzfrfK7MjU6H4Het1CxXpUQSkT55gfz3P6%2C9kMaMfmfdxAeTKHBH2tzCrAPh9SmTzzmSrbBX&c=300&d=250&e=&g=a78e07dfb2c2f2bd1a55778491b32f41%2F6642622237178652420&i=71725%2C25174%2C20597&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754884&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.85.236 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-85-236.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
server
awselb/2.0
content-length
45
content-type
text/html
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228993534012767872275%22,%22debug_reporting%22:true,%22destination%22:%22https://capmo.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22828591221%22],%224%22:[%2211-24%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229735366185313061121%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pvClk.min.js
analytics.webgains.io/ Frame A00A
53 KB
19 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3766871&wgcampaignid=1384975&wgprogramid=287405&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h668zswqp715t7nsk2sz68ktvpa3s63d4y5v8f70681fngachp2xxhknpa5t7pwzktakra9b4z7fr6295pkr77kj913ddrd0hn755yd38hygacf11jfcyy75cpehzc384n29xwknhzhtspp2wkphcx0fq9yf4hn1q0qgeev8bp92jp6e8h98mzn2z2p8kq4enk2vwy886gxjqs7cp484z3k2x0py0a3wq872hfe3n9zjd3xa58w0djm9f059r786f32r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%252526client%25253Dca-pub-9709291217657452%252526adurl%25253D&clickref=oneid41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vwoneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keboneid__suite_Netmix_Reach121_BESTPERFORMER
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 16:26:49 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2023 16:26:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
40947
etag
W/"1180a1bfee0aad979766ecd6180b923e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
2kPt3Jo-tbioDycFfk2erIdkV8yfp66cak_RnS3Y-5P2qcict6intw==
1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg
cdn.track.production.webgains.team/287405/ Frame A00A
55 KB
56 KB
Image
General
Full URL
https://cdn.track.production.webgains.team/287405/1630077001_jF1b8Jfj1B39nVsMmTxKrB0cNJRh2QB8.jpg?Expires=1700798055&Signature=RYpDA-RBSma9eSSRBRIscu92gAAgWM1x06tkbaT61For06LxjAJhtD7DmL0hFLO9jvKyIZJ9wbhNTLb5yv2ulNKyLJk9ny~04GAqhv~0zzAzowkDRHj7M2l834NEirM7DMj0B2S6xCvm8RdcXYiThb93-R7K2oNT0IJWqe24UEw9DMHYlUxatFNP7wQgvk2JVBlZfCrjPuMu-gO5YI0WaO9rVsZVHs4KHjKfX0CKutWOXE6qQ3hcRRzHlI~UuD-SA3ysnM8O~USli1J7kuGm9gb5lFmtvx4TLv2YVHT8aWJ3WTnTu9xSEiuwEzJIxeEvv2SYXdqvkC~LJYoqf0n5Lg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=182475%2C22925%2C322829&b=2Rxu6fqfjGDmcVHWHkt8t2JVVsxS7TggJu5keb%2CkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C9kMaMfmf75g3HKHBH2t7trDKC9SmTzzmSrbBX&f=41BtEf5fAd2MSGH9HdtzCMXEEtbSpT773f31Vw%2CzGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2C1QYtbfKf3GkKT9HdH9tpC239s2SKTGG8Sx7XQ&c=300&d=250&e=&g=851985875625a0071d11e7895971f67b%2F17414198456394671709&i=65760%2C20774%2C21596&j=21%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1700797754874&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h8kgp2b1fzcrdc9svp5bngxm7hherkzbr17kwxxaxwqaa3fzf5fbjz7chhen5s397tn84papandfakpx871ae0x3kknyqmgqj9ywnc45x2w0xjpq6ttt0zz6wgyfac4esgwsqe8nw25yybes9waf9vxw3k7bz7ygd6y5wj1c2v50r68g9b4rq7rgnc20d1njv7vhrzgvy8kthcdamz41zzc6c9r17nwmb20ez2dv0fn9ffxtsx45vdk8b20rsepcb9fhky0nzwvfd6n6dztbtqy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCm_cvOh1gZa_OE9udiM0P9KWfwAuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0gFP0DFJaqMT_zne6aTxMAHx-1Ize_HSXXAy-X3HgciiZyElsXijErL-l22YrnZRpKc5a-NRmQbYMsDY_X4QplQLIwy11jpzObKfIr-PWuIOI40KtsN0iGXiENUgSA-VqNUfPDs69nt2W2oVVNYq9wH4u34PvOi_NI29soBwzbd6M2qIgcGngegmQrfP3dvIiEXOhcPgTlYD-RwTpSsX4lj9UcPHT0Wrd8h1uOaiORTdbwiaE8S_FiAQW7d_h7kze8GH5tX0SRGQbln1UA5RQ8wOegGABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1XwFmKQa39P-hSCZezZCtiY7hlUA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-36.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
null
date
Thu, 23 Nov 2023 15:32:31 GMT
via
1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:42:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
44205
etag
"4e56b45a1411ee8d71fc40bc011df5b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
56674
x-amz-cf-id
gfo-fJNYNlKwjMS9GSXkqqF7TJUIB9oVemd3QgHaNXXO336K_0ddGw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C09D
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ed7bbe0f7534d7be667cc1a7e7298aeab204090fc0606d87d0bc86e0bfdc764
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31562
x-xss-protection
0
server
cafe
etag
933 / 19685 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:15 GMT
prebid_2023_8_15_7_52_11.js
anymind360.com/js/6621/ Frame C09D
301 KB
95 KB
Script
General
Full URL
https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70f5afae2896e4f0428eaaa8b95691bef9b84851a34de854b12f5205a123f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 04 Oct 2023 16:08:53 GMT
date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
2674732
x-guploader-uploadid
ADPycdt4JmOgxg6p11J3aZJO15MoE2tZp5cDSmikpRQzLfU6iueAizdZ4lzZjQzwrzsd-PKLo94
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
96646
x-served-by
cache-tyo11959-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797755.225289,VS0,VE0
etag
"7c3d582f641391d2eafe31b502454859"
vary
Accept-Encoding
x-goog-generation
1692085963456049
x-goog-hash
crc32c=K30Atg==, md5=fD1YL2QTkdLq/jG1AkVIWQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
96646
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
2, 2
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame C09D
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
401683e74cfc3026e6f417130a9efd43f4381d7fb37faa71f037132462b94d6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138529
x-xss-protection
0
server
cafe
etag
8020688087669166093
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:15 GMT
fbevents.js
connect.facebook.net/en_US/ Frame C09D
202 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 03:49:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
og3GIsvYEydM5eLy4PD2RVrXhnnCpaHiH6JfOi+z9bCQods1GuXFzx7CL8/AewaoRjtNpImnpGezoUXEBfbEug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame C09D
112 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS8VMC8
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f791f62920f18fda3fd609e00303fbf575836812b561a05fb7d230a189127f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44346
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Nov 2023 03:49:15 GMT
icons.ttf
www.marumura.com/wp-content/themes/authentic/css/fonts/ Frame C09D
15 KB
9 KB
Font
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/fonts/icons.ttf
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-ttf
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
www.marumura.com/wp-content/fonts/roboto-condensed/ Frame C09D
19 KB
20 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d448991d15499edecfb0ad39bf668320897c3dba15c73aa6e13fbe6356569183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Oct 2023 15:08:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame C09D
15 KB
15 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
899651971d6c75117d28df0030f881b94f93c8b0540364cc3d569cd3c8195010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ico_travel.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame C09D
11 KB
11 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_travel.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f8534d93da83a0fbbb300cbc00cca18d6a3f08925c51a073ba90bc48542147a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_lifestyle.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame C09D
19 KB
19 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_lifestyle.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b1a4765c4086ab9a52000087ffb5f15b35b51394467987a50040e7e43b6c89a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_foods.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame C09D
18 KB
17 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_foods.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7f7337abd33251d4467aa6cb7244c1a3b5cbf90efcf474f9383479fa4fcc6d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_item.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame C09D
1 KB
771 B
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_item.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48c98e8609af4dbef60b052a9e7f468721bae298b23325ae7f9a99a7707d38d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
nKKZ-Go6G5tXcraVGwaKd6xB.woff
www.marumura.com/wp-content/fonts/kanit/ Frame C09D
13 KB
14 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKZ-Go6G5tXcraVGwaKd6xB.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
de702bd87ba6644b1e1079ebe74385a9f1ca64ecc82b79a4888e8af5533a540a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr4uPhWnVadrNlJz.woff
www.marumura.com/wp-content/fonts/kanit/ Frame C09D
13 KB
13 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr4uPhWnVadrNlJz.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c8d72610219d3200ba9ffc11cad1dc796ef68ebe94d7f75d50c41e063a22d2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame C09D
12 KB
12 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4fb031caa17064d63bad6a66b503a2af1e73a3266b226056302f2447070d79e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
powerkit-icons.woff
www.marumura.com/wp-content/plugins/powerkit/assets/fonts/ Frame C09D
26 KB
17 KB
Font
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
84bcb397ee8fb28950639b02674337575578302143c9d6f1bfc6c6fb2584c4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
www.marumura.com/wp-content/fonts/kanit/ Frame C09D
13 KB
14 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7470a14b8058cb8e35ae75127e935c4036071fb9aa0422351830c9bec6b2764d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKZ-Go6G5tXcraBGwaKd6xBDFs.woff
www.marumura.com/wp-content/fonts/kanit/ Frame C09D
9 KB
9 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKZ-Go6G5tXcraBGwaKd6xBDFs.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
61b770106aa1fa33606ec43fe30c388740ee75176f2482403a48d55ce3a3163a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aBVJmXYO5gg.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame C09D
14 KB
15 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aBVJmXYO5gg.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f99faedbb1ca9dbf0c9261bc88c42afdcab10f792bd42873638d67f4930aada9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
/
travel.marumura.com/ Frame 80BF
311 KB
26 KB
Document
General
Full URL
https://travel.marumura.com/
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fff2fb3fd30933844b8bfa78287698b8cd361b49a9ffc4cb5af8f1b9528c8694

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://travel.marumura.com/wp-json/>; rel="https://api.w.org/", <https://travel.marumura.com/wp-json/wp/v2/pages/5298>; rel="alternate"; type="application/json", <https://travel.marumura.com/5298>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame C09D
12 KB
12 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
16614edb31cb210f98c4980e88e9461887b094d09ab3809d1d2587de1fc5c8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
1429288180769098
connect.facebook.net/signals/config/ Frame C09D
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1429288180769098?v=2.9.138&r=stable&domain=horoscope.marumura.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45169a0288f8652815bbffc2f599b8c93686fdaa4aaed19484dc59e639fe3768
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 03:49:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35378
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5flsrM5kO/OX8NoK5mpVwi77w36FKsuQi6Oh7ge/uxs9zwrqRRKLkAWp+rbaLEVu66UqqA8T0+8lrmNvz/Aptw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame C09D
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ab2c8d9c0c46308aa10c728c149c59e7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae87f41773c5bbe6c60bd0450288e260f1a41918b458f0cd808b4534ad852df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:15 GMT
content-md5
J4OdNz2fkvFxXNShu8ds2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88329
reporting-endpoints
x-fb-debug
xa3so93hkPXc4A3QDLFIRc7/nrHPT76mxXNk9yysLX50/eMt3sFZiq/5CO6OTu4sHwmLbWldzSUZGzvUyYtYWA==
x-fb-content-md5
175299b5af26fd20765aaa79d5ccdeff
cross-origin-opener-policy
same-origin-allow-popups
etag
"a40153204555e07e227d4ff5b7d8434d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Nov 2024 03:15:10 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame C09D
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42507
x-jsd-version
1.0.1882
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63a-NecRQpEq1uzv2Kl3Q8ftGEfSD4M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnL0eEVa%2BFxXfTkhZWn2%2F8OoylfXT%2FZtjpX%2BXj%2FvIOp509UrblGtcvE7n%2BxSrfS8CS0j5WFin3RgP7fQ4n5TK5X1YORrTx7gxhFO%2BvdePxkaZATHGq9x2JHIMksph%2BTuN3PYbdH%2B2hAA72k%2FHiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aeae52cf8e1cc7-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame C09D
429 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15320
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:33:55 GMT
js
www.googletagmanager.com/gtag/ Frame C09D
261 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82f531329d8b0484de8ba498b0bd4721a56b1d027cd458b1844ed3e311cad0a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:15 GMT
analytics.js
www.google-analytics.com/ Frame C09D
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7177
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 03:49:38 GMT
/
www.facebook.com/tr/ Frame C09D
0
54 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1429288180769098&ev=PageView&dl=https%3A%2F%2Fwww.marumura.com%2F&rl=https%3A%2F%2Fhoroscope.marumura.com%2F&if=true&ts=1700797755366&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700797753774.1010096808&ler=other&it=1700797755306&coo=false&rqm=GET
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Nov 2023 03:49:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6CA4
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=2751417942&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755206&bpp=20&bdt=694&idt=206&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=8649921826522&frm=24&ife=1&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&fsapi=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.4mcwvvrkrbvt&fsb=1&dtd=229
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C1F7
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86d1b8c1e0d30b5918ce369f46fdb1c7cd529cc823e443b961cdda9c9b73e53c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16005
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F74
48 KB
19 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5aef1c4b0aa0f759f69bc46b35fee7f2a3b76ac3a1ca96a6cd6783c9dad9bcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
19487
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D7D6
47 KB
17 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b5a790ef0b83866efa52124df594365620855b0644e98e0959641949929439e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
17145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:16 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ Frame C09D
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1074123748&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marumura.com%2F&dr=https%3A%2F%2Fhoroscope.marumura.com%2F&ul=en-us&de=UTF-8&dt=Marumura&sd=24-bit&sr=1600x1200&vp=300x528&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1893264436.1700797752&tid=UA-126552441-1&_gid=2113727439.1700797752&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1899138144
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 16:54:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39300
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C09D
407 B
186 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3959149614437505&correlator=1399824287988040&eid=31079631%2C31078017%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_ImageAd&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&cdm=www.marumura.com&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&abxe=1&dt=1700797755666&lmt=1700797755&adxs=0&adys=10530&biw=-12245933&bih=-12245933&isw=300&ish=528&scr_x=-12245933&scr_y=-12245933&ucis=dw7apzrngahs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.marumura.com%2F&ref=https%3A%2F%2Fhoroscope.marumura.com%2F&top=https%3A%2F%2Fhoroscope.marumura.com%2F&vis=1&psz=300x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=true&dlt=1700797754512&idt=1011&cust_params=url%3D%252F%26ref%3Dhoroscope.marumura.com&adks=2177692981&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67ad993e9f3b230407136f790bc677d05874eb2bcd39e8658bf9ce4a128485da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C09D
448 B
206 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3959149614437505&correlator=1399824287988040&eid=31079631%2C31078017%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_article_right_300x600%2C160x600%2C120x600%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&sc=1&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&cdm=www.marumura.com&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&abxe=1&dt=1700797755670&lmt=1700797755&adxs=20&adys=9538&biw=-12245933&bih=-12245933&isw=300&ish=528&scr_x=-12245933&scr_y=-12245933&ucis=3gdh2yxjfbgo&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.marumura.com%2F&ref=https%3A%2F%2Fhoroscope.marumura.com%2F&top=https%3A%2F%2Fhoroscope.marumura.com%2F&vis=1&psz=260x0&msz=260x0&fws=260&ohw=300&ea=0&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=true&dlt=1700797754512&idt=1011&cust_params=url%3D%252F%26ref%3Dhoroscope.marumura.com&adks=2240944414&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0fc7f7bf734c61b8e92ae4b2a424e309098ae38af61d0d8462a26d56479b39c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8757e24f1ddcc22b19dc72e979cfba96.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 27B2
6 KB
3 KB
Document
General
Full URL
https://8757e24f1ddcc22b19dc72e979cfba96.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:15 GMT
expires
Sat, 23 Nov 2024 03:49:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame C09D
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&ver=3.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:55:04 GMT
/
www.marumura.com/ Frame C09D
67 B
317 B
XHR
General
Full URL
https://www.marumura.com/?essb_counter_cache=rebuild
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d013485466894b4287d47b52869bef2ba059e2720d7cf2b33eee65dc5737cc48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
br
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:16 GMT
server
nginx
tracking-event
api.webgains.io/ Frame A00A
16 B
209 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.173.249 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-173-249.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
powerkit.css
travel.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame 80BF
25 KB
5 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
travel.marumura.com/wp-includes/css/dist/block-library/ Frame 80BF
107 KB
13 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
posts-sidebar.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
4 KB
862 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
527086ffd8aa5bdb2b00dd5be1b15e7d0d282ec26955944b49fe40dc21a7c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
twitter-slider.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
1006 B
378 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7e5fab99472dc83e9e5bcd23c18083cb02c196b5a9724b4a78d8e44b6ec40e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
tiles.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
4 KB
711 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d0fd465e6448ac9eac534b1e2b4a3db8452a384b95b1f2c8133a07ee3754976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
horizontal-tiles.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
4 KB
713 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e9eb0dfb3e114bd11eaa4cbe8a05836cee318b60cca12c94c3b0d3f5f2bfd8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
full.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
4 KB
735 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
77e62403c5cf03c97081a20ccba81971391e554663c76f39b323a2e6045958c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
slider.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
13 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b396a226099848f402ef5695b662acc20430fddd59d405586e1afb3b8d95c0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
carousel.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
3 KB
561 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cbf736f12d658470e6926d309bc0b77d6f2d48f3412f7659aca07a96f5f90897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wide.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
20 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4ace7cb9bf8a3cd67c5d43ab6b1e29e5733b05fd71babbe32d9230d8d1e7b720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
narrow.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 80BF
9 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37be9771bb7032cccd856084f2489bdd36728c670ab8fec9b459615911cbb2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
styles.css
travel.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame 80BF
3 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:39 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
travel.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame 80BF
2 KB
683 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame 80BF
21 KB
3 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
travel.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame 80BF
1 KB
571 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
travel.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame 80BF
9 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
travel.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame 80BF
3 KB
842 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
travel.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame 80BF
477 B
363 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
travel.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame 80BF
5 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
travel.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame 80BF
4 KB
909 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
travel.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame 80BF
5 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame 80BF
3 KB
824 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 80BF
13 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 80BF
1 KB
641 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame 80BF
3 KB
813 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame 80BF
0
0

public-powerkit-share-buttons.css
travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame 80BF
0
0

public-powerkit-social-links.css
travel.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame 80BF
0
0

public-powerkit-table-of-contents.css
travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame 80BF
0
0

public-powerkit-twitter.css
travel.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame 80BF
0
0

public-powerkit-widget-about.css
travel.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame 80BF
0
0

front-flex.min.css
travel.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame 80BF
0
0

frontend.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame 80BF
0
0

flatpickr.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 80BF
0
0

select2.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 80BF
0
0

wpcf7-redirect-frontend.min.css
travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame 80BF
316 B
272 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:18:45 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
if-menu-site.css
travel.marumura.com/wp-content/plugins/if-menu/assets/ Frame 80BF
0
0

style.css
travel.marumura.com/wp-content/themes/authentic/ Frame 80BF
0
0

essb-native-skinned.min.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 80BF
0
0

subscribe-forms.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 80BF
0
0

click-to-tweet.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 80BF
0
0

essb-animations.min.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 80BF
0
0

easy-social-share-buttons.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 80BF
0
0

legacy-features.css
travel.marumura.com/wp-content/themes/authentic/css/ Frame 80BF
0
0

jquery.min.js
travel.marumura.com/wp-includes/js/jquery/ Frame 80BF
0
0

jquery-migrate.min.js
travel.marumura.com/wp-includes/js/jquery/ Frame 80BF
0
0

flatpickr.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 80BF
0
0

select2.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 80BF
0
0

js
www.googletagmanager.com/gtag/ Frame 80BF
0
0

atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame 80BF
0
0

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 80BF
0
0

ats.js
anymind360.com/js/6621/ Frame 80BF
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51206
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797756.097583,VS0,VE0
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 3
logo_marumura_b2.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 80BF
0
0

logo_marumura_b.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 80BF
0
0

logo_marumura_w.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 80BF
0
0

Kintetsu-Yunoyama-Onsen-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

Jewerium-Enoshima-Aquarium-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

Umekoji-Potel-Kyoto-_cover-320x180.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

Tattoo-Get-in-Tokyo-Onsen_cover-300x225.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 80BF
0
0

Asuke-Toyota-City2_cover-320x169.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 80BF
0
0

Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-272x182.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 80BF
0
0

Aoniyoshi-Sightseeing-Train-16.25.29-cover-320x178.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 80BF
0
0

Sabataro-Rest-Fukuoka-cover-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 80BF
0
0

Kamiseya-Park-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 80BF
0
0

Ibaraki-Praying-Destination-cover-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 80BF
0
0

Kamiseya-Park-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 80BF
0
0

Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/06/ Frame 80BF
0
0

Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 80BF
0
0

Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 80BF
0
0

disney-resort-line-40th-Anniversary-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 80BF
0
0

Namco-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 80BF
0
0

Kansai-by-JR-West-2023_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 80BF
0
0

Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 80BF
0
0

USJ-Magical-Creatures-Encounter-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 80BF
0
0

Kansai-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 80BF
0
0

Tokyo-Dome-City-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 80BF
0
0

Centara-Grand-Hotel-Osaka-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 80BF
0
0

5-Fashion-Museum-cover-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 80BF
0
0

Hiraoka-Jugyo-Center-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 80BF
0
0

West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 80BF
0
0

Onuma-Quasi-Autumn-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 80BF
0
0

West-Hokkaido-Autumn-1-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/11/ Frame 80BF
0
0

Sapporo-Snow_-Festival_-2023-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/09/ Frame 80BF
0
0

Dragon-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/08/ Frame 80BF
0
0

Tohoku-Winter-FAM-4_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 80BF
0
0

Tohoku-Winter-FAM-3_cover-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 80BF
0
0

Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 80BF
0
0

Fukuoka-Cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 80BF
0
0

Hita-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 80BF
0
0

more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

flower-pickle-jp-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

Mu-Room-Ride-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

Japan-Kid-First-Hair-Cut_cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 80BF
0
0

sdk.js
connect.facebook.net/en_US/ Frame 80BF
0
0

jquery.adrotate.dyngroup.js
travel.marumura.com/wp-content/plugins/adrotate/library/ Frame 80BF
0
0

jquery.adrotate.clicktracker.js
travel.marumura.com/wp-content/plugins/adrotate/library/ Frame 80BF
0
0

index.js
travel.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame 80BF
0
0

index.js
travel.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame 80BF
0
0

public-powerkit-basic-elements.js
travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame 80BF
0
0

jquery.justifiedGallery.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 80BF
0
0

public-powerkit-justified-gallery.js
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 80BF
0
0

imagesloaded.min.js
travel.marumura.com/wp-includes/js/ Frame 80BF
0
0

glightbox.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 80BF
0
0

public-powerkit-lightbox.js
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 80BF
0
0

public-powerkit-opt-in-forms.js
travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame 80BF
0
0

public-powerkit-scroll-to-top.js
travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame 80BF
0
0

public-powerkit-share-buttons.js
travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame 80BF
0
0

flickity.pkgd.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame 80BF
0
0

public-powerkit-table-of-contents.js
travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame 80BF
0
0

frontend.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame 80BF
0
0

wpcf7r-fe.js
travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame 80BF
0
0

owl.carousel.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

colcade.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

ofi.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

jarallax.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

jarallax-video.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

scripts.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

pinterest-pro.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 80BF
0
0

subscribe-forms.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 80BF
0
0

essb-core.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/ Frame 80BF
0
0

legacy-features.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 80BF
0
0

all.js
connect.facebook.net/en_US/ Frame 80BF
0
0

Japan-Kid-First-Hair-Cut_cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
102 KB
103 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Japan-Kid-First-Hair-Cut_cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f7bdecdeda339322bd199bffc3fdc663978cb35dbfd71aa0e85242e9738bc738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 22 Nov 2023 11:42:16 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
flower-pickle-jp-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
125 KB
125 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/flower-pickle-jp-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9ff9bceecc62c12f376d057d9cab274b4da9d432eeed5d8124d2358a86ad0a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 13:11:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Weather-data-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
12 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Weather-data-1-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9390bf8083e94d79e8b48de08246a3cfdc4bf9743981e2e8cd211787d1927fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 20 Nov 2023 11:41:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Karate-Shokoshi-Kohinata-Minoru-cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
101 KB
101 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Karate-Shokoshi-Kohinata-Minoru-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fac05f4207766967ab1561dd00f69871a24b81b990347e1442e3f5a206133846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 Nov 2023 10:54:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
YOT-WATCH-from-toy-cover2-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
7 KB
7 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/YOT-WATCH-from-toy-cover2-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
75445a8bddddae24ebfb1ea245f4f535160ca58717d3f0f7fd46c695355204d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:12:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Stair-Case-Photo-in-Japan-20.06.05-cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
75 KB
76 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Stair-Case-Photo-in-Japan-20.06.05-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a09240e461a873a767cf5cee39d63c98fcd7b759d0e9a12dba8fe9c5b3064eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Nov 2023 14:06:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Left-Side-Driving-Japan-09.54.12-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
35 KB
35 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Left-Side-Driving-Japan-09.54.12-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
398056776f6271ff4c2c3c57357542127d748bfe723576d269141da41b838e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 13 Nov 2023 12:44:12 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
icon-1-1-320x240.gif
www.marumura.com/wp-content/uploads/2018/06/ Frame C09D
75 KB
73 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2018/06/icon-1-1-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2424467a9c7819732eec4e42c82aadec3f0d8bc572d6e9b174d5488cdcaa3937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:46:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
Teru-teru-bozu-1-320x240.jpg
www.marumura.com/wp-content/uploads/2020/08/ Frame C09D
21 KB
18 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2020/08/Teru-teru-bozu-1-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ec94109bcae1ee6e05d555f638348b1750d02d9cbbcf7c806d87204679eee862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 11 Aug 2020 02:17:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Omamori_icon-320x240.gif
www.marumura.com/wp-content/uploads/2015/11/ Frame C09D
51 KB
51 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2015/11/Omamori_icon-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d567162995592e5fd60a0228f5b72c31e1d7a08d9ee2ab364543951ba22bc42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:51:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
icon-1-7-320x240.jpg
www.marumura.com/wp-content/uploads/2019/01/ Frame C09D
16 KB
17 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/01/icon-1-7-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3be563fc939ce81c4edc4af7fc27cffa6632ae60164f9cbfb6c923e7dc9fac8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:53:44 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Japanese-Hair-style-320x240.gif
www.marumura.com/wp-content/uploads/2016/04/ Frame C09D
54 KB
53 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2016/04/Japanese-Hair-style-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c395301d3636963578e927e670f7362518918c13ed99ec2332dc99eef693a38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:53:33 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
Kotatsu_cover-edit-320x240.jpg
www.marumura.com/wp-content/uploads/2014/01/ Frame C09D
21 KB
21 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2014/01/Kotatsu_cover-edit-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c0c1eb2a7d0cc33cde82e8ab1ea9e3645dc868d0967276ca038383634a66fe48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 25 Dec 2022 11:31:50 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
topmisosoup-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
147 KB
147 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/topmisosoup-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c79880eb33bc3b562d84a1b02a69fe949c32ea81603843301c7cea2d653e35af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 14 Nov 2023 18:23:54 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
18-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
167 KB
168 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/18-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1def1097b72490db9d47af16bb61b42fd7e1fea9b227fd43efa61b3285020dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 12:54:28 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
depression-320x240.jpeg
www.marumura.com/wp-content/uploads/2023/09/ Frame C09D
6 KB
6 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/09/depression-320x240.jpeg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f1219031371fb4fd7a59f47c43b49e92caf774b62741ee243c666550f331cdff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 29 Sep 2023 08:28:45 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Catcooljapan-320x240.jpg
www.marumura.com/wp-content/uploads/2023/09/ Frame C09D
12 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/09/Catcooljapan-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d50eb4daf35aad6a43d0270f0aded0d2da8b311efd98ffc9790c77cbcf34c2e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 07 Sep 2023 14:08:55 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Parents-Association-Japan-Thinking-cover-320x240.png
www.marumura.com/wp-content/uploads/2023/08/ Frame C09D
91 KB
91 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/08/Parents-Association-Japan-Thinking-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37700da260864e73dc40f3e1dd4a6c4e652584db54c69df71ca8f93e6de3573f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 02 Aug 2023 12:58:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
19 KB
19 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fd281585ca3ab1f985a357ef1345b8fbf3e21d4cede3edf85602342ab56c5706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 24 Nov 2023 01:37:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Mu-Room-Ride-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Mu-Room-Ride-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7ecf190f26ee96daca27d28b2150409d191acf884e1e8006688e2063c5e32cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 01:17:22 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c1458c70382790487d0f025efddeafee3e313e9c7ee71ba49acb40fee2b6fa2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 22 Nov 2023 01:25:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Japan-Law-Twin-Crystal-Quartz-cover-320x240.jpg
www.marumura.com/wp-content/uploads/2021/05/ Frame C09D
21 KB
18 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2021/05/Japan-Law-Twin-Crystal-Quartz-cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cdc4ad56822ba8b1a62bff799bc68e1e9a6f27ff37c6f6f37f9e0da834af5d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 05 May 2021 05:43:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Japan-shock-14-cover-320x240.jpg
www.marumura.com/wp-content/uploads/2021/06/ Frame C09D
22 KB
22 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2021/06/Japan-shock-14-cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
28093fc2ee1e60073c2d50d666f1b0eb5c1401a09730a469875d950dc8e9507d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 22 Jun 2021 06:23:31 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
punko_First-Time-JPN-320x240.gif
www.marumura.com/wp-content/uploads/2015/10/ Frame C09D
62 KB
61 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2015/10/punko_First-Time-JPN-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f76d076ecf1c4f835a707d1853cc16c80a638b2c1c32e634c664c959b228ad2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:50:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
catinshopjapan00-320x240.jpg
www.marumura.com/wp-content/uploads/2023/06/ Frame C09D
20 KB
20 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/06/catinshopjapan00-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ee34f794894c923da9a02fcb16b5caae785feb2be8aada3244881633e2ef514d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 15 Jun 2023 12:25:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
icon-11-320x240.jpg
www.marumura.com/wp-content/uploads/2017/08/ Frame C09D
20 KB
20 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2017/08/icon-11-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9acfece592e3602d6c75922af0271dc6cf23fdd6b68991ffb206d091d13eccd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:45:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
RakuRo-JR-Himeji-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
22 KB
22 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/RakuRo-JR-Himeji-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f62b043df43b0a6d167dda8d027c2c9fc312db795e95ac8e6cea31fb406d7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 21 Nov 2023 00:36:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Non-Fiction-Game-Hakone-Sengokuhara-Prince-Hotel-2-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame C09D
17 KB
17 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Non-Fiction-Game-Hakone-Sengokuhara-Prince-Hotel-2-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
472ccc77ca94c7b945cacc525c335cb96fb24766a1579e3bf5b743815a51ab7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 20 Nov 2023 02:11:50 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C1F7
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C1F7
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C1F7
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:16 GMT
c.gif
www.bing.com/aes/ Frame 9F74
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=828feb2c-b369-4935-9d1d-d0d7076ed0e5&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=c2daa8c0-fc78-4483...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=be41f6c6cb66484c88ecc32931f9c838&SNR=1&GV=2&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=be41f6c6cb66484c88ecc32931f9c838&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A63431B5EE154DACB4B22319451D06F4 Ref B: FRA31EDGE0714 Ref C: 2023-11-24T03:49:16Z
x-cdn-traceid
0.39d53e17.1700797756.24d24117
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 24 Nov 2023 03:49:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BB16F53026D24ADDA263E89ECA161421 Ref B: FRA31EDGE0518 Ref C: 2023-11-24T03:49:16Z
x-cdn-traceid
0.39d53e17.1700797756.24d240f4
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=be41f6c6cb66484c88ecc32931f9c838&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 9F74
91 KB
36 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231124T034916Z-dpzhn36p752x70p81xx3cedhk000000001a000000000n4at
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa866cf1-701e-0084-305e-1d91e3000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 9F74
80 KB
28 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Fri, 24 Nov 2023 03:49:16 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
740535
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230074-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700797756.281208,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 957672
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9F74
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9F74
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 9F74
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaToweSLvvLGRiMrav7syoK-vwygvfnqCDn5mmHZxpJEFDqVmfKTwsO9rpDu87vgp65cuJ3d6THkmdus4JaAavd8McG9Aw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9F74
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:16 GMT
anchor
www.google.com/recaptcha/api2/ Frame 08E6
60 KB
34 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e88e77ce759120fd305a508ba42969857e9302257f7f692326ecd78c5d32f214
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wbyPw3cYSW63Q40PNrDQcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wbyPw3cYSW63Q40PNrDQcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:16 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
556cc577-2366-4f03-be8b-4a4471d56f34
https://travel.marumura.com/ Frame 80BF
1 KB
0
Other
General
Full URL
blob:https://travel.marumura.com/556cc577-2366-4f03-be8b-4a4471d56f34
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
afr.php
ads.eu.criteo.com/delivery/r/ Frame 492B
118 KB
42 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
57491fec2f6e3f5937f25b01ab92ab5dbbaed435d4f96a508d63d4c54258bc00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:16 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=iAa8lETPs9aHMANR2KBTPv16p0FX7501tnwA2ExWGTBQ6LSYB2lPaMckPftsfufdt3EsCJQ0y1gOk1E1JaL754pAwC6o02Hcx6A2yx6PWs0Jcxa4fYs8_Yw35zNxh3Vi7bAldRwERAcfGtJ4-Kgw1OQQ5cKsjs-JUnXPgguAxuYDSgdIa8QYbpuC5y4e6M98Ga1Ld0XklR6QUI8Yf0IFoSFDioP3LYYxZXKSavhhi0Hyt8I1TRdgGzuw1KQYFI47W2473A"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
12169851
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 37E6
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtb
rtb.ads.travelaudience.com/ Frame 9C00
7 KB
4 KB
Document
General
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000667.16.0.70015178.0.0..0.DE.-1..LnCOC22VSqh4TvNwfdvdAg%3D%3D.60024737.OTk5JTJjMQ==...HiTiL-BEsER9ZslTAW-YRg%3D%3D.a3M9.2.0&p=90000&x=250&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmj0-Ox1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTPAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Y0aMlhW2LtSCFcoEwnMoDQapW22srZK2n9s99mz-MNNvHfP69kzuKRJIAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UBgjl11djIaihYJ9v_sEuHs6KlQ%26client%3Dca-pub-9709291217657452%26adurl%3D&googlewinningprice=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw&wpc=EUR&site=www.marumura.com&slotvisibility=2&gcpm=139115&gpos=1&bidder=bidder-rtb-production-75c9797b6-rb4nh&dv=1&uuid=&suid=CAESEBvHYhN7lVIIQuYXhN6Okkc&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&ssp_id=0&l=th&ts=1700797755&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=uU-N70aF08laDW5KxN5C0GJXIozDOnIU7noFu_f2Zk4=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
530e6dda430947dc397cf705b384bc38b6e23d601d5b23a7169aed6918d307c3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:16 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-df5986d56-7plg7
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1879
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FE94
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1879
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 1879
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbE2dfutZnjBx1WqjQacdRpGgFscfXJEoq-Ce5yDPutjEtCek-VyCkiHPAGhStkdVhj88PVaDjNSjEB5TFGYcvqG2EXw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1879
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:16 GMT
th
www.bing.com/ Frame 9F74
12 KB
12 KB
Image
General
Full URL
https://www.bing.com/th?id=OADD2.7215889955411_1KI0CL55YNG5QK6PJA&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
654cdd620446f3e743dab2ef1ba9f47e6fb8c053ae0d4dd9f0ee0688519e285c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1700797756.24d2416a
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12092
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
privacy_small.svg
static.criteo.net/flash/icon/ Frame 492B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:16 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 492B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 492B
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Nov 2024 03:49:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 492B
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Nov 2024 03:49:16 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 492B
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-vwfmFZCsF1RcH98dFxEtzQFNJN_LRtDA128WTA-8j8ZWng4mFQNYRA8w-t9ugGLSBc11qi5OENwDX9PzyKzzg_tuDvDc8_gyz47aLl0xjYVKUo90QMkQP5JUxh97xz1ODPvUzMKCUEsB2KEwgcEMtkMH3C0Q4fSi47eNz2e9cH5NammSnRDavdBxYDZVE5I2tUDdk5v81svwOi8m6kZPwigLL4jHZTu-JMDxiVR4g7pnlXgW6F_52efAnHdUDsJxzM4eiV8mkhwb_TzU50Ygbf8LQm8Z-tNgKTpfS5VVAcNqM3Zo4ZVvVlZk6TKZDkbfiaEFIqZw7dwvG83IcSvrLz7jh8_nnuK24Wk-b8OEa55VyW7CCby_7SlJjw8OFv967pyQzVurGva-k2Vb1eYcltiXUjo_djt1BlmyDEis_DXRycp
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2986658
expires
Mon, 26 Jul 1997 05:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 08E6
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 01:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 01:21:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 08E6
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:55:04 GMT
rd_log
ams3-ib.adnxs.com/ Frame 9F74
0
535 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.marumura.com&e=wqT_3QL-A-j-AQAAAwDWAAUBCLu6gKsGELTr54WN6d7MPRgAKjYJHPEQSb4Clz8RxdwIrgxmlj8ZAAAAgD0K1z8hxQ0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_fEFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIYaHR0cHM6Ly93d3cubR0k8FiAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOhmVbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAXTWIgFAZgFAKAFwaPLto3CpvBawAUAyQUABQEU8D_SBQkJBQt4AAAA2AUB4AUB8AXSRPoFBAgAEACQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_3xBdIHDRVkASYI2gcGAV6kGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=719f15a288af58de796200c1ce19cf59ab49436b&bdref=https%3A%2F%2Fhoroscope.marumura.com&bdtop=false&bdifs=2&bstk=https%3A%2F%2Fhoroscope.marumura.com,https%3A%2F%2Fwww.marumura.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9709291217657452%26output%3Dhtml%26h%3D250%26slotname%3D4574689270%26adk%3D2761220695%26adf%3D1416716225%26pi%3Dt.ma~as.4574689270%26w%3D300%26lmt%3D1700797755%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.marumura.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700797755255%26bpp%3D23%26bdt%3D743%26idt%3D239%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D3b7d84e77066d36c%253AT%253D1700797752%253ART%253D1700797752%253AS%253DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg%26gpic%3DUID%253D00000cdaeaeeebf2%253AT%253D1700797752%253ART%253D1700797752%253AS%253DALNI_MaqZcUqX463gStgPbS0Es03xSpijg%26prev_fmts%3D0x0%252C300x200%26nras%3D1%26correlator%3D8649921826522%26frm%3D22%26ife%3D1%26pv%3D1%26ga_vid%3D1893264436.1700797752%26ga_sid%3D1700797755%26ga_hid%3D1074123748%26ga_fc%3D1%26nhd%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D528%26ifk%3D4130856658%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C31079606%252C44795921%252C44809316%252C31078301%252C44807763%252C44808148%252C44808285%252C44809054%26oid%3D2%26pvsid%3D3959149614437505%26tmod%3D855449790%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fhoroscope.marumura.com%252F%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C528%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3D3.syhhi48puvdp%26fsb%3D1%26dtd%3D244&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
an-x-request-uuid
95f17057-bd31-4654-a7bd-181ab7b21fbf
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 492B
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:16 GMT
truncated
/ Frame C1F7
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2021b173b1a23fd6a2cb20e7e6428bd48e0d1d27ae0ef2f7294c7f769bb45394

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
img
imageproxy.eu.criteo.net/img/ Frame 492B
2 KB
2 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=134&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=284&rid=4&s=2w5-8kixIVHAWtspEyy_08XK
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ebf1bf9bdba065165f7248032eac751020e8cf6cc8d07813edee79a46c46c58c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2096
expires
Thu, 14 Nov 2024 12:56:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame 492B
108 KB
109 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F39b5df92ed394e14abdef2e3ba28a5ca_231108_mf_image_blackweek_general_v3_9_16.jpg&v=3&rid=4&s=OK86LiBsz9qn-pbv2X9OsKiR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1d851b6dc26a9493b376c3be688bbbdf372abbf444f991d06e05b84c0efc2cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
110888
expires
Thu, 14 Nov 2024 13:02:53 GMT
all
csm.eu.criteo.net/ Frame 492B
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=iAa8lETPs9aHMANR2KBTPv16p0FX7501tnwA2ExWGTBQ6LSYB2lPaMckPftsfufdt3EsCJQ0y1gOk1E1JaL754pAwC6o02Hcx6A2yx6PWs0Jcxa4fYs8_Yw35zNxh3Vi7bAldRwERAcfGtJ4-Kgw1OQQ5cKsjs-JUnXPgguAxuYDSgdIa8QYbpuC5y4e6M98Ga1Ld0XklR6QUI8Yf0IFoSFDioP3LYYxZXKSavhhi0Hyt8I1TRdgGzuw1KQYFI47W2473A&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:15 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 492B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:16 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 492B
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&u=%7C2eLsZRSOsMW4UDzkP7eL9LQEXdplDKCCTPnxX6Mnx3A%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXmrE1yWUjm-YWhOKK2hfVPeIY0cCZjY6LBm1Z5iHRX4BUz6i_-wOPzcw9wZ3QW_unsageqS_MJD4eilTILnn2xQlNtdE72LswBUl-TLwmFuTbUiRxB2wcdv7eHVVTaDWNnooMaWUvmFAvw0mzZ-78Jhi3ymTVsX9_8dI8Gxy6hNDjHMgyrNb4o6cdRE9SP3nGKYqP4QKpY2Fl6dn1REpL7r5oplxSV3yc1EQdQkEmPIq2rymA5tfxLfI3YA5exAdsalc86BYkQ9H_zHHm8zrIa0ubJlNxsCyyxS_k1kFnAp_7OLDO17_c9IYsBK3CW7Ov-EiLPT-yx7e0swZ7eVfcxiJqW0ERsWbeGwAC_JMaHNK5oQvaAs8Arlff80MGhk16biXSEynV45sWFVtd3QDzSJnL0HoetOdEHtRzbPv0ABz08yrEILo005fC7fyWnu-M0TmJnMYFOCiV4AI6vEo4JucQR3pAvv84mTCn-qSNtadIofIE2eSZTbm6-CIJ5gfGsq7Z0LHj9ly6z1c8lRrSzdf-X_REwkEfeVJxBPDU7Z&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7sgZOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCeiF6RWVJRVOVCH76z8PXitt8blHvGlU4WvWUy804QfG-amOwaEg3TfEoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2qkYpPnGXs0VfKiq0foNHUoELNLg%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:16 GMT
el.ashx
ads.travelaudience.com/ Frame 9C00
631 B
554 B
Image
General
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.7423414051124229&adPos=&ai1=1%3B30000667%3B16%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BLnCOC22VSqh4TvNwfdvdAg%3D%3D%3B60024737%3B999%252c1%3B%3B%3B2%3B4%3B50005383%3BHiTiL-BEsER9ZslTAW-YRg%3D%3D%3BUSD%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70015178%3B-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-75c9797b6-rb4nh&bnr=0&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=250x250&gcpm=139115&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=19&sc=&site=www.marumura.com&ssp=0&sv=2&tsf=&ua=&uc=DE&ucy=&uuid=5C02F536-ABD7-479F-BD2F-CF518840484F&view=&vrt=&vw=&wp=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000667.16.0.70015178.0.0..0.DE.-1..LnCOC22VSqh4TvNwfdvdAg%3D%3D.60024737.OTk5JTJjMQ==...HiTiL-BEsER9ZslTAW-YRg%3D%3D.a3M9.2.0&p=90000&x=250&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmj0-Ox1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTPAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Y0aMlhW2LtSCFcoEwnMoDQapW22srZK2n9s99mz-MNNvHfP69kzuKRJIAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UBgjl11djIaihYJ9v_sEuHs6KlQ%26client%3Dca-pub-9709291217657452%26adurl%3D&googlewinningprice=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw&wpc=EUR&site=www.marumura.com&slotvisibility=2&gcpm=139115&gpos=1&bidder=bidder-rtb-production-75c9797b6-rb4nh&dv=1&uuid=&suid=CAESEBvHYhN7lVIIQuYXhN6Okkc&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&ssp_id=0&l=th&ts=1700797755&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=uU-N70aF08laDW5KxN5C0GJXIozDOnIU7noFu_f2Zk4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
250x250_Amadeus.jpg
static.travelaudience.com/img/import/newjersey/DE_Consumer/ Frame 9C00
43 KB
44 KB
Image
General
Full URL
https://static.travelaudience.com/img/import/newjersey/DE_Consumer/250x250_Amadeus.jpg
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000667.16.0.70015178.0.0..0.DE.-1..LnCOC22VSqh4TvNwfdvdAg%3D%3D.60024737.OTk5JTJjMQ==...HiTiL-BEsER9ZslTAW-YRg%3D%3D.a3M9.2.0&p=90000&x=250&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmj0-Ox1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTPAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Y0aMlhW2LtSCFcoEwnMoDQapW22srZK2n9s99mz-MNNvHfP69kzuKRJIAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UBgjl11djIaihYJ9v_sEuHs6KlQ%26client%3Dca-pub-9709291217657452%26adurl%3D&googlewinningprice=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw&wpc=EUR&site=www.marumura.com&slotvisibility=2&gcpm=139115&gpos=1&bidder=bidder-rtb-production-75c9797b6-rb4nh&dv=1&uuid=&suid=CAESEBvHYhN7lVIIQuYXhN6Okkc&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&ssp_id=0&l=th&ts=1700797755&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=uU-N70aF08laDW5KxN5C0GJXIozDOnIU7noFu_f2Zk4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fd7b79d17db059b195de500702a5cce9473d33427fb4e1f2e440667dcd3c8010

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
age
0
x-guploader-uploadid
ABPtcPoubGEG_5mBSl9Pi4wyw0JnbQqWUiJdhv_H2dW7uEryAAkKod7UpFWaIRB-BM06SrFbDiIWXgk4wRUAkFGI6ZWOJnCFRSMa
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44525
last-modified
Wed, 30 Aug 2023 00:44:15 GMT
server
UploadServer
etag
"5a846cf4e7e66b0a701a6eb466eeeceb"
vary
Origin
x-goog-generation
1693356255872195
x-goog-hash
crc32c=us+pRQ==, md5=WoRs9OfmawpwGm60Zu7s6w==
content-type
image/jpeg
cache-control
public, max-age=3600
x-goog-stored-content-length
44525
accept-ranges
bytes
expires
Fri, 24 Nov 2023 04:49:16 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame 9C00
332 KB
0
Script
General
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000667.16.0.70015178.0.0..0.DE.-1..LnCOC22VSqh4TvNwfdvdAg%3D%3D.60024737.OTk5JTJjMQ==...HiTiL-BEsER9ZslTAW-YRg%3D%3D.a3M9.2.0&p=90000&x=250&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmj0-Ox1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTPAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Y0aMlhW2LtSCFcoEwnMoDQapW22srZK2n9s99mz-MNNvHfP69kzuKRJIAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UBgjl11djIaihYJ9v_sEuHs6KlQ%26client%3Dca-pub-9709291217657452%26adurl%3D&googlewinningprice=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw&wpc=EUR&site=www.marumura.com&slotvisibility=2&gcpm=139115&gpos=1&bidder=bidder-rtb-production-75c9797b6-rb4nh&dv=1&uuid=&suid=CAESEBvHYhN7lVIIQuYXhN6Okkc&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&ssp_id=0&l=th&ts=1700797755&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=uU-N70aF08laDW5KxN5C0GJXIozDOnIU7noFu_f2Zk4=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:16:12 GMT
server
AmazonS3
x-amz-request-id
109HWE5FMGW338NR
etag
"2f7f9b9fe26315ebe1ff29c8cca724b4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=8061
accept-ranges
bytes
content-length
115200
x-amz-id-2
1f4SFIF1R0AbaZt8+wf+tb8dvdqUtRPUymOk60akXsdK0QALK3FNPrYaCrYwuFk/L/5OwJ4PH78=
creative.js
ads.travelaudience.com/js/ Frame 9C00
56 KB
20 KB
Script
General
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000667.16.0.70015178.0.0..0.DE.-1..LnCOC22VSqh4TvNwfdvdAg%3D%3D.60024737.OTk5JTJjMQ==...HiTiL-BEsER9ZslTAW-YRg%3D%3D.a3M9.2.0&p=90000&x=250&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmj0-Ox1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTPAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Y0aMlhW2LtSCFcoEwnMoDQapW22srZK2n9s99mz-MNNvHfP69kzuKRJIAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UBgjl11djIaihYJ9v_sEuHs6KlQ%26client%3Dca-pub-9709291217657452%26adurl%3D&googlewinningprice=ZWAdOwAJjHgKZOyCAA7tcQ0AQbj8_oKKKoW_Vw&wpc=EUR&site=www.marumura.com&slotvisibility=2&gcpm=139115&gpos=1&bidder=bidder-rtb-production-75c9797b6-rb4nh&dv=1&uuid=&suid=CAESEBvHYhN7lVIIQuYXhN6Okkc&brq=-crT6Q_hNrpQCPzRV8LKbyrQF-W13NLquxCzgQ&ssp_id=0&l=th&ts=1700797755&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=uU-N70aF08laDW5KxN5C0GJXIozDOnIU7noFu_f2Zk4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
a57b6eb013320f0094f0c57997c807b2b0f3dcd1df5440a82d297ab8bbd9cad3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 23 Nov 2023 08:22:52 GMT
server
nginx/1.21.6
etag
W/"655f0bdc-e1b4"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 25 Nov 2023 03:49:16 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 37E6
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmTAQEhuML1dFOmyL_kaQJ2QPleHuZ8HAtW6LHlW0fVwAh9T2kA5j9O9__o2V8a89rclSqJMNLUgQq6mC0H2_UUi63Gwj3jH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 37E6
43 B
434 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQs2RHm8DiUq2wnYA_ael-ub6asmXPyPTEGOGUsy8wei5QH94qqxuKA5escLvSfl2nGvLW_5HN7a1v3t_J4YIOi5ZV-48PgtQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQs2RHm8DiUq2wnYA_ael-ub6asmXPyPTEGOGUsy8wei5QH94qqxuKA5escLvSfl2nGvLW_5HN7a1v3t_J4YIOi5ZV-48PgtQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae5a2e455b5c-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 37E6
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmQz2zIo3tOUASn0A7kA4v2n6Gg0JlPDN_btq70KiczRgwMtz6dq3thLbEqk2QTJ_BcTNSvKqqKO6gF0cwnSJY6eaqmJScRsEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 37E6
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmTSvcaEJHLwQDKP3nCdE22l44wLfuaK385kSuSTGGnBrM-y7JJTqwv9icHDxcsRccJv83lRDtCwbFkvfVg7...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmTSvcaEJHLwQDKP3nCdE22l44wLfuaK385kSuSTGGnBrM-y7JJTqwv9icHDxcsRccJv83lRDtCwbFkvfVg7u2DqP_e_jFUkEQ
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmTSvcaEJHLwQDKP3nCdE22l44wLfuaK385kSuSTGGnBrM-y7JJTqwv9icHDxcsRccJv83lRDtCwbFkvfVg7u2DqP_e_jFUkEQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:16 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmTSvcaEJHLwQDKP3nCdE22l44wLfuaK385kSuSTGGnBrM-y7JJTqwv9icHDxcsRccJv83lRDtCwbFkvfVg7u2DqP_e_jFUkEQ
x-host
tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 37E6
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmQYEeiHT3686MKQNjIL9GZr3DTkW7b_qBA1WVlyI2ooy1YqjBq0VUok-O4VG5Ph2JpLzkCzAiOaPZ1C1ILn9101v8y9lG-t
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 37E6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmQj2IzhOgqUtRxlSo4c_-h5S3C80RJctOIUMiuQq2qN2CaFzP1ko-1LtrYuzFZOGP2Qv5J2gu1D...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQj2IzhOgqUtRxlSo4c_-h5S3C80RJctOIUMiuQq2qN2CaFzP1ko-1LtrYuzFZOGP2Qv5J2gu...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQj2IzhOgqUtRxlSo4c_-h5S3C80RJctOIUMiuQq2qN2CaFzP1ko-1LtrYuzFZOGP2Qv5J2gu1DrYRUUK4dlXZRY-7FGJ_grg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQj2IzhOgqUtRxlSo4c_-h5S3C80RJctOIUMiuQq2qN2CaFzP1ko-1LtrYuzFZOGP2Qv5J2gu1DrYRUUK4dlXZRY-7FGJ_grg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 37E6
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kityb3Q119545q-6KiisRD7JOMHuwdsJvkFQj_ehpGmWhvKHBodFklH3ZbC1s49w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 1879
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08e19f20c0c4613dbd701066936c7d1fd5c3b6e497e8ef78700bb550805798c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame FE94
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmS6gsfPgBzyxwibBPeNIk9iGeI_P-pNg-ZGzTkEBcWyyN2Lj0J8aI6eC01m9J5EDcqcxjBD7T1pSpH-r23tR2ZLCvLzaeevBKJ9m2LlN4Hl9auwKM3IW5o_ezuyb4qZ6tirpcHqFsXvIohTyRc84Hm0c4Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame FE94
43 B
607 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQ-6RH9CCkEqZvhRqDTgHZZ2dm9j__k-XH391OM1Adgi7HEGbI-FLQwFJjedH3_tShSTB0VMrmH9H-xs4I7a5EwmK4NJQPQ52jxQ0j0U4zPyN5XQk9PNdHz70e1O52W06Nl2c1AfdmHfCcst6a8ou92pDM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ-6RH9CCkEqZvhRqDTgHZZ2dm9j__k-XH391OM1Adgi7HEGbI-FLQwFJjedH3_tShSTB0VMrmH9H-xs4I7a5EwmK4NJQPQ52jxQ0j0U4zPyN5XQk9PNdHz70e1O52W06Nl2c1AfdmHfCcst6a8ou92pDM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae5addf618cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame FE94
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmSTF0Ayq5fkxB8D5f4tvl1_ZA9BjR05TAUiJKZ7ts6t5AJH-v0U_Ljuf2JYEYbC01SftwN88cnrPNU5JPSTRWWfSgvJ9XDg39K1sjIyWbODn9SBLE81mQmVUtRSNaIQta2Ls4i44FRcvsBbnQhCjsaE57k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame FE94
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmSfI1PwZILi-V4L_7YBtcMIUOAODLeWJZPPz-wc-MqQfpeJrqslmeR5LvWYHx3QGjEOo7aA7zT_fsF8UqrU...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSfI1PwZILi-V4L_7YBtcMIUOAODLeWJZPPz-wc-MqQfpeJrqslmeR5LvWYHx3QGjEOo7aA7zT_fsF8UqrUr2JkBmAIw2G36cG...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSfI1PwZILi-V4L_7YBtcMIUOAODLeWJZPPz-wc-MqQfpeJrqslmeR5LvWYHx3QGjEOo7aA7zT_fsF8UqrUr2JkBmAIw2G36cGz6YQ3dk5CqdEpq2It0LNMXnpGJtR3hEKZMpD--28sa66Xd-oJBjIfpLM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:16 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSfI1PwZILi-V4L_7YBtcMIUOAODLeWJZPPz-wc-MqQfpeJrqslmeR5LvWYHx3QGjEOo7aA7zT_fsF8UqrUr2JkBmAIw2G36cGz6YQ3dk5CqdEpq2It0LNMXnpGJtR3hEKZMpD--28sa66Xd-oJBjIfpLM
x-host
tde-deliveryengine-production-bb588bf9-bkx48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame FE94
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmTo4OEMoZllj7U1IbDlxxBQqCa5gttQiRMS0L6EHYcRj3HwKuQgbyKPvfM4i5s020RS9T_TDzW80ErYuP39F-ZGO_BYRr3v4A5M8eXYCGkuvz8ddLkhwEzj2IPZ8QPqZuJ2M1c7jzx8GCKKNigOE5V9AqM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame FE94
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmRZwVowvo9JIYPqLL_cdCPJexv80-iH7KmJ6jbF1oCuKZMf93Xbd85cNDJFo0psZWAOxbyqelsU...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRZwVowvo9JIYPqLL_cdCPJexv80-iH7KmJ6jbF1oCuKZMf93Xbd85cNDJFo0psZWAOxbyqel...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRZwVowvo9JIYPqLL_cdCPJexv80-iH7KmJ6jbF1oCuKZMf93Xbd85cNDJFo0psZWAOxbyqelsUCNwciQRCSpx9aoowkTyuct5nTNVI6mH6e-if_hwiJpzwmT0aKc9Lnu-IawR4c7Vn-9uj_jIBhqpz0JU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRZwVowvo9JIYPqLL_cdCPJexv80-iH7KmJ6jbF1oCuKZMf93Xbd85cNDJFo0psZWAOxbyqelsUCNwciQRCSpx9aoowkTyuct5nTNVI6mH6e-if_hwiJpzwmT0aKc9Lnu-IawR4c7Vn-9uj_jIBhqpz0JU
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame FE94
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lqg3IxLRNlf0HFD7BcqJadhopd4dGZRUdVUjAJvERHuzgb6Bt0j5U8DcIHMY5A5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EB78
1 KB
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9F74
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
384c2298804d5e3477a2de30441a8bf44b2da10698dabe12c87cdf93710d2e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame C1F7
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMtYPOx1gZf6MIpeIkwP_2qGwAcme0rFc9eqhhogBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTMAU_QDNOGpPogbxGS1Us6ATi8yv_7opfTs8JpNDHU14nbwvZrCI4Fb86Y1buFZ4cYywgvp1Quh_kTx5DXUGVw2pPuQsKiFo-vnifw4l-MSW_6la81EiicJODYbVgXQwkrH30HtxmRyVjF0F9NUsjddaQQCyK0gQwAbc5uxiNh0VIVJQQ7SIgVXeqAky5SiR9V4JoL7KfMv64PvRbtd-qdaDqjWA26GCfgFYXE1AeFBPZXyHZwHZEJueHvqPuLSwcbkXEaITsBN_4-8ZKkaoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MDkyOTEyMTc2NTc0NTIYAA&sigh=lioIDHBgIYU&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNRLLnhS3Pwm156TWeAkMeA3FEXV5CHBqfIt29HybvIqidBhofSy-Y1Ywx-WjgCttqDKuiHbpLGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame C1F7
0
125 B
Image
General
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGcjHMKwCyAGdg2ICAgAAAFVp907VPMigEDodYGV-79Q8v-JFonKmAAASAAAKCkFRVUREd0VCRHc&wp=ZWAdOwAIhn4KZMQXAAhtf1U3FBvjgpoTj9x3Xg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=1974766222&adf=3028111064&pi=t.ma~as.5449908357&w=300&fwrn=16&fwrnh=100&lmt=1700797755&rafmt=1&format=300x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755235&bpp=7&bdt=723&idt=207&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.nxifze5wds27&fsb=1&dtd=213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
132378
server
Kestrel
content-length
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 08E6
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 20:04:28 GMT
x-content-type-options
nosniff
age
287088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 27 Nov 2023 20:04:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 08E6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 02:58:03 GMT
x-content-type-options
nosniff
age
521473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 02:58:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 08E6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:52:48 GMT
x-content-type-options
nosniff
age
550588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:52:48 GMT
vevent
ams3-ib.adnxs.com/ Frame 9F74
0
0

webworker.js
www.google.com/recaptcha/api2/ Frame 08E6
102 B
135 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 03:49:16 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9F74
0
0

it
ams3-ib.adnxs.com/ Frame 9F74
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 9F74
0
0

vevent
ams3-ib.adnxs.com/ Frame 9F74
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame 27B8
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47967b4a22d5b85e5e5cafe36fedeed4a59ee746e5971a047af8ce6a80d4fd8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16043
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 1879
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 1879
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame 6C37
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e23758941bd4687f38d9a5c1b3f7a147f609a8334083933ddc18150edbb1dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:17 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
travel.marumura.com/ Frame 38CD
311 KB
26 KB
Document
General
Full URL
https://travel.marumura.com/
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fff2fb3fd30933844b8bfa78287698b8cd361b49a9ffc4cb5af8f1b9528c8694

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://travel.marumura.com/wp-json/>; rel="https://api.w.org/", <https://travel.marumura.com/wp-json/wp/v2/pages/5298>; rel="alternate"; type="application/json", <https://travel.marumura.com/5298>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
powerkit.css
travel.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame 38CD
25 KB
5 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
travel.marumura.com/wp-includes/css/dist/block-library/ Frame 38CD
107 KB
13 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
posts-sidebar.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
4 KB
862 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
527086ffd8aa5bdb2b00dd5be1b15e7d0d282ec26955944b49fe40dc21a7c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
twitter-slider.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
1006 B
378 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7e5fab99472dc83e9e5bcd23c18083cb02c196b5a9724b4a78d8e44b6ec40e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
tiles.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
4 KB
711 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d0fd465e6448ac9eac534b1e2b4a3db8452a384b95b1f2c8133a07ee3754976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
horizontal-tiles.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
4 KB
713 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e9eb0dfb3e114bd11eaa4cbe8a05836cee318b60cca12c94c3b0d3f5f2bfd8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
full.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
4 KB
735 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
77e62403c5cf03c97081a20ccba81971391e554663c76f39b323a2e6045958c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
slider.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
13 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b396a226099848f402ef5695b662acc20430fddd59d405586e1afb3b8d95c0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
carousel.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
3 KB
561 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cbf736f12d658470e6926d309bc0b77d6f2d48f3412f7659aca07a96f5f90897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wide.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
20 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4ace7cb9bf8a3cd67c5d43ab6b1e29e5733b05fd71babbe32d9230d8d1e7b720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
narrow.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 38CD
9 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1661973572
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37be9771bb7032cccd856084f2489bdd36728c670ab8fec9b459615911cbb2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
styles.css
travel.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame 38CD
3 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:39 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
travel.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame 38CD
2 KB
683 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame 38CD
21 KB
3 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
travel.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame 38CD
1 KB
571 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
travel.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame 38CD
9 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
travel.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame 38CD
3 KB
842 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
travel.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame 38CD
477 B
363 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
travel.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame 38CD
5 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
travel.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame 38CD
4 KB
909 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
travel.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame 38CD
5 KB
1 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame 38CD
3 KB
824 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 38CD
13 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 38CD
1 KB
641 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame 38CD
3 KB
813 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame 38CD
1 KB
511 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-share-buttons.css
travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame 38CD
71 KB
5 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a9c8c9a37641484b70c3f306d5bdbddec691a1c219ae95cb3dceac43b0560324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-social-links.css
travel.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame 38CD
149 KB
10 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3b274ccab22ae80e2b294f5c99ad5519b374e77c6298a1ba82949374fd778b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-table-of-contents.css
travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame 38CD
3 KB
1013 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-twitter.css
travel.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame 38CD
3 KB
945 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fc418b8f556aca3aefbf6f6e0208c2bd88b8badda8828b27c366bbf91784c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-widget-about.css
travel.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame 38CD
1 KB
505 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
front-flex.min.css
travel.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame 38CD
2 KB
603 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f0a79b76f29f3b28b2f8995f7bd635bc5fe214d434bf0deb43d91c2c36219b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 16 Nov 2023 08:13:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
frontend.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame 38CD
101 KB
14 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
143ed41fe58e7d412f14a6ff4f8c0f38094ac683f3f8ace929bd0c4f3c54ede2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
flatpickr.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 38CD
14 KB
3 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
select2.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 38CD
15 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.4.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wpcf7-redirect-frontend.min.css
travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame 38CD
316 B
272 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:18:45 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
if-menu-site.css
travel.marumura.com/wp-content/plugins/if-menu/assets/ Frame 38CD
929 B
602 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.4.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
last-modified
Mon, 17 Apr 2023 08:34:11 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
style.css
travel.marumura.com/wp-content/themes/authentic/ Frame 38CD
236 KB
29 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
430ae8b61952325c33fe32ceb2d01afe3b581431022588b14c0d0b0f9a491618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 03 Oct 2022 04:36:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
essb-native-skinned.min.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 38CD
3 KB
697 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/essb-native-skinned.min.css?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b4cda2b6aa71c00ebd47e5ea401c1305949f975e6289c2b5d7ff45c0deda3bb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
subscribe-forms.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 38CD
29 KB
4 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.css?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3771f3a776bf69e9876a7158a93d20da3b629206332dfad0d17b78a1c2dea772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
click-to-tweet.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 38CD
4 KB
847 B
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/click-to-tweet.css?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
bf0817f82de9416db8e42a8d19e9b4c43e35cedbb2d3593543cc25c13f4fd9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:58 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
essb-animations.min.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 38CD
20 KB
2 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/essb-animations.min.css?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0111739ebd74f42436b420762a1354526423c5e4bef74c01e2f457c44751082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
easy-social-share-buttons.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 38CD
89 KB
12 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/easy-social-share-buttons.css?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e84635a2564af08e5d0ec024e5e2c8452828dad83e4353a2bd21ba8c3808c324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
legacy-features.css
travel.marumura.com/wp-content/themes/authentic/css/ Frame 38CD
13 KB
3 KB
Stylesheet
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=5.2.10
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5c6fadfb3fd62eca8b226de74d73b64e2235f1d7962b5440f136aa6cff0ac35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
jquery.min.js
travel.marumura.com/wp-includes/js/jquery/ Frame 38CD
86 KB
29 KB
Script
General
Full URL
https://travel.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
travel.marumura.com/wp-includes/js/jquery/ Frame 38CD
13 KB
5 KB
Script
General
Full URL
https://travel.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:40:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
flatpickr.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 38CD
49 KB
14 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
select2.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 38CD
69 KB
18 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
js
www.googletagmanager.com/gtag/ Frame 38CD
132 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ff82651bad11dadddedff788d683f42c89d7fa0dd284ed7ce62d66015f6197e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:18 GMT
atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame 38CD
0
12 B
Script
General
Full URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cloud-trace-context
c690d717ef1129c0a7960dea30749144
cache-control
no-cache
date
Fri, 24 Nov 2023 03:49:18 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
application/javascript; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 38CD
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6b8a38bbe88d40495cc0db00d5da7e22b9c291a83e1d7fc07ea812f9d9e79f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52729
x-xss-protection
0
server
cafe
etag
9956267460290442391
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:18 GMT
ats.js
anymind360.com/js/6621/ Frame 38CD
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51207
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797757.180378,VS0,VE0
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 4
logo_marumura_b2.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 38CD
14 KB
14 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_b2.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
689914cf34ba4bec16ba9c2c275d7b9c5fb5f2d82e68e8ae96807b525bff5297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 17:13:55 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_b.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 38CD
16 KB
16 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_b.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4a4916c174a4a973131449091d8ca84fed7b6460dab15352d24cf18a787e4cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 17:13:55 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_w.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 38CD
13 KB
12 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_w.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 17:13:56 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Kintetsu-Yunoyama-Onsen-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
17 KB
17 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-272x182.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6a8e75b196cdfa77bade2d95197e54271ed7b8acb0f9c6f7211c92fa07891de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 00:51:16 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Jewerium-Enoshima-Aquarium-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
12 KB
12 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-272x182.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b623af9309956c6f9729df28935ff60dd025a26feb72f4fd0ea691b46deb74c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Nov 2023 18:56:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Umekoji-Potel-Kyoto-_cover-320x180.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
16 KB
16 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x180.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5465db67d8305b08d7d9bd1ef87b4b0f1291fa7dbc2bc92d460b56a8036e8ca4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 10 Nov 2023 13:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tattoo-Get-in-Tokyo-Onsen_cover-300x225.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 38CD
17 KB
17 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-300x225.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a479f7232194e535a71f9c6b59199caea997e5c1e8aa8e2950485c028181e2fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 27 Oct 2023 05:11:56 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Asuke-Toyota-City2_cover-320x169.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 38CD
22 KB
22 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x169.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
54eb3616f0144dd0047b807b0c882db45b39c6e130f9997e9e08305de3c876d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Oct 2023 09:58:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-272x182.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 38CD
94 KB
95 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-272x182.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d92dea6580bf50e1731ad28624313ad200ee301f33eb697e4b9ef4d64d66fbd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Oct 2023 13:04:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Aoniyoshi-Sightseeing-Train-16.25.29-cover-320x178.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 38CD
112 KB
112 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Aoniyoshi-Sightseeing-Train-16.25.29-cover-320x178.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8fdd8ca5f713a0d50301ecbba140ee4a1fb52e6c7e43a241e8616c1b3915885f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 16 Oct 2023 11:23:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Sabataro-Rest-Fukuoka-cover-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 38CD
15 KB
15 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Sabataro-Rest-Fukuoka-cover-272x182.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
98280a0e0f89cb9b601c89313eeb3b711cc8f239ed313daec8fd509dd63148e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 06 Oct 2023 13:39:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kamiseya-Park-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-272x182.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
433a60bba0dc3c10ed023fec651cc21d85c1bb1cdb23e95907f142f88da3a040
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 27 Sep 2023 01:24:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Ibaraki-Praying-Destination-cover-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 38CD
14 KB
14 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/09/Ibaraki-Praying-Destination-cover-272x182.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5350afd1ce34772b9c9ccb2cfb6c839988d4e279ad977c756943afeda48b6609
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 12 Sep 2023 07:18:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kamiseya-Park-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 38CD
29 KB
29 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
00d75ee4777b74634422816bc15a70bc6bba3a7c75f4084131105f4451aca270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 27 Sep 2023 01:24:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/06/ Frame 38CD
23 KB
23 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/06/Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d8fa52f8cebc5e5239290cf554ab7b7d3e0c9a8a065e6ab72372142cffe82502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 16 Jun 2023 02:38:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
17d38276d1943707ec1893cfbc3c60edca4ca54d824bf2001093058879713052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 21 Apr 2023 17:43:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
22 KB
22 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5b9db7e260a58a6125841ce09cbc2c8440aa5eabc1737e301011eed3a81721e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 17 Apr 2023 02:17:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
disney-resort-line-40th-Anniversary-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
23 KB
23 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/disney-resort-line-40th-Anniversary-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6448a3fdc4dbcd23b0f6e3039929a39c35c6df1a12b8749d05b313f620cbe059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 15 Apr 2023 01:49:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Namco-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 38CD
28 KB
28 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/03/Namco-Tokyo-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
55ddc4350919696487858704796ed175de6215690d73f6c0d55d623621af7d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Mar 2023 16:23:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kansai-by-JR-West-2023_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/Kansai-by-JR-West-2023_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
34838b3fa4eb46e4ca27c1c364cef31d722726a8e2d9c388d315378ab44672f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 18 Apr 2023 13:12:11 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 38CD
24 KB
24 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/03/Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0bedf4a2f718cb81e021224dd034b779c1da933380c20223a90c6df91a904f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 Mar 2023 16:58:06 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
USJ-Magical-Creatures-Encounter-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 38CD
23 KB
23 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/02/USJ-Magical-Creatures-Encounter-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
626605fe89380aae0e5f7a593f35ef6ea030305a204d96a1c24856e1879ddd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Feb 2023 01:41:11 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kansai-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
31 KB
31 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Kansai-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8ec159d7b694445c663bac2dfe43b1883b7e24b4c8dd370821d45702938e0833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Jan 2023 14:43:54 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tokyo-Dome-City-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Tokyo-Dome-City-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
93a7c855c5c309a1c29e5ed25d42fce6ab89d8abf6e760354cd54b42e71f1865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Jan 2023 01:04:54 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Centara-Grand-Hotel-Osaka-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
9 KB
9 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Centara-Grand-Hotel-Osaka-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c38d64ac2d50fb25555294316768cfed9f7b57cf11f4e477a045d088b816e91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 14 Jan 2023 02:31:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
5-Fashion-Museum-cover-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
22 KB
22 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/5-Fashion-Museum-cover-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
819082a4afc84d55e834a6b6cde9503eb1ce3898d7b3d0d699c2a5c136fb9b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 13 Jan 2023 01:16:37 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Hiraoka-Jugyo-Center-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Hiraoka-Jugyo-Center-5-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
29c02cbf1cf9f4fd70dfb1c067a1975a30b75bf22cc45e2ceaf1060e46f29367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Jan 2023 12:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
26 KB
26 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48e79f9a8af22b127ce3a6f8690a730c267205ef31773b2c55319913c15e8d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Jan 2023 08:56:33 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Onuma-Quasi-Autumn-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 38CD
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/12/Onuma-Quasi-Autumn-2-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8b9190a67e86adbb29ec7dc195e16bc9cb540b59a213f4a5dfd6f63e637c0a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Jan 2023 10:41:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
West-Hokkaido-Autumn-1-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/11/ Frame 38CD
21 KB
21 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/11/West-Hokkaido-Autumn-1-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c491723385ea40b510133648e1bb513ba60c56ce0fe290fe349c540da0c312e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Jan 2023 09:28:18 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Sapporo-Snow_-Festival_-2023-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/09/ Frame 38CD
12 KB
12 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/09/Sapporo-Snow_-Festival_-2023-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
984dc59dbd7cfc4483be13c8a6d95a65099ddc8d7010db6717d1d8dca0ae3cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 20 Sep 2022 02:43:02 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Dragon-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/08/ Frame 38CD
31 KB
31 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/08/Dragon-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
114ef306a2bb9b74f2c168785aac84d463aad1b59dfda893a3b67f46c64da024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 18 Aug 2022 09:44:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tohoku-Winter-FAM-4_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 38CD
13 KB
13 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-4_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3686488c46168e023bb4d2dc39962502ee3e372cc8823516fa54cb7b1f51ee8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 12 Mar 2022 12:50:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tohoku-Winter-FAM-3_cover-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 38CD
16 KB
16 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-3_cover-2-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4e86134d0a34170ff9893d9544a3b241bd60ff526ec9566e513f8d39e131c4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 12 Mar 2022 10:30:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 38CD
21 KB
21 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/02/Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b0c31cb57388bde65d3a9a7f7807d909c4946121be0d2c06ed1a791e2b1d0cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 01 Feb 2023 09:16:37 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Fukuoka-Cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 38CD
26 KB
26 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/12/Fukuoka-Cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c840c71ce9406e85c9e529fa1072c07f8413ec284078ad6830555bff404fd8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Dec 2022 08:21:55 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Hita-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 38CD
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/12/Hita-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
29fa6a0f7796e520bdc0b7a04d040a4788647f3d16ac3719e519bafc0ecb9da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Dec 2022 08:22:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
19 KB
19 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fd281585ca3ab1f985a357ef1345b8fbf3e21d4cede3edf85602342ab56c5706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 24 Nov 2023 01:37:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
flower-pickle-jp-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
125 KB
125 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/flower-pickle-jp-320x240.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9ff9bceecc62c12f376d057d9cab274b4da9d432eeed5d8124d2358a86ad0a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 13:11:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Mu-Room-Ride-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Mu-Room-Ride-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7ecf190f26ee96daca27d28b2150409d191acf884e1e8006688e2063c5e32cac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 01:17:22 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Japan-Kid-First-Hair-Cut_cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
102 KB
103 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Japan-Kid-First-Hair-Cut_cover-320x240.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f7bdecdeda339322bd199bffc3fdc663978cb35dbfd71aa0e85242e9738bc738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 22 Nov 2023 11:42:16 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c1458c70382790487d0f025efddeafee3e313e9c7ee71ba49acb40fee2b6fa2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 22 Nov 2023 01:25:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
sdk.js
connect.facebook.net/en_US/ Frame 38CD
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca63359f06714f8efe2191d9d3269b178dc27b13f342ba5b1693a159c2c1b0aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:18 GMT
content-md5
EjK0GqqEzn3bHt8o5CxB7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
x1/KtQHG5IToVngk6HMahzmsTgSJNjXa35r2keHJ4ZA/oITNGVY0FgoszKFrhFG2vzQZmmpxOBAlbuAgvaTFuw==
x-fb-content-md5
7ea1f12f750d7bc5de8d00e729689e9b
cross-origin-opener-policy
same-origin-allow-popups
etag
"c105a1184abe580d1e13e3daaaff6a34"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Nov 2023 04:09:14 GMT
jquery.adrotate.dyngroup.js
travel.marumura.com/wp-content/plugins/adrotate/library/ Frame 38CD
2 KB
1022 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
534e0339d7dd364cde1afcf77eef6a88b4b9c6cfdd1b450c622f0ad1004a04ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:44 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.clicktracker.js
travel.marumura.com/wp-content/plugins/adrotate/library/ Frame 38CD
365 B
394 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:44 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
index.js
travel.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame 38CD
11 KB
3 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:39 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
travel.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame 38CD
13 KB
4 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:39 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-basic-elements.js
travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame 38CD
1 KB
555 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.justifiedGallery.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 38CD
18 KB
5 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-justified-gallery.js
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 38CD
2 KB
760 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
imagesloaded.min.js
travel.marumura.com/wp-includes/js/ Frame 38CD
5 KB
2 KB
Script
General
Full URL
https://travel.marumura.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 18:27:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
glightbox.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 38CD
55 KB
15 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-lightbox.js
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 38CD
4 KB
1 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-opt-in-forms.js
travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame 38CD
1 KB
642 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
565637476a6f33a1187e3dc40aa6f65fda018dd1ed19f088490bdd2c2076b6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-scroll-to-top.js
travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame 38CD
507 B
416 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-share-buttons.js
travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame 38CD
3 KB
974 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
flickity.pkgd.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame 38CD
53 KB
13 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-table-of-contents.js
travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame 38CD
3 KB
984 B
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6abe50ef3e60504ea153ca28d383b84b8b184428f316d1038feebd6282463d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
frontend.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame 38CD
19 KB
4 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:55:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wpcf7r-fe.js
travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame 38CD
8 KB
2 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:18:45 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
owl.carousel.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
43 KB
11 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
colcade.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
9 KB
3 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
ofi.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
3 KB
1 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
15 KB
5 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax-video.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
17 KB
5 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
scripts.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
60 KB
12 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=5.2.10
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
327ad04216c88f3f35ac035e4451fa3a0bdaa3267784ad8ecb99ce5946051ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
pinterest-pro.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 38CD
16 KB
4 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/pinterest-pro.js?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
483ae5b7ecaf13dc583657e06cce1ed4287c6a9058882315d41415e22932cad4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
subscribe-forms.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 38CD
19 KB
4 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.js?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ce297fd48857fc1a50abff0f3908aa607eec9093d8acce0b14c2ecc7946cc79a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
essb-core.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/ Frame 38CD
64 KB
13 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/essb-core.js?ver=9.2
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b38cd4372f230487a9d2c5f2934d1b43a24d781ff9e733907a9ba035a4f473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 09:22:56 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
legacy-features.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 38CD
11 KB
2 KB
Script
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=5.2.10
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1aa871bfe9fa89c6f4f39426df6c430a7fe26afe36c01a8464aa9eb4d2573f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
all.js
connect.facebook.net/en_US/ Frame 38CD
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04b07fe3cbec83e56aa991bd421ca3a1ac40f3060ca2834df11c9e41e07d29ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:18 GMT
content-md5
KFABjQj6GrtrNbiNwn3avQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
whUZR+yoO0T7u8rnXdV/ushh+YPlJqyxFHEo0Ntol0SPAPAv3WnEoTa1HgWp6CPvb7RV9uVu0ff+sVZipSQKdg==
x-fb-content-md5
bbba911b24b6fb237be1a05be9b894d3
cross-origin-opener-policy
same-origin-allow-popups
etag
"46960921190ab81c9108766808972929"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Nov 2023 03:59:26 GMT
reload
www.google.com/recaptcha/api2/ Frame 08E6
34 KB
20 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
882b4d380a87c8ba083a7ce4c45245a7b49df2903af33fa26d0294bbfa11fe8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=ongmpb5kxcx5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 03:49:17 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 27B8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 27B8
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
dr
as.ad4m.at/ad/ Frame C7E2
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1g0yjq0qzsgzap4amqkn6kzszhpf8fhwgbg25bdszgqg4r1cv3c7bav0gfw0mkahhpna2fqcxtj2nf183syb06emxjzzkyajqsadqe5mkckvk6re58w841k7n6g1z4gjw3230wm9p8gq2m2sc839vqqfemhpr0grtvzxna35cfqr34x1hbwtnrpyrbeqv1kqwb1edvrzqm90rv2vdh8y63bj2c73rt6pkefhpathp8brb9nnbqfmqzwmr79shjb28s6ft5aqt0rydbdjcdgrchww0h6rzx7qg9k9nqebkfra6hx9q48tpvbzp33gj0vmpf38hvdkxp5djfn2eby565f9f628faaqn12nk4z5d2r7gxsv4f07vd07djkp8n3yfkpzx8r1b1frk1c09032ty0t3qrn1g1db1kyahj3w8xyyfrdv1ye8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6863ec498e6b64638491cccd2d5f6ffe2beebdc1f03fbcb92842e37eb100282b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae5fee159116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BE6D
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 27B8
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:17 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame C7E2
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0yjq0qzsgzap4amqkn6kzszhpf8fhwgbg25bdszgqg4r1cv3c7bav0gfw0mkahhpna2fqcxtj2nf183syb06emxjzzkyajqsadqe5mkckvk6re58w841k7n6g1z4gjw3230wm9p8gq2m2sc839vqqfemhpr0grtvzxna35cfqr34x1hbwtnrpyrbeqv1kqwb1edvrzqm90rv2vdh8y63bj2c73rt6pkefhpathp8brb9nnbqfmqzwmr79shjb28s6ft5aqt0rydbdjcdgrchww0h6rzx7qg9k9nqebkfra6hx9q48tpvbzp33gj0vmpf38hvdkxp5djfn2eby565f9f628faaqn12nk4z5d2r7gxsv4f07vd07djkp8n3yfkpzx8r1b1frk1c09032ty0t3qrn1g1db1kyahj3w8xyyfrdv1ye8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g0yjq0qzsgzap4amqkn6kzszhpf8fhwgbg25bdszgqg4r1cv3c7bav0gfw0mkahhpna2fqcxtj2nf183syb06emxjzzkyajqsadqe5mkckvk6re58w841k7n6g1z4gjw3230wm9p8gq2m2sc839vqqfemhpr0grtvzxna35cfqr34x1hbwtnrpyrbeqv1kqwb1edvrzqm90rv2vdh8y63bj2c73rt6pkefhpathp8brb9nnbqfmqzwmr79shjb28s6ft5aqt0rydbdjcdgrchww0h6rzx7qg9k9nqebkfra6hx9q48tpvbzp33gj0vmpf38hvdkxp5djfn2eby565f9f628faaqn12nk4z5d2r7gxsv4f07vd07djkp8n3yfkpzx8r1b1frk1c09032ty0t3qrn1g1db1kyahj3w8xyyfrdv1ye8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774319
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7SOv%2FsaKAgIsmAyG2GzL1GDLS7johcnTmdIGXYIglj25o6GFOHNpITsbBvLcCx%2FCuG5EN3yaabIyxRamHZPzEG2b%2FIjzXlyQT0xLIc4r03oDPHc5A0vauwzzQYdtudyMapp%2FKrY91w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae601e2b9116-FRA
expires
Sat, 25 Nov 2023 03:49:17 GMT
r62eglto.js
ad4m.at/ Frame C7E2
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g0yjq0qzsgzap4amqkn6kzszhpf8fhwgbg25bdszgqg4r1cv3c7bav0gfw0mkahhpna2fqcxtj2nf183syb06emxjzzkyajqsadqe5mkckvk6re58w841k7n6g1z4gjw3230wm9p8gq2m2sc839vqqfemhpr0grtvzxna35cfqr34x1hbwtnrpyrbeqv1kqwb1edvrzqm90rv2vdh8y63bj2c73rt6pkefhpathp8brb9nnbqfmqzwmr79shjb28s6ft5aqt0rydbdjcdgrchww0h6rzx7qg9k9nqebkfra6hx9q48tpvbzp33gj0vmpf38hvdkxp5djfn2eby565f9f628faaqn12nk4z5d2r7gxsv4f07vd07djkp8n3yfkpzx8r1b1frk1c09032ty0t3qrn1g1db1kyahj3w8xyyfrdv1ye8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335279
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGe1FsAuJShsu56mFRb1IKoxXpjbonofqoLmBuAl%2F3s%2BOJ7tQ6mYqZJm8Som0%2BTh4MRgfwQ4ufSaW1J6dO41sFnkaUySz8d3vBzge57JG%2F30ieLQTZLkvLmfWNUCACLLUm3ztdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae601e2c9116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6C37
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56060
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6C37
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 6C37
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzCQP991SBQy5rLz2S5AsYSkn_Emwz6XE-9KJhq-Y-Upoawxg3HWKC4QStoI4-B4f7T6iQUVYOKIVvEc_Z7kMkzyqj3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6C37
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:17 GMT
truncated
/ Frame 27B8
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23c598377d919c865f466b5ef3ac8cd31e00249faba6b8149920d63bcefbdbc2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
dr
as.ad4m.at/ad/ Frame 0D88
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1jsapthdvnzdx2cgpyf7fg67r5692g5txd454vpz3akartvfy4hqepgrbwkmsykj7qkmpmtan3g60j2xkqn2h3zyamm64av2qp6kvdgd29c0wwyjg22cdq1pnxr14zzx4thwazpmyga7mmnyq09ps2mdx9c46jmmz5p2mr7zmhmbwyngas80dj0y29hme996x214z64drp2h6svck8bqp3k5k435hg3gek7g5b4wycbxc5se8fksxgfdvh2jc40fydtr8yet3mr16b2j7e5ddwxw41xvt24dzwghgawfx6k27zdkzv62bf7052hbbzzvbb64g8c72pm4271hkdee0nmkpm4bazr4dpdzppc5vqsqvf3rcm65pw7dxd0wp5ym0449t3mt3q4yk2efg9k4ph46cchpqes1gbcytgqg7kpw2vkqyzqrc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b02651c618d9aed2682ee59715d8432e22d567fed5090a591a536a102681663
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae607e489116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E5A9
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame BE6D
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmRth777T-E4BfFBx8R1ep2zn_YAFW4s4Jx5SPEb-wnO-_0_w0XVdiT8Gfs5DQd1Q9W-U20jCLjQrXBBRcs72dw-5vq0gAg_3y1N
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame BE6D
43 B
569 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmR5V742NrzmCS811R5KXJUtyAV-iL4TfG4bYotM4fot12cE70AF0zaWvi6h1Coda3s6RTBrOxyxMi-cxhuCpHUAxwHIYG6xSGk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR5V742NrzmCS811R5KXJUtyAV-iL4TfG4bYotM4fot12cE70AF0zaWvi6h1Coda3s6RTBrOxyxMi-cxhuCpHUAxwHIYG6xSGk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae60c99818cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame BE6D
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmT4SByJMpKAP84JdSi9gdj1SP0rKa-cEADRaR3CF1Q-03cJa88WrAIPyrclOksFmpjfi4XGDlvXmQ06avaw5tIJLka7Nz6hDCo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame BE6D
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmSrmXVHT1OZLjENoCtUWwBXtDjagwkw8osnJjTsW2HEQkn9DCR8zERYVWt8W6NWiNzwQfIuub50oSwzRvJV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSrmXVHT1OZLjENoCtUWwBXtDjagwkw8osnJjTsW2HEQkn9DCR8zERYVWt8W6NWiNzwQfIuub50oSwzRvJVslUs13uOvQEXdvSn
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSrmXVHT1OZLjENoCtUWwBXtDjagwkw8osnJjTsW2HEQkn9DCR8zERYVWt8W6NWiNzwQfIuub50oSwzRvJVslUs13uOvQEXdvSn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:17 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmSrmXVHT1OZLjENoCtUWwBXtDjagwkw8osnJjTsW2HEQkn9DCR8zERYVWt8W6NWiNzwQfIuub50oSwzRvJVslUs13uOvQEXdvSn
x-host
tde-deliveryengine-production-bb588bf9-bkx48
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame BE6D
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmSIZi23zw_xLpWlAJazhGBc517p_cw1A1gmkTJyVN--2vE3rn5bpKhOLrwSx7OATW5o0p7CLzKwQq7GzSTR2oAEAq9zDJKz4Wo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame BE6D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmSsnL2Eiw4_DwQgHrZObmiEIkvDTN6TDJTxpg14ims1ll29a04z2UJxo9QkB8rxgdZtlyN8TUT-...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSsnL2Eiw4_DwQgHrZObmiEIkvDTN6TDJTxpg14ims1ll29a04z2UJxo9QkB8rxgdZtlyN8TU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSsnL2Eiw4_DwQgHrZObmiEIkvDTN6TDJTxpg14ims1ll29a04z2UJxo9QkB8rxgdZtlyN8TUT-8Pfw6IjBYNT4jq-ksNk089s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmSsnL2Eiw4_DwQgHrZObmiEIkvDTN6TDJTxpg14ims1ll29a04z2UJxo9QkB8rxgdZtlyN8TUT-8Pfw6IjBYNT4jq-ksNk089s
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame BE6D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzoxrGi_ewFIZzSCgQp4m24G8kniRjwcjGUh0GRAEyc97zFEpgebRVTBd2ThPv_g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C7E2
350 B
872 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315005
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptB5wueccC4UthO7KL12wpuO1Etc46Ukdy2YaX4wNv4dD0a8snJrE9LapKQlJcX61M8O6nX7vfTvA99ts5X8IXeJEa4b4M62LI8SVd3avAWZ2dwp%2FPTUQaI7OajbQ3UL5uleeEn9qUJzC%2F8p%2BztpItxo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae60ce919072-FRA
expires
Tue, 19 Nov 2024 11:23:05 GMT
frame.html
ad4m.at/ Frame 4F8A
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774320
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae60ee6f9116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cH%2FPv7qxhNN6QukRq7P3oxar1CWHYdwSWy2puRREf0HlRZl1t9qIniH55y1I2LG3v9JyDEGZn535Fgzw0%2FGv4HrZu3wLE%2BHiohtTNheE7V5PGqV9hLuoQF77OK5Tk4aoW5jWxjw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 0D88
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsapthdvnzdx2cgpyf7fg67r5692g5txd454vpz3akartvfy4hqepgrbwkmsykj7qkmpmtan3g60j2xkqn2h3zyamm64av2qp6kvdgd29c0wwyjg22cdq1pnxr14zzx4thwazpmyga7mmnyq09ps2mdx9c46jmmz5p2mr7zmhmbwyngas80dj0y29hme996x214z64drp2h6svck8bqp3k5k435hg3gek7g5b4wycbxc5se8fksxgfdvh2jc40fydtr8yet3mr16b2j7e5ddwxw41xvt24dzwghgawfx6k27zdkzv62bf7052hbbzzvbb64g8c72pm4271hkdee0nmkpm4bazr4dpdzppc5vqsqvf3rcm65pw7dxd0wp5ym0449t3mt3q4yk2efg9k4ph46cchpqes1gbcytgqg7kpw2vkqyzqrc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jsapthdvnzdx2cgpyf7fg67r5692g5txd454vpz3akartvfy4hqepgrbwkmsykj7qkmpmtan3g60j2xkqn2h3zyamm64av2qp6kvdgd29c0wwyjg22cdq1pnxr14zzx4thwazpmyga7mmnyq09ps2mdx9c46jmmz5p2mr7zmhmbwyngas80dj0y29hme996x214z64drp2h6svck8bqp3k5k435hg3gek7g5b4wycbxc5se8fksxgfdvh2jc40fydtr8yet3mr16b2j7e5ddwxw41xvt24dzwghgawfx6k27zdkzv62bf7052hbbzzvbb64g8c72pm4271hkdee0nmkpm4bazr4dpdzppc5vqsqvf3rcm65pw7dxd0wp5ym0449t3mt3q4yk2efg9k4ph46cchpqes1gbcytgqg7kpw2vkqyzqrc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774319
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZrEQD4if5sj24a%2BdM1IanAPFS5aIa3N1QLDoXk3d39RwdiocTrCp0tmrAJxonESuQktxRk1VROIYgCZALtyAi1%2FVFJ8M%2FND7ir%2FUf4vCoYjgJxjtk4L4reLXF1%2FSI0C1VEN%2FlZeGLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae615e959116-FRA
expires
Sat, 25 Nov 2023 03:49:17 GMT
r62eglto.js
ad4m.at/ Frame 0D88
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jsapthdvnzdx2cgpyf7fg67r5692g5txd454vpz3akartvfy4hqepgrbwkmsykj7qkmpmtan3g60j2xkqn2h3zyamm64av2qp6kvdgd29c0wwyjg22cdq1pnxr14zzx4thwazpmyga7mmnyq09ps2mdx9c46jmmz5p2mr7zmhmbwyngas80dj0y29hme996x214z64drp2h6svck8bqp3k5k435hg3gek7g5b4wycbxc5se8fksxgfdvh2jc40fydtr8yet3mr16b2j7e5ddwxw41xvt24dzwghgawfx6k27zdkzv62bf7052hbbzzvbb64g8c72pm4271hkdee0nmkpm4bazr4dpdzppc5vqsqvf3rcm65pw7dxd0wp5ym0449t3mt3q4yk2efg9k4ph46cchpqes1gbcytgqg7kpw2vkqyzqrc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335279
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SXoqnH130I1rUgj0tYp8vF5gtyk05e15nhfhEibCeiP68%2FEGfcbzfVioetNOvZh%2Bi3DF2i%2FVtolvh5KQXm2ryuRFG5JM09hHLJ%2BN4pz41GVq06GKu2ql5oF%2BCHUm5upG%2BJsMDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae616e989116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
truncated
/ Frame 6C37
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bde8f8252479c69c24c224e6022c596941e5ba3a4b94f5d7d508d4f872a82b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame E5A9
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmQW_J9y8sLnJRe4TeZldH-sOJN7sAo7LibAU4quPVJQ-R5MmIQURnTCGrp7ScGER5tkHfgvSsdUwGbIa9NXXPc2--RxojJxxw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E5A9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akphRlRCY20xUjZuYlQ1&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cver=1&google_push=AXcoOmSPDaRAOcQfauW0bphhjodf2FfGIeQUc5tBiJr2Szt...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akphRlRCY20xUjZuYlQ1&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cver=1&google_push=AXcoOmSPDaRAOcQfauW0bphhjodf2FfGIeQUc5tBiJr2SztrqcOT82I7x9uByy0MqogP_gDoqof6Di2f9H7CjZ60eQ-ta-l_Kr0TFA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:17 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=akphRlRCY20xUjZuYlQ1&google_gid=CAESECSxd3Hk0yNfFo57FPbi1Q8&google_cver=1&google_push=AXcoOmSPDaRAOcQfauW0bphhjodf2FfGIeQUc5tBiJr2SztrqcOT82I7x9uByy0MqogP_gDoqof6Di2f9H7CjZ60eQ-ta-l_Kr0TFA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame E5A9
43 B
576 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmTUQhk3dO2gcCXMrEMachuEfYithhWrqTvN9LqLo9U3E2wPRFdqkpa0xnvcQ3FLiJBrzgxn1q7BDJxgPp8vo3cEqwtbbA6-8Q&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTUQhk3dO2gcCXMrEMachuEfYithhWrqTvN9LqLo9U3E2wPRFdqkpa0xnvcQ3FLiJBrzgxn1q7BDJxgPp8vo3cEqwtbbA6-8Q%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae625ac518cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame E5A9
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmQ-zEnM3E7iBhYVzNXvdqSyM6uY00azmo8oa9ICRgnhTG60ktPqlDk6I6Cw8Rgkp4yJfeiYBl399eimdpOT9Ov3-VHGVS6UhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E5A9
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBvHYhN7lVIIQuYXhN6Okkc&google_cver=1&google_push=AXcoOmQ5Luj7hq-fRB_QZR6gm25KeGDh70541XG8h2UGfF53-rcRnKHUmxcJZlJv6vUMpABOOUko-FeGnwXST3sQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmQ5Luj7hq-fRB_QZR6gm25KeGDh70541XG8h2UGfF53-rcRnKHUmxcJZlJv6vUMpABOOUko-FeGnwXST3sQtUHO6B9bEwPoCA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmQ5Luj7hq-fRB_QZR6gm25KeGDh70541XG8h2UGfF53-rcRnKHUmxcJZlJv6vUMpABOOUko-FeGnwXST3sQtUHO6B9bEwPoCA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:17 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=XAL1NqvXR5-9L89RiEBITw&google_push=AXcoOmQ5Luj7hq-fRB_QZR6gm25KeGDh70541XG8h2UGfF53-rcRnKHUmxcJZlJv6vUMpABOOUko-FeGnwXST3sQtUHO6B9bEwPoCA
x-host
tde-deliveryengine-production-bb588bf9-rwjq5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame E5A9
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmQLy9Ljq0jkjdPMNnL6rargH35-LBzzr_HqST9KqJwqJdm_iKGzaGUhunVXfl3pafK4FDsQvyI--pGxhweceJ7JrnSg8HK6DQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame E5A9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmQ3YEW90zp0z4dW4gw1NhynUDwbilZSzXu7qfDPviguGTcc0_eLox20rdeVFQ86nJH_QE0ny8j4...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQ3YEW90zp0z4dW4gw1NhynUDwbilZSzXu7qfDPviguGTcc0_eLox20rdeVFQ86nJH_QE0ny8...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQ3YEW90zp0z4dW4gw1NhynUDwbilZSzXu7qfDPviguGTcc0_eLox20rdeVFQ86nJH_QE0ny8j45rDrqjssSjH0Ji_PL5s_Rg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmQ3YEW90zp0z4dW4gw1NhynUDwbilZSzXu7qfDPviguGTcc0_eLox20rdeVFQ86nJH_QE0ny8j45rDrqjssSjH0Ji_PL5s_Rg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame E5A9
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFORcV0rRg42kc8nOsI8XgtDzKhhFQA0IvTY_44qUu1mlpDB829IH-ggCAnS97l6x7dBY5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 27B8
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNHzXPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEywFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLm350-I8KlZ8kPLQRQhxxg9XP05B7PH_FjJsXsMYgXU9sPUCkS84YAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MDkyOTEyMTc2NTc0NTIYAA&sigh=OCHqIRNiGhw&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNuKi_nxQX3yrUycEdx4biuq9riUtTr-pPFx_VTsSM--e3leviLOWJSWp2datn2hPa7TOrgPOMGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 27B8
0
11 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gv5x6tqj9v5b5ge3y24bv4j2p3jbjng1kpctdn0vh0p3p7z1a47j1krpev57dss8qptfk0aeq8xmbv0n3zp37jpzc7qbr3cnvhfz0f5tqekqyhc0vyfzm41dk8aemt9zce00gwtqf7y8fx0mhc75v6m3sx1stg5mv2mn4vnhxgfgck1aqxpvk1zbx13d5agy4gwntteafp1ys91shrm2q512pew7evzt53vp8fmj80ceac7tp6hbphb2qxstr47qq5gjazwqd3g89rez5abhpbzp26jzdyj5z3s5mdn7yetyhrnnz6natzh4c155d3r0515nngva2s6mpsam0vqvvhtgcgcpb9472ct6gvvw00xavcwpdjh0rqp09kdtytg4bkg2zjhmr&b=ZWAdPAAPGCAA-QQwAAxSnpxiCLsffyhqDEf7Sw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1416716225&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755255&bpp=23&bdt=743&idt=239&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.syhhi48puvdp&fsb=1&dtd=244
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4R68YF3NQ8&gtm=45je3b81v880762829&_p=1700797751253&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893264436.1700797752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEII&sid=1700797752&sct=1&seg=0&dl=https%3A%2F%2Fhoroscope.marumura.com%2F&dt=Marumura%20Horoscope&_s=2&tfd=9977
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://horoscope.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://horoscope.marumura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0D88
350 B
880 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315005
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmnViXfEWzsK6PNdRWnw%2BfUX%2BeWj7ECmkMdacj4LOU7YgDLtiyB0Wi7fTxz0wqrbuT9dh8yRUZZ1F25QxjhUrb4rRrAQELbA7%2FOrQeOfOYqxtLeTNkHTCmx7Z7XJG8%2BDqnqkYrA8jTXPkO35ULh3RuLT"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae629f639072-FRA
expires
Tue, 19 Nov 2024 11:23:05 GMT
frame.html
ad4m.at/ Frame BD7E
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774320
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae62af1c9116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NL33Cfm8O%2BUreRtXysuwKce2TrrpFkmaVYl501yY1YA%2BmWaNazMmzvWeDztdwNUkEjb%2FGeU7xiiPhFPYmlE8YoaW%2FG0vsqka8A5XvzIdeTJPFyw5GDDBT1%2BZ2sJ7u6bzx%2FYCaU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
rs
ad4m.at/ Frame C7E2
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369f334a9aa55fb45d92555727544bed4924211689a66e39be993b53744d8e68

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cy7AV6dMM%2FtD8Ah4sf%2Brc3EzyDya%2B0wox1emw0kA9UWHxTkplaGw7PDYvdMVlZcqfim8jt97s5jO9%2B0170jWPYlwZGDXxdXxYsdFh%2Bje0eENCQ78pXusJyeyBn%2BDF1cZAOSvcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae62dc6f9219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae62ac589219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TUPrVVposKfE%2FvC1Hp02baXHTraF7JSPN0qf2CYGbjm%2Ff6MVMDW6DALQzw0da2nk%2FQPdJVRsc0p5uInojVxwUFJ8YgV%2FsAYxFg51H5ZjKu7jUEEO1dRjwShXF7MdC5ymrZMnII%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kjgm
adview
googleads.g.doubleclick.net/pagead/ Frame 6C37
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CHHK3PR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTLAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmW2Kei3L671TNZhfEPB54umn830qMSWRUefnm1ls3ZfBeBnKucdogAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=5GD4NvHgQd8&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN0UbvcISvxderWI_3LfwZkM-Qs02M85YNGbiOXaVoIDaZPzYLoCqvAocQPPqZqMMXJsKXAnkUGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 6C37
0
11 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j76nb0e0w9dh4nf3qct2szbwdc0km36z6bd7jk5ytjf8y4k1rjw9nn9yvgryg45tfjrh61psgqzw1qrtbp002g5h3qspq89cbch0d30gbnbjxpmbj0mmpnrg1rg5pjkby7vszd9bxwnza6ghr354nmm5xj831cnm4ywpcfs1a8bt6ddc0k5b574n1wydat1cvdsw2m3y7shd893avbkb1fa8kjezecxkffmx4jeb44vwh17hb7dfd96314g4cxycnywn2jn4az94tqkm2pknfv39n044ngrpv5avc986gryj2e3sapt6bqpassy9kebjd3q573w78a7ewfxxkx4hv4hxq89rwrph57z2f2c5wwcx5dmb87dram0brav8jcv0cg7pa2zx4&b=ZWAdPQAAmPsK7IsCAA6fiBp4sg--q26-RiYYBw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3473338355&pi=t.ma~as.4574689270&w=300&lmt=1700797755&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797755284&bpp=2&bdt=772&idt=221&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C300x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797755&ga_hid=1074123748&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=528&ifk=4130856658&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C31079606%2C44795921%2C44809316%2C31078301%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3959149614437505&tmod=855449790&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.m98rvswi7ipi&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:17 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rar
as.ad4m.at/ad/ Frame F7D6
9 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d034d4f3e5584e7d06a7b6b24e3655a46254d4ca7de5829b9767889c97fd845f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g0yjq0qzsgzap4amqkn6kzszhpf8fhwgbg25bdszgqg4r1cv3c7bav0gfw0mkahhpna2fqcxtj2nf183syb06emxjzzkyajqsadqe5mkckvk6re58w841k7n6g1z4gjw3230wm9p8gq2m2sc839vqqfemhpr0grtvzxna35cfqr34x1hbwtnrpyrbeqv1kqwb1edvrzqm90rv2vdh8y63bj2c73rt6pkefhpathp8brb9nnbqfmqzwmr79shjb28s6ft5aqt0rydbdjcdgrchww0h6rzx7qg9k9nqebkfra6hx9q48tpvbzp33gj0vmpf38hvdkxp5djfn2eby565f9f628faaqn12nk4z5d2r7gxsv4f07vd07djkp8n3yfkpzx8r1b1frk1c09032ty0t3qrn1g1db1kyahj3w8xyyfrdv1ye8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae633fc89116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 38CD
101 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9776bac73ebc8b0da31ca195eadbcde7224c06c50e0c87b6ef131209a44c3d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31557
x-xss-protection
0
server
cafe
etag
913 / 19685 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:18 GMT
prebid_2023_8_15_7_52_11.js
anymind360.com/js/6621/ Frame 38CD
301 KB
95 KB
Script
General
Full URL
https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70f5afae2896e4f0428eaaa8b95691bef9b84851a34de854b12f5205a123f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 04 Oct 2023 16:08:53 GMT
date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
2674734
x-guploader-uploadid
ADPycdt4JmOgxg6p11J3aZJO15MoE2tZp5cDSmikpRQzLfU6iueAizdZ4lzZjQzwrzsd-PKLo94
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
96646
x-served-by
cache-tyo11959-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797758.058023,VS0,VE0
etag
"7c3d582f641391d2eafe31b502454859"
vary
Accept-Encoding
x-goog-generation
1692085963456049
x-goog-hash
crc32c=K30Atg==, md5=fD1YL2QTkdLq/jG1AkVIWQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
96646
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
2, 3
ico_travel.png
travel.marumura.com/wp-content/themes/authentic/images/ Frame 38CD
11 KB
11 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/images/ico_travel.png
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f8534d93da83a0fbbb300cbc00cca18d6a3f08925c51a073ba90bc48542147a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 03 Oct 2022 04:44:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
icons.ttf
travel.marumura.com/wp-content/themes/authentic/css/fonts/ Frame 38CD
15 KB
9 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/themes/authentic/css/fonts/icons.ttf
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 31 Aug 2022 19:19:32 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-ttf
nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
travel.marumura.com/wp-content/fonts/kanit/ Frame 38CD
13 KB
14 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7470a14b8058cb8e35ae75127e935c4036071fb9aa0422351830c9bec6b2764d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 26 Jul 2023 22:06:40 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKS-Go6G5tXcraQI6miZaNhN3BxEu8.woff
travel.marumura.com/wp-content/fonts/kanit/ Frame 38CD
15 KB
15 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/kanit/nKKS-Go6G5tXcraQI6miZaNhN3BxEu8.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
83d85ef3715d5271cd60166250e25c6a134657f70c3b99076d842e0cc0eb68dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 26 Jul 2023 22:06:39 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff
travel.marumura.com/wp-content/fonts/montserrat/ Frame 38CD
19 KB
19 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXx-p7K4GLs.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
61c04ed094f6de63be6b153423608ed266e23ea935ba3d7f829f07244d29b3f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 20 Sep 2023 22:11:45 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
travel.marumura.com/wp-content/fonts/sarabun/ Frame 38CD
12 KB
12 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4fb031caa17064d63bad6a66b503a2af1e73a3266b226056302f2447070d79e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 30 Aug 2023 22:10:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
travel.marumura.com/wp-content/fonts/roboto-condensed/ Frame 38CD
19 KB
20 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d448991d15499edecfb0ad39bf668320897c3dba15c73aa6e13fbe6356569183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 25 Oct 2023 22:13:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
travel.marumura.com/wp-content/fonts/sarabun/ Frame 38CD
15 KB
15 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
899651971d6c75117d28df0030f881b94f93c8b0540364cc3d569cd3c8195010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 30 Aug 2023 22:10:52 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr5mOBWzVadrNlJzIu4.woff
travel.marumura.com/wp-content/fonts/kanit/ Frame 38CD
8 KB
9 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWzVadrNlJzIu4.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
45d61531fa79a09724615074961c66c4060d8fe4606cadd771b9b1a71a7cb7ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 26 Jul 2023 22:06:40 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aBVJmXYO5gg.woff
travel.marumura.com/wp-content/fonts/sarabun/ Frame 38CD
14 KB
15 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aBVJmXYO5gg.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f99faedbb1ca9dbf0c9261bc88c42afdcab10f792bd42873638d67f4930aada9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 30 Aug 2023 22:10:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame F7D6
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774320
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOiewdD2iWRB2xq%2BrspGP6uwVbDWgfp%2Fqv%2Fiu5XpMqWHaK1BjOGDs%2FAlBWW7okqIkvlgBr%2Fqf3OE6a%2FryrdGA%2FGEVEQcQK%2BOjwhRT29xQ8BvoiLVqWTSv66DDyd1Riabzn6jbUO3pH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae6408269116-FRA
expires
Sat, 25 Nov 2023 03:49:18 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame F7D6
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190954
cf-polished
qual=85, origFmt=jpeg, origSize=12951
alt-svc
h3=":443"; ma=86400
content-length
7758
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Oct 2023 22:22:01 GMT
server
cloudflare
etag
"12e3523b35b31c7ddfe7c77dcdb14a34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zAtObKbVzTwA7vMBaaq3foBen65ovNn96lYr0z4BsOxFTwl4tlzewDW2PyRBQAmDYgKpxL58X7rIbXQwHVPKlfqqcjHQDFzKwHKn3U%2BUVJXN9hpnX9xE3aEfqR85AdO%2BLAHPUTLykA%2B8oMU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6408279116-FRA
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame F7D6
20 KB
21 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197563
cf-polished
qual=85, origFmt=jpeg, origSize=23329
alt-svc
h3=":443"; ma=86400
content-length
20802
cf-bgj
imgq:85,h2pri
last-modified
Tue, 31 Oct 2023 16:54:32 GMT
server
cloudflare
etag
"e320c43993ae8577c544483e96756c59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATaE5gcJYN%2FxeeD7ys1y54edT%2Fwu3BKATS6Bjo%2FA0unLglswGDNJAopObqUkHXLl4Kouw2jrwuf0bfYf%2Bh8aGao6%2BF7DtxeTLU0zC%2Bdbd9cdxg7pykVGo6b71XeaJz9TdRU6ZXNAdyMri4yh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6408289116-FRA
/
partner.o2online.de/a/ Frame F7D6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CKWP1bHd24IDFSn0EQgdawcN6g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...
49 B
1 KB
Image
General
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 03:49:18 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date
Fri, 24 Nov 2023 03:49:18 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame F7D6
4 KB
5 KB
Image
General
Full URL
https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
192530
cf-polished
qual=85, origFmt=jpeg, origSize=7258
alt-svc
h3=":443"; ma=86400
content-length
4294
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 09:56:16 GMT
server
cloudflare
etag
"679602b08629bcaaabfcfad4e68fe53a"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lzbw%2BLCtW%2FKuPvJa0Kl3uAVSaA5lwHidecvxC75zMv99qKkYCHJrEC1dcFpBpndi5BpvA3m08mTPY3rjFZbNOyV9Ll8Mnf9fSUpDBnEqvONnA%2BYPwf21sHsVZ7RngaP7neog35XH4tKGopcV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6438459116-FRA
287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame F7D6
15 KB
16 KB
Image
General
Full URL
https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
955778
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
15521
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:09:52 GMT
server
cloudflare
etag
"269bd58060bc660c3aec98b388bae571"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QzH2D21GpnzDk%2BAOoDz9jXU4A0lHKjfP4v8ybU6EvVFeucEcIqbRLI0cZ9uxmz%2BsFb51CdES3ovm%2Bg%2F7jmhNeR2joTgnWesjrHT400q3EmYEpps5y2oXzFgkcvK4%2BzFAuOdVWNfI%2F8UaI004"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6438469116-FRA
cshow.php
www.awin1.com/ Frame F7D6
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:18 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame F7D6
2 KB
2 KB
Image
General
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
201378
cf-polished
origFmt=png, origSize=2170
alt-svc
h3=":443"; ma=86400
content-length
1662
cf-bgj
imgq:85,h2pri
last-modified
Mon, 13 Nov 2023 08:38:25 GMT
server
cloudflare
etag
"4721aa7c2d5fa652c8092463f9a485bd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsqxuHRVLYFCD1VUHNniE%2FzWzWz9kjymW7JgfzOENpFThX%2B%2BoOQn9JswBg25Zn7r2obE1JFtzVPnuI%2BYZ1N6ZRAXSgD1IVvkc4Y9Bd6VYXddBuzpfFEDpGEQt7QvRIvcjJpAt3mGzFQnofwr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6438479116-FRA
B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
assets.ad4m.at/ Frame F7D6
23 KB
23 KB
Image
General
Full URL
https://assets.ad4m.at/B4A4D4AE24A1FC5067FA06DB00E21DA5A143F663CF3153C1D2812B519806D793E1E07140C733352966C6C7C037FF39882FAEB141999BF28A93837E2C21DB35B1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
942300
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
23392
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:08:23 GMT
server
cloudflare
etag
"faa9f958d13ef03f911b71f117846705"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKvdPoxwwNA3pPbQGguYf07nAhEeAGvlQQ7AMqvbBSRiwU3qOpyCRTm3F10DZXlNkS1qol4WAt5abKaT641h8R2SRGB7WnNltLBxdhiIUVmANHwDcQjJGrKhs0JqUdN%2FzsKuDfzCMkdtSo7s"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6438489116-FRA
cshow.php
www.awin1.com/ Frame F7D6
43 B
702 B
Image
General
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C19769%2C117569&b=YX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C2xqt6fRQfDrbSVHWHkt8txZPcWT7TEYcg%2CApEhYf9mueRQdhAHRH4tkt3D6c7T4T1Ec9&f=qDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C4BxHEf1Ks2P6fGH9HdtzCmwPFZTpTjRHK%2CMYrCzfjQsGkwrSWHEHGtQCDkPF9T4T2gu3&c=300&d=250&e=&g=29ccf4a0feb1f4392bda21679e23b84d%2F9476268144414375175&i=20774%2C21630%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797757917&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfxz5jrdy77q30z86f6dv0rm137q2bs71nzmm7cmy6eb4yvdegmft22ezvet24df0p8hh4nnadsb4qfg7zxxeq6trb04dvs8k578bkdkaffapfmxe1nwvggn708fk5cab0c2nhdgvfpq7yktkm7sdq2zv23ce044zkzrhjse6g0yqjsatrmajhp2fcrj9ydpbqjpvywb7b9f3neqm67v6h90y3p9wx9t1f2ym7etba13mhvwx4byj7za424km4j547vyrjjctpz0vsqnzgg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCUnfiPB1gZaCwPLCI5LcPnqWx4AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzgFP0CwYM8VfTGMCa1sOxqx8W_VzANxAyiEPgaJQaPsEKfT4XcT0pU2f5m0oVWOflGrxtphhqYm2LeMPak_km009rA8vsLDo9-FAx-hGJ0S27yF0YD6lT7Y092525vx2Exb1wicyJjG1FkaiAXxYVgZ9lDK95qoEqnYRZye5RNViO4Nqf7j0AT4bte4cnCAMIf0QN8xISIIAWEf0z3F9ql8EEyc4sLn15W4aJ1DesotMCYL7jorPZekzqrnp5IVJczKempHK2tsB1tv8KR9RtYAGrbT_mKTjpM8ioAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3N6GTzsV5cacPOShnAS59pGGUprw%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-205-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 24 Nov 2023 03:49:18 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
/
www.marumura.com/ Frame 11BA
295 KB
26 KB
Document
General
Full URL
https://www.marumura.com/
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be2ffa28912e8c4640e66d61a3b6436971dd4873cd25764939de24cef5cf5118

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.marumura.com/wp-json/>; rel="https://api.w.org/", <https://www.marumura.com/wp-json/wp/v2/pages/763>; rel="alternate"; type="application/json", <https://www.marumura.com/>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
powerkit-icons.woff
travel.marumura.com/wp-content/plugins/powerkit/assets/fonts/ Frame 38CD
26 KB
17 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
84bcb397ee8fb28950639b02674337575578302143c9d6f1bfc6c6fb2584c4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 13 Sep 2023 06:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
sdk.js
connect.facebook.net/en_US/ Frame 38CD
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ab2c8d9c0c46308aa10c728c149c59e7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae87f41773c5bbe6c60bd0450288e260f1a41918b458f0cd808b4534ad852df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:18 GMT
content-md5
J4OdNz2fkvFxXNShu8ds2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88329
reporting-endpoints
x-fb-debug
xa3so93hkPXc4A3QDLFIRc7/nrHPT76mxXNk9yysLX50/eMt3sFZiq/5CO6OTu4sHwmLbWldzSUZGzvUyYtYWA==
x-fb-content-md5
175299b5af26fd20765aaa79d5ccdeff
cross-origin-opener-policy
same-origin-allow-popups
etag
"a40153204555e07e227d4ff5b7d8434d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Nov 2024 03:15:10 GMT
rs
ad4m.at/ Frame 0D88
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85e27adc76b1029df5bab64b340bd9e33ae46e652651dbdb36695b48225ded0

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXcXOc%2FUAHhQTTPGwdldP6LUfUZvN3GoP%2BQ06wPWMPT5oKwGhZa4ibX%2BPeeESRtq5cq0R1oB4PU9ghcOKNGG6kveY1HDmW2bFDtv7qIzg4ZYXZTMV9z%2BCJgXAeHbBBuOIe8TWUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae648d6e9219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae643d499219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZGZMOb8irxdFO0JrZhhIvFvI5ObZzM%2FQsuce4ZPS1ImXj4LCGSioRJR7g1wwf5BkBgbFC7s10u3WxjNMQS8cHTtFNlkycZ4zePBsx5JySyhLlvdvpQVl4G8nG2fnRyVfwiv1gQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kjgm
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 38CD
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://travel.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42510
x-jsd-version
1.0.1882
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63a-NecRQpEq1uzv2Kl3Q8ftGEfSD4M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZVxYLOOTza12DNaVwuxYdYF5g2%2B3qHzS2JOaUWUFUz%2BLELZ%2Bn%2Fwzq3jI5cJXYIkXy1bSDKZ2qFhh4YffP1AJIT44Cns7ntdmjnSYOiVZfdRPFMDA67lF%2FH7obpsus%2FQ2pLxdoAAdmdRtF%2FztiM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aeae643ae41cc7-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 38CD
429 KB
134 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
15323
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 23:33:55 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 38CD
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=travel.marumura.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c341d4c068bf0ae703c52f1777765531bbb409249732b7ddb9052081b8564853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138525
x-xss-protection
0
server
cafe
etag
7325052372141701354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:18 GMT
rar
as.ad4m.at/ad/ Frame BCFE
10 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab81047f9499bc3d4426c980967c5356f6340e39bce3f9d56e639308285fe15
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jsapthdvnzdx2cgpyf7fg67r5692g5txd454vpz3akartvfy4hqepgrbwkmsykj7qkmpmtan3g60j2xkqn2h3zyamm64av2qp6kvdgd29c0wwyjg22cdq1pnxr14zzx4thwazpmyga7mmnyq09ps2mdx9c46jmmz5p2mr7zmhmbwyngas80dj0y29hme996x214z64drp2h6svck8bqp3k5k435hg3gek7g5b4wycbxc5se8fksxgfdvh2jc40fydtr8yet3mr16b2j7e5ddwxw41xvt24dzwghgawfx6k27zdkzv62bf7052hbbzzvbb64g8c72pm4271hkdee0nmkpm4bazr4dpdzppc5vqsqvf3rcm65pw7dxd0wp5ym0449t3mt3q4yk2efg9k4ph46cchpqes1gbcytgqg7kpw2vkqyzqrc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae6538cf9116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:18 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ Frame 38CD
261 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
288c972ea50b63705a6b34a68f5ecf47741cbff939d5e10e728071c107d18e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90228
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:18 GMT
analytics.js
www.google-analytics.com/ Frame 38CD
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7180
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 03:49:38 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BCFE
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774320
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1VZEB%2BTl9G7bl8ifPk20%2F8PLMIq%2Bjn1hB9Ba9QD5LuaF0RnK0Dm3H%2B40YsPfSYXYgF0t%2BQtbWer3lyHM6uOTIDpQmEMyYQKVvmBvb3D9xSq0scGDTX%2F62c%2FMVEBJZZhpI7UrvCTazA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae6588e99116-FRA
expires
Sat, 25 Nov 2023 03:49:18 GMT
E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame BCFE
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1217914
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhRK0ofbCOYQoOzKNZTAqOfia3arh7JN%2F6XhRk63%2FUjfH8TZzyY7xxNamrNCdwOM9lFMBBHq1p3R%2Bih9XzGmgllE6AkoVy9l8Y8tmmepAqIK7pCLLI9gqiHRErr7ZBoRjmwtFruajAbov%2Fyu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6588ea9116-FRA
7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
assets.ad4m.at/product_image/ Frame BCFE
21 KB
21 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/7959CC8A5841863E2029D11337BD9743816B11539BB7B5FE82C05DA418BFFEA9B2B39CC1367019AB169ACFDD5A75E84454CFD285683B9548532D984CEBD8DAF8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280299
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
21332
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:58 GMT
server
cloudflare
etag
"50190e2f2596fbaf0b3827698ee24008"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6esN9IuQp696PePWKfwYx23YXUHFCmdN8pEqM4bYtddrmUU4oIJKIU%2FvO8fPI57Cd%2FtAQRJGxz211yQpyN26aEH9C0%2BHQ7XjMBm3dkEAv7xUs1gmKUhwiD2errOh3rKWAidAkT0hAQFgULqu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6588eb9116-FRA
view.aspx
pb.media01.eu/ Frame BCFE
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b72660fe7fe4b2634f?t=htlp&subid=oneidMYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidMYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3oneid__suite_Netmix_Reach13_BlackFridayPush&actionid=920184&...
0
182 B
Image
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidMYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3oneid__suite_Netmix_Reach13_BlackFridayPush&actionid=920184&produktid=girodirekt&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:17 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 24 Nov 2023 04:49:17 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
40027
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200573720104378","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B9D59B99:E6A8_91EFC182:01BB_65601D3E_740A4FC:1E879
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidMYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3oneid__suite_Netmix_Reach13_BlackFridayPush&actionid=920184&produktid=girodirekt&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame BCFE
7 KB
7 KB
Image
General
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190922
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vWlwvOCrRZuM6qIHYlNqDMAphVG3Q1JE4UqzAYUTPnAaR22Xys6VNtu5MnI9SKrflZuDThRsnmWFC6v5HfCuzZyhB14h%2Fgajpgw7WL9L9AaWc0TYybH7krzVaxvMrwJznV8nE0SyxB6kWEy"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6588ec9116-FRA
E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame BCFE
31 KB
32 KB
Image
General
Full URL
https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72032
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31793
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 07:48:34 GMT
server
cloudflare
etag
"ac24017e395215a412b39d1cdc9c2ad5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMqaNtY%2BkAmn9XPVJXaAY7b24RQOOT2bFolMs2GK9zP8PugtOoOXpc7b2wi4AGnVob2r0YltUMVQbq7EZA5CEkymcSlS4HaxVJnPLxWlZTT%2Bx4E6BjD37TfzZ9KwWJKCIye6BKRiJnF%2FkGTJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6588ed9116-FRA
ztpv.php
www.conrad.de/ Frame BCFE
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1700797758_71b88540-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
0
198 B
Image
General
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1700797758_71b88540-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
82aeae66086437e3-FRA
content-length
0
expires
-1

Redirect headers

Date
Fri, 24 Nov 2023 03:49:18 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1700797758_71b88540-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame BCFE
10 KB
10 KB
Image
General
Full URL
https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190923
cf-polished
origFmt=png, origSize=10653
alt-svc
h3=":443"; ma=86400
content-length
9924
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 11:11:38 GMT
server
cloudflare
etag
"ca1cf24fc82b7541b262f0d4b15a8100"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdXKur37UkD1C0duhdmumbrjvHM0AY1uWebrzYQBAWwM%2BYEExWDAi1vYeZveBVPMy2JjtwcNEsTTPbmSNMWAfqirgfSy2mGYyTlaMP55L%2FRwjhm8QzRR0JSrdxdX%2BtwDXFh2XdBI3L1z%2Fwg5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6588ee9116-FRA
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame BCFE
28 KB
28 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
782964
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
28452
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:10:32 GMT
server
cloudflare
etag
"ad60aab65075d58e4390c75c7ea7b04e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U74Z9W3Ue0lYq54ERei49Zmw9I%2FCD2oAj2B4s7ZQ4Zdg9SqgV3iE9XBsNA5LcMZWQ95KUePiEdtg9TeLJ%2BbMSRxtyVHXXxj%2Fy8xr3aEyOZlYL30CBWx0Gjkv0gPsGF00TwQrRvqRCGrEnk4g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6588ef9116-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame 0C60
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=2662586040&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758186&bpp=5&bdt=1038&idt=143&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=7015020409522&frm=8&ife=1&pv=2&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.13ypc9ftg126&fsb=1&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=travel.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ADFB
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=travel.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9e5858ee8176b876f4b50a46fef01341ff02b2f7f3dcecdffe16eb1493480fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 069C
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=travel.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2272a05fe281ba72a9903c24ee9d62d78ca4b555e715a23bc18c04008446c79e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16034
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
link.html
track.webgains.com/ Frame BCFE
0
0
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15573%2C537178%2C183975&b=MYrCzfjQs1b7aWHEHGtDtp7Bc9T4T2gu3%2C9M1SMfKMtYQwJTKHBH2t7trDKCwTmTxVcd%2Cj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9&f=6wBaefKYt6Y3aeHmHYtECm78u2T1TG7U7%2C1YRCbf7QTYmRZT9HdH9tpC239sRTKTXEhA%2CxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA&c=300&d=250&e=&g=8a814d16a2962f59e392f2b2bc3835dd%2F18420230378306400487&i=26474%2C21596%2C20597&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1700797758178&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hs7ysj8n1v2p0gwmbheecpwvktv7jx3cx5nybcwqamcnqxrsweq0fwbzyzxczbxahh62wybp84d7hjf770fvm9rs3k8z31an2c73400d8ywc2t9fyx65ej7c71nwbf8zkx3vf1yfqzq3ect4gtqfppjjkqbws8xqsmfmhzqtpwx340n099starz6qn4c0y500xn8fm2qgfcfm9mzzvarj9ghs8mr2bmvg9gmjyzfwdsfr2f3g8hd3pa6fk9rg0tk18c5gpw9wkyvbj5wycg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC9sCGPR1gZfuxAoKWsgeIv7qYApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_QhdqZkMLETqiWAw6dYkPlHmIL4BoOYPAoVMNq_Nf7XX6nKa4z53LZ3KR1df_2og_hhbeTU7dYJpJkkmYERvjU_1fYaonEuOUT6NGxtkTgpcoBGiRPm79uB6pN65i3rw4tuDJlIlhu1H8dmjIrw6Zascz1H_sN8zyVVTaMb76fskBB8ZU_Q2ZpL56LGcvDFA82gvSl8tkEg64n1tgGP_IjNSfBmS-IW78cEjoT_R8XhiowcBue53eHOwuJjGcl0suUSYntYMwWJoegjisygAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3EoLbvULEm4GvmHTBgOrtvHFK25g%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.130.85.236 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-85-236.eu-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
server
awselb/2.0
content-length
45
content-type
text/html
ads
googleads.g.doubleclick.net/pagead/ Frame 16CA
48 KB
19 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=travel.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3299348e8fd1d1ceb361ed0c56076412041c42328c82173c45e330c27c4b7a8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
19294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:18 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/ Frame 38CD
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1181455639&t=pageview&_s=1&dl=https%3A%2F%2Ftravel.marumura.com%2F&dr=https%3A%2F%2Fwww.marumura.com%2F&ul=en-us&de=UTF-8&dt=Marumura%20Travel%20%3A%20%E0%B8%A7%E0%B8%B2%E0%B8%87%E0%B9%81%E0%B8%9C%E0%B8%99%E0%B9%80%E0%B8%97%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7%E0%B8%8D%E0%B8%B5%E0%B9%88%E0%B8%9B%E0%B8%B8%E0%B9%88%E0%B8%99%E0%B8%94%E0%B9%89%E0%B8%A7%E0%B8%A2%E0%B8%95%E0%B8%B1%E0%B8%A7%E0%B9%80%E0%B8%AD%E0%B8%87%20%3A&sd=24-bit&sr=1600x1200&vp=260x528&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1893264436.1700797752&tid=UA-126552441-1&_gid=2113727439.1700797752&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=454521045
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 16:54:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39303
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
powerkit.css
www.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame 11BA
25 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
www.marumura.com/wp-includes/css/dist/block-library/ Frame 11BA
93 KB
11 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
posts-sidebar.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
4 KB
862 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
527086ffd8aa5bdb2b00dd5be1b15e7d0d282ec26955944b49fe40dc21a7c274
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
twitter-slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
1006 B
378 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7e5fab99472dc83e9e5bcd23c18083cb02c196b5a9724b4a78d8e44b6ec40e2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
4 KB
711 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d0fd465e6448ac9eac534b1e2b4a3db8452a384b95b1f2c8133a07ee3754976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
horizontal-tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
4 KB
713 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1667635447
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e9eb0dfb3e114bd11eaa4cbe8a05836cee318b60cca12c94c3b0d3f5f2bfd8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
full.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
4 KB
735 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1667635446
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
77e62403c5cf03c97081a20ccba81971391e554663c76f39b323a2e6045958c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:06 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b396a226099848f402ef5695b662acc20430fddd59d405586e1afb3b8d95c0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
carousel.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
3 KB
561 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cbf736f12d658470e6926d309bc0b77d6f2d48f3412f7659aca07a96f5f90897
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wide.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
20 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4ace7cb9bf8a3cd67c5d43ab6b1e29e5733b05fd71babbe32d9230d8d1e7b720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
narrow.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 11BA
9 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37be9771bb7032cccd856084f2489bdd36728c670ab8fec9b459615911cbb2de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
classic-themes.min.css
www.marumura.com/wp-includes/css/ Frame 11BA
217 B
320 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:29 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
styles.css
www.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame 11BA
3 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame 11BA
2 KB
684 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame 11BA
21 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame 11BA
1 KB
572 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame 11BA
9 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame 11BA
3 KB
843 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame 11BA
477 B
364 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame 11BA
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame 11BA
4 KB
910 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame 11BA
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame 11BA
3 KB
825 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 11BA
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 11BA
1 KB
642 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame 11BA
3 KB
814 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame 11BA
1 KB
512 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-share-buttons.css
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame 11BA
71 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a9c8c9a37641484b70c3f306d5bdbddec691a1c219ae95cb3dceac43b0560324
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-social-links.css
www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame 11BA
149 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3b274ccab22ae80e2b294f5c99ad5519b374e77c6298a1ba82949374fd778b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-table-of-contents.css
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame 11BA
3 KB
1014 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-twitter.css
www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame 11BA
3 KB
946 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fc418b8f556aca3aefbf6f6e0208c2bd88b8badda8828b27c366bbf91784c310
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-widget-about.css
www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame 11BA
1 KB
506 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
frontend.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame 11BA
101 KB
14 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
143ed41fe58e7d412f14a6ff4f8c0f38094ac683f3f8ace929bd0c4f3c54ede2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
flatpickr.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 11BA
14 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
select2.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 11BA
15 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wpcf7-redirect-frontend.min.css
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame 11BA
316 B
273 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
if-menu-site.css
www.marumura.com/wp-content/plugins/if-menu/assets/ Frame 11BA
929 B
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
last-modified
Wed, 19 Apr 2023 15:14:58 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic/ Frame 11BA
243 KB
29 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f520476b3c7e02702e80af9a07d6633860bca07fa529f68eb52cb4ef1260e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:53:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
subscribe-forms.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame 11BA
23 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
bdbf202cd096103d51142548fbc224c54daec112d86dc4fd4a1bd123dddc9927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
click-to-tweet.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame 11BA
3 KB
737 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/click-to-tweet.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dc15061d8c788e977befdf83b405f229f96556c3fb1c31e18958a66f20754f0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
essb-display-methods.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame 11BA
10 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-display-methods.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
dc39b26a60ca5c40eb1b737bc7811ff55431197a284ffbe690aff85c641ed600
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
social-profiles.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ Frame 11BA
32 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
easy-social-share-buttons.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame 11BA
71 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic-child/ Frame 11BA
15 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be3ba7e056677a03577a5228783d4c2d12a85bfd84c2f4c0db2a610ddcd7cd0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
legacy-features.css
www.marumura.com/wp-content/themes/authentic/css/ Frame 11BA
13 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5c6fadfb3fd62eca8b226de74d73b64e2235f1d7962b5440f136aa6cff0ac35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
jquery.min.js
www.marumura.com/wp-includes/js/jquery/ Frame 11BA
88 KB
30 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
www.marumura.com/wp-includes/js/jquery/ Frame 11BA
11 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.dyngroup.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame 11BA
2 KB
1022 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
534e0339d7dd364cde1afcf77eef6a88b4b9c6cfdd1b450c622f0ad1004a04ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.clicktracker.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame 11BA
365 B
394 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
flatpickr.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 11BA
49 KB
14 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
select2.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 11BA
69 KB
18 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 11BA
150 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd18f307f2ea7cf56820308e4f49804ce386477dc038b36d62a33a55ae44bf29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52725
x-xss-protection
0
server
cafe
etag
7605515979209373193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:18 GMT
js
www.googletagmanager.com/gtag/ Frame 11BA
132 KB
50 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d28d76d0a17f0452a261d11245ef69967a4e9fbba9b5766973e117009e2238b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51445
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:19 GMT
ats.js
anymind360.com/js/6621/ Frame 11BA
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51209
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797759.579478,VS0,VE0
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 5
atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame 11BA
0
12 B
Script
General
Full URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cloud-trace-context
003431ca27464fafa376b4410b90010b
cache-control
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
Google Frontend
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
application/javascript; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 11BA
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7d7f3ace5a02cd7c9116f7e3f168478029169df8c7f173848f875a109bab18b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52747
x-xss-protection
0
server
cafe
etag
8512796125841349872
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:19 GMT
logo_marumura_b2.png
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b2.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
689914cf34ba4bec16ba9c2c275d7b9c5fb5f2d82e68e8ae96807b525bff5297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_b.png
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
16 KB
16 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4a4916c174a4a973131449091d8ca84fed7b6460dab15352d24cf18a787e4cda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_w.png
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
13 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_w.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Kintetsu-Yunoyama-Onsen-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
24 KB
24 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5f4be103da5669c15790e1c4307e13ab2a95eee475d1e8d0111fcc91c77b28d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 00:51:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Jewerium-Enoshima-Aquarium-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
17 KB
17 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
11b27fb8be1f5de613fe7512317c2412afdcdb86b9ea19fa9b26781504b93b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Nov 2023 18:56:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Umekoji-Potel-Kyoto-_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4384361fa2e71faf7990051ab247fec44e3a7c7a0c8f81cc73269c867da0b207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 10 Nov 2023 13:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 11BA
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
79833636acca510b690d7e89aaf35a10c54a335085bf27adeeffb9edd5b0fc73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 27 Oct 2023 05:11:56 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Asuke-Toyota-City2_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 11BA
30 KB
30 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
57bb80202f72a1899e8eba944001bbbdf2c5b089730dad75b0f477ac2d57b790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Oct 2023 09:58:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 11BA
124 KB
0
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Oct 2023 13:04:10 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
AD_side_banner.jpg
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
88 KB
87 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/AD_side_banner.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1382c8a53f7b1507aa7097e398a8d966d9fbf892cf6d659b75d928c1a2b0838d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
wajapan.png
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
23 KB
23 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/wajapan.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c813626711a109d161fc3d9ca62ee2f06c4b513be96c9d32a2ebf505959cd741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
maichaiguru.png
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
56 KB
56 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/maichaiguru.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
96982b32c280ec6fcfbaee6e8640f8aeb2b726b8e44ff8763f0d5be4e1d7d01a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:18 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
sdk.js
connect.facebook.net/en_US/ Frame 11BA
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca63359f06714f8efe2191d9d3269b178dc27b13f342ba5b1693a159c2c1b0aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:19 GMT
content-md5
EjK0GqqEzn3bHt8o5CxB7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
x1/KtQHG5IToVngk6HMahzmsTgSJNjXa35r2keHJ4ZA/oITNGVY0FgoszKFrhFG2vzQZmmpxOBAlbuAgvaTFuw==
x-fb-content-md5
7ea1f12f750d7bc5de8d00e729689e9b
cross-origin-opener-policy
same-origin-allow-popups
etag
"c105a1184abe580d1e13e3daaaff6a34"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 24 Nov 2023 04:09:14 GMT
front-flex.min.css
www.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame 11BA
2 KB
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f0a79b76f29f3b28b2f8995f7bd635bc5fe214d434bf0deb43d91c2c36219b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:22 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame 11BA
10 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame 11BA
13 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-basic-elements.js
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame 11BA
1 KB
556 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.justifiedGallery.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 11BA
18 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-justified-gallery.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 11BA
2 KB
761 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
imagesloaded.min.js
www.marumura.com/wp-includes/js/ Frame 11BA
5 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
glightbox.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 11BA
55 KB
15 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-lightbox.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 11BA
4 KB
1 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-opt-in-forms.js
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame 11BA
1 KB
643 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
565637476a6f33a1187e3dc40aa6f65fda018dd1ed19f088490bdd2c2076b6d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-scroll-to-top.js
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame 11BA
507 B
417 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-share-buttons.js
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame 11BA
3 KB
975 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
flickity.pkgd.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame 11BA
53 KB
13 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
public-powerkit-table-of-contents.js
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame 11BA
3 KB
985 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6abe50ef3e60504ea153ca28d383b84b8b184428f316d1038feebd6282463d52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
frontend.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame 11BA
19 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wpcf7r-fe.js
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame 11BA
8 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
owl.carousel.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
43 KB
11 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
colcade.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
9 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
ofi.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
3 KB
1 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
15 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jarallax-video.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
17 KB
5 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
scripts.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
60 KB
12 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
327ad04216c88f3f35ac035e4451fa3a0bdaa3267784ad8ecb99ce5946051ad6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:35 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
sharing-bar.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame 11BA
2 KB
768 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/sharing-bar.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
30ec71893c027ac54602cb5eb38d30a97c39540f4a5384f6a175a4d49935118e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
pinterest-pro.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame 11BA
9 KB
3 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
599fc36cdbfa2e704431b32f80c0da4d9f1207860923856f9aaf94ec34485b1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
subscribe-forms.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame 11BA
10 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4dacabc4dabd01ad27708f6444f4e6353ad90a4c9426483bd4806f94a640db2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
essb-core.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ Frame 11BA
36 KB
9 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6c6be7331c3d44a11a2eeabf7bfa52816d79b6ddd7a4cbac40edd973d2e93c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
api.js
www.google.com/recaptcha/ Frame 11BA
1 KB
885 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&ver=3.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6beeecb273015521bdee590f53b5cf839ed939c39767689df623d19d74f56e4f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 24 Nov 2023 03:49:19 GMT
regenerator-runtime.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame 11BA
6 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wp-polyfill.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame 11BA
17 KB
6 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
index.js
www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/ Frame 11BA
999 B
626 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
legacy-features.js
www.marumura.com/wp-content/themes/authentic/js/ Frame 11BA
11 KB
2 KB
Script
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1aa871bfe9fa89c6f4f39426df6c430a7fe26afe36c01a8464aa9eb4d2573f70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
wp-emoji-release.min.js
travel.marumura.com/wp-includes/js/ Frame 38CD
18 KB
5 KB
Script
General
Full URL
https://travel.marumura.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 17 Apr 2023 10:42:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
/
travel.marumura.com/ Frame 38CD
59 B
308 B
XHR
General
Full URL
https://travel.marumura.com/?essb_counter_cache=rebuild
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b72fdf646bbdad0beff6f6fe46f43ff864be256cb575af00d4b58cd26a629285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
nKKS-Go6G5tXcraQI6miZbdhN3BxEu_GOQ.woff
travel.marumura.com/wp-content/fonts/kanit/ Frame 38CD
9 KB
10 KB
Font
General
Full URL
https://travel.marumura.com/wp-content/fonts/kanit/nKKS-Go6G5tXcraQI6miZbdhN3BxEu_GOQ.woff
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8eb30c9cd87253fd806a8e0e661c6f19366a4023d5d162ec42b3d6370237aa33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://travel.marumura.com/
Origin
https://travel.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 26 Jul 2023 22:06:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
Kamiseya-Park-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 38CD
29 KB
29 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
00d75ee4777b74634422816bc15a70bc6bba3a7c75f4084131105f4451aca270
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 27 Sep 2023 01:24:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/06/ Frame 38CD
23 KB
23 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/06/Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d8fa52f8cebc5e5239290cf554ab7b7d3e0c9a8a065e6ab72372142cffe82502
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 16 Jun 2023 02:38:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
17d38276d1943707ec1893cfbc3c60edca4ca54d824bf2001093058879713052
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 21 Apr 2023 17:43:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
22 KB
22 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5b9db7e260a58a6125841ce09cbc2c8440aa5eabc1737e301011eed3a81721e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 17 Apr 2023 02:17:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
disney-resort-line-40th-Anniversary-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
23 KB
23 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/disney-resort-line-40th-Anniversary-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
6448a3fdc4dbcd23b0f6e3039929a39c35c6df1a12b8749d05b313f620cbe059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 15 Apr 2023 01:49:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Namco-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 38CD
28 KB
28 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/03/Namco-Tokyo-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
55ddc4350919696487858704796ed175de6215690d73f6c0d55d623621af7d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Mar 2023 16:23:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kansai-by-JR-West-2023_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/04/Kansai-by-JR-West-2023_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
34838b3fa4eb46e4ca27c1c364cef31d722726a8e2d9c388d315378ab44672f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 18 Apr 2023 13:12:11 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 38CD
24 KB
24 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/03/Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d0bedf4a2f718cb81e021224dd034b779c1da933380c20223a90c6df91a904f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 Mar 2023 16:58:06 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
USJ-Magical-Creatures-Encounter-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 38CD
23 KB
23 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/02/USJ-Magical-Creatures-Encounter-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
626605fe89380aae0e5f7a593f35ef6ea030305a204d96a1c24856e1879ddd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 09 Feb 2023 01:41:11 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kansai-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
31 KB
31 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Kansai-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8ec159d7b694445c663bac2dfe43b1883b7e24b4c8dd370821d45702938e0833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Jan 2023 14:43:54 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tokyo-Dome-City-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Tokyo-Dome-City-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
93a7c855c5c309a1c29e5ed25d42fce6ab89d8abf6e760354cd54b42e71f1865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 30 Jan 2023 01:04:54 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Centara-Grand-Hotel-Osaka-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
9 KB
9 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Centara-Grand-Hotel-Osaka-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c38d64ac2d50fb25555294316768cfed9f7b57cf11f4e477a045d088b816e91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 14 Jan 2023 02:31:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
5-Fashion-Museum-cover-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
22 KB
22 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/5-Fashion-Museum-cover-1-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
819082a4afc84d55e834a6b6cde9503eb1ce3898d7b3d0d699c2a5c136fb9b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 13 Jan 2023 01:16:37 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Hiraoka-Jugyo-Center-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/Hiraoka-Jugyo-Center-5-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
29c02cbf1cf9f4fd70dfb1c067a1975a30b75bf22cc45e2ceaf1060e46f29367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Jan 2023 12:17:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 38CD
26 KB
26 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/01/West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48e79f9a8af22b127ce3a6f8690a730c267205ef31773b2c55319913c15e8d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 31 Jan 2023 08:56:33 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Onuma-Quasi-Autumn-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 38CD
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/12/Onuma-Quasi-Autumn-2-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8b9190a67e86adbb29ec7dc195e16bc9cb540b59a213f4a5dfd6f63e637c0a99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Jan 2023 10:41:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
West-Hokkaido-Autumn-1-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/11/ Frame 38CD
21 KB
21 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/11/West-Hokkaido-Autumn-1-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c491723385ea40b510133648e1bb513ba60c56ce0fe290fe349c540da0c312e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Jan 2023 09:28:18 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Sapporo-Snow_-Festival_-2023-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/09/ Frame 38CD
12 KB
12 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/09/Sapporo-Snow_-Festival_-2023-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
984dc59dbd7cfc4483be13c8a6d95a65099ddc8d7010db6717d1d8dca0ae3cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 20 Sep 2022 02:43:02 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Dragon-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/08/ Frame 38CD
31 KB
31 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/08/Dragon-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
114ef306a2bb9b74f2c168785aac84d463aad1b59dfda893a3b67f46c64da024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 18 Aug 2022 09:44:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tohoku-Winter-FAM-4_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 38CD
13 KB
13 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-4_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3686488c46168e023bb4d2dc39962502ee3e372cc8823516fa54cb7b1f51ee8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 12 Mar 2022 12:50:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tohoku-Winter-FAM-3_cover-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 38CD
16 KB
16 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-3_cover-2-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4e86134d0a34170ff9893d9544a3b241bd60ff526ec9566e513f8d39e131c4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 12 Mar 2022 10:30:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 38CD
21 KB
21 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/02/Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b0c31cb57388bde65d3a9a7f7807d909c4946121be0d2c06ed1a791e2b1d0cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 01 Feb 2023 09:16:37 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Fukuoka-Cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 38CD
26 KB
26 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/12/Fukuoka-Cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c840c71ce9406e85c9e529fa1072c07f8413ec284078ad6830555bff404fd8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Dec 2022 08:21:55 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Hita-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 38CD
18 KB
18 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2022/12/Hita-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
29fa6a0f7796e520bdc0b7a04d040a4788647f3d16ac3719e519bafc0ecb9da3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Dec 2022 08:22:00 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Kintetsu-Yunoyama-Onsen-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
24 KB
24 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
5f4be103da5669c15790e1c4307e13ab2a95eee475d1e8d0111fcc91c77b28d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Nov 2023 00:51:15 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Jewerium-Enoshima-Aquarium-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
17 KB
17 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
11b27fb8be1f5de613fe7512317c2412afdcdb86b9ea19fa9b26781504b93b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Nov 2023 18:56:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Umekoji-Potel-Kyoto-_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 38CD
20 KB
20 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4384361fa2e71faf7990051ab247fec44e3a7c7a0c8f81cc73269c867da0b207
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 10 Nov 2023 13:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Asuke-Toyota-City2_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 38CD
30 KB
30 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
57bb80202f72a1899e8eba944001bbbdf2c5b089730dad75b0f477ac2d57b790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 26 Oct 2023 09:58:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Iriomote_icon.gif
travel.marumura.com/wp-content/uploads/2019/01/ Frame 38CD
120 KB
120 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2019/01/Iriomote_icon.gif
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
1337faec15505996a642eca60aa6b8d2af048dba968cc528c1d6eb2b3e228f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 17:14:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
Nagasaki-World-Heritage-1_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2020/08/ Frame 38CD
13 KB
13 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2020/08/Nagasaki-World-Heritage-1_cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d8ff17203d21139a9622b9dcfb5843aacb7a7e92b2fbfc2845486111d46cc8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 06 Aug 2020 15:08:31 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Tabikoro-3-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 38CD
10 KB
10 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2023/02/Tabikoro-3-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ea22c4a91bec6695a49e5af5aefb72367436f798c7615087cb78d60e3c91fd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 01 Feb 2023 00:49:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Liquid-cover-copy-320x240.jpg
travel.marumura.com/wp-content/uploads/2020/11/ Frame 38CD
38 KB
34 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2020/11/Liquid-cover-copy-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d9f42e129b5f270f5c8b2312a09280fbcb4a475690456b782d1adb682402daf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 15 Nov 2020 11:20:23 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Waragamo-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2020/07/ Frame 38CD
43 KB
40 KB
Image
General
Full URL
https://travel.marumura.com/wp-content/uploads/2020/07/Waragamo-cover-320x240.jpg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
0d165421be82f9c9b43a92cbfccde1a9afa491f05ee1d7f083f0e1bd1722ae01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 22 Jul 2020 03:25:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame ADFB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame ADFB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame ADFB
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiOaXn3QqMyhfajRsLwn9QQRreQILW8RDVEq8C7uUu2r0hanCE7krpU223sPQxgrmKhBYuF_-ppLE5PyPbE1E8Btb5qQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame ADFB
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:18 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5774
106 KB
40 KB
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9402e2307075b3426a9e8b2785fee1b5199315506d110e8e3b7a9b9c0abae38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:17 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=FHKhwETPs9aHMANRE6B3N69JpUVNKRny6uh10vr5D4OUBz7-6RrbPTtaOx1X6tRA0G5y4GDmnxiM1zraYlCDua5t68H2zr4ZaDa8YHeqW-gmSTmFpzvt2qtc4vMXYCQOJEo6y69JCm2q-IQ1reDLuhye78wXRmefboN90mtk6T1lZakicmiKkY1RnGijxDfaKn8Mf--x0tWA7qf7NSBuxuDtOItOs9PqT_kmV0QJzB1VwEADplaKvtJjd8KJFf6CUDDWLw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
11876310
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0842
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 38CD
407 B
189 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1021158891192274&correlator=17392962183930&eid=31079631%2C31079668%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_ImageAd&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&cdm=travel.marumura.com&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&abxe=1&dt=1700797758844&lmt=1700797758&adxs=0&adys=7938&biw=-12245933&bih=-12245933&isw=260&ish=528&scr_x=-12245933&scr_y=-12245933&ucis=wcljv5boxqkg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Ftravel.marumura.com%2F&ref=https%3A%2F%2Fwww.marumura.com%2F&top=https%3A%2F%2Fwww.marumura.com%2F&vis=1&psz=260x0&msz=260x0&fws=260&ohw=260&ea=0&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=true&dlt=1700797757148&idt=1136&cust_params=url%3D%252F%26ref%3Dwww.marumura.com&adks=2177692981&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4ab97a0a3f38a6c386aca79430418636447cd0ba053d0acc2e38cf69e7de5f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://travel.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 38CD
448 B
208 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1021158891192274&correlator=17392962183930&eid=31079631%2C31079668%2C31078660&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_article_right_300x600%2C160x600%2C120x600%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&sc=1&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&cdm=travel.marumura.com&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&abxe=1&dt=1700797758850&lmt=1700797758&adxs=20&adys=7798&biw=-12245933&bih=-12245933&isw=260&ish=528&scr_x=-12245933&scr_y=-12245933&ucis=yy51s7frbxk4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=2&url=https%3A%2F%2Ftravel.marumura.com%2F&ref=https%3A%2F%2Fwww.marumura.com%2F&top=https%3A%2F%2Fwww.marumura.com%2F&vis=1&psz=220x0&msz=220x0&fws=260&ohw=260&ea=0&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=true&dlt=1700797757148&idt=1136&cust_params=url%3D%252F%26ref%3Dwww.marumura.com&adks=2240944414&frm=8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bbae302752900362cfbec76c9c9ae21ebc29d7c503682abde3e5189a56f0a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://travel.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bd9cdb6a62645734ff0730abaf70af1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 54BC
6 KB
3 KB
Document
General
Full URL
https://bd9cdb6a62645734ff0730abaf70af1b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:18 GMT
expires
Sat, 23 Nov 2024 03:49:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.gif
www.bing.com/aes/ Frame 16CA
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=624a4bf2-a79e-4b85-b5e9-867bf3eec67a&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=66e2a00f-41ae-4577-8a1...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7cd4723b3eb047c98de4cb61972e6ee3&SNR=1&GV=2&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7cd4723b3eb047c98de4cb61972e6ee3&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5683E9E63D6C49C99478BACFC5AFC303 Ref B: FRA31EDGE0206 Ref C: 2023-11-24T03:49:18Z
x-cdn-traceid
0.39d53e17.1700797758.24d245ed
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 24 Nov 2023 03:49:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD8E56239D4C4239A56BD600C32486D6 Ref B: FRA31EDGE0512 Ref C: 2023-11-24T03:49:18Z
x-cdn-traceid
0.39d53e17.1700797758.24d245da
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7cd4723b3eb047c98de4cb61972e6ee3&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
150
quic-version
0x00000001
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 16CA
91 KB
36 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231124T034918Z-dpzhn36p752x70p81xx3cedhk000000001a000000000n4ny
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa866cf1-701e-0084-305e-1d91e3000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 16CA
80 KB
28 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Fri, 24 Nov 2023 03:49:18 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
740538
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230074-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700797759.905315,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 957673
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 16CA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56061
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 16CA
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 16CA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxgIa3y5ijv3NJBz3ouxjWDGNnWAfqWiKYlK-tcjX-Th2r6ZloVAbzSMA-QuoNmNM8UmF8YCgOsIFzPFRf_ek4tlnoaA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 16CA
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:18 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5774
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:18 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5774
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:18 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5774
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Nov 2024 03:49:18 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5774
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Nov 2024 03:49:18 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5774
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EGRcpXH7feACxV7WL2nYIhEQoA_JSYpK0PnCRHRKYG0HxY4vXmYl8J-fNsB5q2I6cNW3FhHWxUiV10jeRsjkMqpgVK8jIDX-AkZdgyDxtop0_MG56k-g3ytRxvcSU4gAm-PXsaRxv8YcdJB9RRm_zXgYkV2FUSZaewyuBlbydptgNsHlgYMLLFUqRtyo0fhNi_wHBnoJcn80OeRkzVuuXk55fxkjdfM2cttgLnPYWCY-5zztIJQNrB7LtDg0fNppFeVuFLNf3r7lFZ-RcuBGURs8aHwUB0H1GndsTCNlZgUbjM02SQQ-wfQex-KUuf6QIwPjfLpAz0Hkl2c65_b8R6sMpQrJDOTAWnrml5UC36yDUXJTBBdjEf_buobUobOcXtkTNKN95sWzsKzeGl1uRy0UdsVlAB0yH5aJBAWyfLQJ-eTZ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2549449
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 5774
12 KB
6 KB
Script
General
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:18 GMT
truncated
/ Frame ADFB
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b2c840c876c28ceb0caabb2d97908f90c408e0d9a19ad35f6d2e535f9aa9ec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 069C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56062
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 069C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63604
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 069C
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:19 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5774
1 KB
1 KB
Image
General
Full URL
https://imageproxy.eu.criteo.net/img/img?h=80&m=0&partner=109283&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109283%2F5121723%2F4a7f80dda98047fca39f40cce2564e03_whatsapp_image_2023-11-20_at_08.22.14.jpeg&v=3&w=516&rid=4&s=WgtBxDSVKCABsbPAAAb3FJsj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42dcc2b958323d7a616009919760efed772ff09b07318ff72f06f3a5dadef2c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
1162
expires
Thu, 14 Nov 2024 12:56:38 GMT
all
csm.eu.criteo.net/ Frame 5774
0
127 B
Ping
General
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=FHKhwETPs9aHMANRE6B3N69JpUVNKRny6uh10vr5D4OUBz7-6RrbPTtaOx1X6tRA0G5y4GDmnxiM1zraYlCDua5t68H2zr4ZaDa8YHeqW-gmSTmFpzvt2qtc4vMXYCQOJEo6y69JCm2q-IQ1reDLuhye78wXRmefboN90mtk6T1lZakicmiKkY1RnGijxDfaKn8Mf--x0tWA7qf7NSBuxuDtOItOs9PqT_kmV0QJzB1VwEADplaKvtJjd8KJFf6CUDDWLw&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5774
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:19 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5774
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&u=%7CDu65pRKd2xIBMNAtykdeYyqf6j3mZ51%2FaKCIg0ijm6Y%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaYU6KCb3pZ7EGcapd6vKmYC96LKXeehfvCoRqBG06imFRt_UiuJ6tvp8b_nwbs_2yJ3aekyiT0br4YOjYclRF-7U3X2V6H_IAvDRYi-YTEnV6E8GNI5vy-ZQmNOJKtMCiXgHLRSclLOEGNAoXiofEwdVMsua7BuHRH6tijdguOHJqb53ECn4HELCNobAVFdKIPwVbPAuUhJ1JW3L6nIoVR5rIGvIe-H4_w_75Os54pBSkjWDr3bLNkAsi1dNtGn7oUqdB3KI63BJL2aL5aDmUIQQF94sRt4sDM3PUzrdnDDuIvHWgZx5TpY4G_6MeebJAVN3dAX1uu-S0tuhQjWcdqPfEcqyfcHi1ty8xFqWvdiwO-ecRLAnNlD82Gqs8fxi_j3y46EtarnaAjaBLaEz0J_V9OoMozW9AOFT_Qr4bG4pmpOaXzzszOBst1XQ-RNW3q55lUlfOIrXQ9-fliS2lONWgJYLbtwnbZFunPYpNZb_ZHwbLj6unzBg1SpdUYOaSfjaF2w1ewr1ullHGwxoLvh-I_tb8_w4w7BgYV2THiPSZ6Hf7wTguk&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpnzqPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNEBT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57x8Da8vmrUu5tjVjjqIsJGi7776C8Hhob7eh2MglRAsisiq6AL9jgk4RKABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0F-OIRKj11cwTIVwVS-eFVqyz8QQ%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:19 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0842
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmS6nKTMlqBrK6vGHKnrFeAp5WP8NccgMB-0nY66a1aJh1WlncHuyenOlaTeR5ONaIb3X1zuZKxMy0jkMeYuYWvV2CMB_gR7zw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 0842
43 B
573 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQBqfyfSxbXZnTTsM3xKN-hgAlmCTDW7VOA9scLPXBOspXei-ghdc7Cezd2qrtpKmZQI3Gc_0xU3BTBgIDGUjXscfmKGWBF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBqfyfSxbXZnTTsM3xKN-hgAlmCTDW7VOA9scLPXBOspXei-ghdc7Cezd2qrtpKmZQI3Gc_0xU3BTBgIDGUjXscfmKGWBF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae6a5f9a18cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0842
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmSB9AMHOQaUi7eZjwH-SfNemoNTrvm8c1U0qKGYRNHMY5M3twguWnOsW-XN12idWTo4fhvAvA6MwHkHHyNyrvfDx53OGZd3eA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0842
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSnMnpaNUVgDCyO1EP6lxYiZNnw2otwaQe0JzMYg4GxezKN7KrRIhx_i0HanVUlf3uuKWUafosFw6ZgCX...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSnMnpaNUVgDCyO1EP6lxYiZNnw2otwaQe0JzMYg4GxezKN7KrRIhx_i0HanVUlf3uuKWUafosFw6ZgCX7931vJIHbPn2KaQQ&google_hm=hmVgHTiytYnLhlZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSnMnpaNUVgDCyO1EP6lxYiZNnw2otwaQe0JzMYg4GxezKN7KrRIhx_i0HanVUlf3uuKWUafosFw6ZgCX7931vJIHbPn2KaQQ&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSnMnpaNUVgDCyO1EP6lxYiZNnw2otwaQe0JzMYg4GxezKN7KrRIhx_i0HanVUlf3uuKWUafosFw6ZgCX7931vJIHbPn2KaQQ&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
date
Fri, 24 Nov 2023 03:49:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 0842
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmTROQnybk8wNVLUywetlxGz6eE10jpHkJxfqqNdOKg36niVidE9Mw80mHfxEChFtCPvVjgDk88iVhj8bsGqIOweyWmArZ-nFg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0842
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTbCD-nLYiToHckjZ1x3bka-nhCdkxZm6pJ8yjiOGFGJI2-Kv3p5m4APb0ZyxsIC-wSLTBC1Fue...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTbCD-nLYiToHckjZ1x3bka-nhCdkxZm6pJ8yjiOGFGJI2-Kv3p5m4APb0ZyxsIC-wSLTBC1F...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTbCD-nLYiToHckjZ1x3bka-nhCdkxZm6pJ8yjiOGFGJI2-Kv3p5m4APb0ZyxsIC-wSLTBC1FueFmzVSkmJ4nUbbnjwllqHFA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTbCD-nLYiToHckjZ1x3bka-nhCdkxZm6pJ8yjiOGFGJI2-Kv3p5m4APb0ZyxsIC-wSLTBC1FueFmzVSkmJ4nUbbnjwllqHFA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0842
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXX8HUlIIPpwZSeT71Ui-Iz7EHneaW0E3__nKjn9kMLRMTLz0uabKV7sLIVYrGVQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dr
as.ad4m.at/ad/ Frame A73C
2 KB
2 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1hqat87455bw90b8acwd8ff7paf16chsr5xvcgyv38fcsjfrwdp10ek0vsaxapmqwp40gbmqzz100n9pteyvqafj6c588rh2hy4a1kkgvvqbye0qpqff4swskpcd9yeer6hppggn7gyb1rb4prz31ad4w3tjwe1k02y917e3y89nmpfbkdpndn3wc3pfbngac1faagmg4mdpbvmhkakx0dakj7ycch2tmjvbmemsa0hchb6knxbvtxfggfkh0qgr2mj3fsbpdz9g0zqq049y870e3nm6f62nefkr074t2aydat9k3jajb4j5vr0b6yb3kcg1wzj2b7e2c4bs7p5mpm46bmncvn8wtgvk61c8vmr1g664sft37s0t8n58grf99sdwzzs7qzvrg3751p672ferpkym8jhjer0486aeacdaqc5rf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b118d30d1c214d6aa4047ea4d459d74a5caf1c73073f26fa2099f3569a1a77
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae6abbb09116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:19 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7ABE
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame 16CA
13 KB
13 KB
Image
General
Full URL
https://www.bing.com/th?id=OAIP.a82de0aa2a7ed3ec87d36a06da22355e&pid=AdsNative&c=3&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3df5f66b06138571e546c41d265a0dc1df6d43fd65e7d96c0c34f26897a28c97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1700797759.24d24667
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
12882
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame 16CA
0
534 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKCBOgCAgAAAwDWAAUBCL66gKsGEMeb3_uotPLoYhgAKjYJGNh3N4qKuD8R_VEGomzjtz8ZAAAAgD0K1z8h_Q0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0n8FiAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOhmVbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAXWWIgFAZgFAKAFpIjSoq3XopMnwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AX63Fz6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAec9QXSBw0VZQEmCNoHBgFepBgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIIBggAEAAYAA..&s=9e3cbd9550b3829f39e9a1250181003fd0c5f33f&bdref=https%3A%2F%2Fhoroscope.marumura.com&bdtop=false&bdifs=3&bstk=https%3A%2F%2Fhoroscope.marumura.com,https%3A%2F%2Fwww.marumura.com,https%3A%2F%2Ftravel.marumura.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9709291217657452%26output%3Dhtml%26h%3D250%26slotname%3D4574689270%26adk%3D2761220695%26adf%3D3701853997%26pi%3Dt.ma~as.4574689270%26w%3D300%26lmt%3D1700797758%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftravel.marumura.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700797758196%26bpp%3D2%26bdt%3D1048%26idt%3D241%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D3b7d84e77066d36c%253AT%253D1700797752%253ART%253D1700797752%253AS%253DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg%26gpic%3DUID%253D00000cdaeaeeebf2%253AT%253D1700797752%253ART%253D1700797752%253AS%253DALNI_MaqZcUqX463gStgPbS0Es03xSpijg%26prev_fmts%3D0x0%252C260x200%252C300x250%26nras%3D1%26correlator%3D7015020409522%26frm%3D6%26ife%3D1%26pv%3D1%26ga_vid%3D1893264436.1700797752%26ga_sid%3D1700797758%26ga_hid%3D1181455639%26ga_fc%3D1%26nhd%3D2%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D260%26ish%3D528%26ifk%3D2013920840%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C31079438%252C31079759%252C31078301%252C44807405%252C44807754%252C44807763%252C44808148%252C44808285%252C44809054%26oid%3D2%26pvsid%3D1021158891192274%26tmod%3D491636430%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fhoroscope.marumura.com%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C260%252C528%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3D4.408zuv6gzgz2%26fsb%3D1%26dtd%3D250&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
an-x-request-uuid
7461ed72-83cf-4304-9225-49a16dc704ac
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame A73C
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hqat87455bw90b8acwd8ff7paf16chsr5xvcgyv38fcsjfrwdp10ek0vsaxapmqwp40gbmqzz100n9pteyvqafj6c588rh2hy4a1kkgvvqbye0qpqff4swskpcd9yeer6hppggn7gyb1rb4prz31ad4w3tjwe1k02y917e3y89nmpfbkdpndn3wc3pfbngac1faagmg4mdpbvmhkakx0dakj7ycch2tmjvbmemsa0hchb6knxbvtxfggfkh0qgr2mj3fsbpdz9g0zqq049y870e3nm6f62nefkr074t2aydat9k3jajb4j5vr0b6yb3kcg1wzj2b7e2c4bs7p5mpm46bmncvn8wtgvk61c8vmr1g664sft37s0t8n58grf99sdwzzs7qzvrg3751p672ferpkym8jhjer0486aeacdaqc5rf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hqat87455bw90b8acwd8ff7paf16chsr5xvcgyv38fcsjfrwdp10ek0vsaxapmqwp40gbmqzz100n9pteyvqafj6c588rh2hy4a1kkgvvqbye0qpqff4swskpcd9yeer6hppggn7gyb1rb4prz31ad4w3tjwe1k02y917e3y89nmpfbkdpndn3wc3pfbngac1faagmg4mdpbvmhkakx0dakj7ycch2tmjvbmemsa0hchb6knxbvtxfggfkh0qgr2mj3fsbpdz9g0zqq049y870e3nm6f62nefkr074t2aydat9k3jajb4j5vr0b6yb3kcg1wzj2b7e2c4bs7p5mpm46bmncvn8wtgvk61c8vmr1g664sft37s0t8n58grf99sdwzzs7qzvrg3751p672ferpkym8jhjer0486aeacdaqc5rf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774321
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYcJf3tXImYsUQCTZHt6FqluGcnPQxOeYHsK%2BrXqQZIZNj9I7cDk70F6sZrXlg36CKLmhPrK5zVlUJu1HqlPT35Lu%2FvSUNn%2BI%2B5KWKskAL2ALkTi6iWRaG4%2F8YqVyOEWSCJhp3DpB40%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae6b2bde9116-FRA
expires
Sat, 25 Nov 2023 03:49:19 GMT
r62eglto.js
ad4m.at/ Frame A73C
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hqat87455bw90b8acwd8ff7paf16chsr5xvcgyv38fcsjfrwdp10ek0vsaxapmqwp40gbmqzz100n9pteyvqafj6c588rh2hy4a1kkgvvqbye0qpqff4swskpcd9yeer6hppggn7gyb1rb4prz31ad4w3tjwe1k02y917e3y89nmpfbkdpndn3wc3pfbngac1faagmg4mdpbvmhkakx0dakj7ycch2tmjvbmemsa0hchb6knxbvtxfggfkh0qgr2mj3fsbpdz9g0zqq049y870e3nm6f62nefkr074t2aydat9k3jajb4j5vr0b6yb3kcg1wzj2b7e2c4bs7p5mpm46bmncvn8wtgvk61c8vmr1g664sft37s0t8n58grf99sdwzzs7qzvrg3751p672ferpkym8jhjer0486aeacdaqc5rf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335281
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1WKjOFMDgstp3Q%2Frs%2BVYZ5FAr5aROkEdrpAdUdjskytHh3PPXj%2FsCZbupZKDxNQ719Ugi5xUMYbwKVPNTeKEBrL3qs1asTlnq2MjArMwOqewKl1nxGy076n1zSl90hXHej77m0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae6b2bdf9116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame ADFB
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CvQILPh1gZYKyGtGNiQaHmb_gDcme0rFcvfGU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBM4BT9Doh0Uyi73u-JGiIq3JJUre8-K6KghzJ-2xH4rBoqjBH_2MPMthNJ0u0ZYfFWzm0SYywaiZg-nF64gCqdg-LvwEl-eQJoTZ4HCXxCF-FPU-6J_L9P5bnsvXlrAMZUhpX0WVEa9Dzher9qOr_uFPtM_XVKxhMydVDBsTmt8hldsze4NoxWwuNTlBTG2-5bfybM0cZHHhzSKLagveyket42-kmW4LK57xsjSdLOpHa6bFhh8wruKvL7Dc4pkNqJ55ztWxJKb_rAc6M2qf1tGABryutYbZkaGjMaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NzA5MjkxMjE3NjU3NDUyGAA&sigh=3AIzqzgvu-E&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNdiULnB7aWaByyoe0ru5Qji1AqoumiEaEjeOJhJXASvJ_yK-o66FJw4aU1JL57KqjN2twtbDUGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame ADFB
0
126 B
Image
General
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kIWLGcz6RIQCyAGdg2ICAgAAAFVp907VPMigED4dYGVVAHxPNdInfqhnAAASAAAKCkFRVURBUUVCQVE&wp=ZWAdPgAGmQIKwkbRAA_Mh1MBsVy5qAg_DuB39A&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=2012037033&adf=3222160309&pi=t.ma~as.5449908357&w=260&fwrn=16&fwrnh=100&lmt=1700797758&rafmt=1&format=260x200&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758191&bpp=4&bdt=1043&idt=175&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.odgd05ewcsyg&fsb=1&dtd=181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:18 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
248584
server
Kestrel
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0744
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22346
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 16CA
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a2b12c61aaecc6fcb929b03631b00676c3a2449a6b1ec0f31db5d1aaf2539d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
current
dclk-match.dotomi.com/match/bounce/ Frame 7ABE
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmQXt8sw2muYTJt8k_EiB6ZaCce9qp_ZXPpF83VROdcJIAvas0dJ1xciBuVrf9XRlwuT9C27cWMnXdHyEMaNPUkL2DT0gqR-vxE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 7ABE
43 B
571 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmSYINcoe-T39efdId5QQqQOCwaIfunA8igFLuBq-oc4U6vm1psxoMPrGZDX8UenDunKE9NhZeqOGgLZhzAkp6OBCpBxy2367hE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSYINcoe-T39efdId5QQqQOCwaIfunA8igFLuBq-oc4U6vm1psxoMPrGZDX8UenDunKE9NhZeqOGgLZhzAkp6OBCpBxy2367hE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae6c38d718cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 7ABE
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmTRbq4My_ToQoRZu3nyr3Bc08ysEP1b5uVw9fUsVjm1kBS9Glok6p2HjMKwabTsm3lN8WlhanZNd9ZDKHHgmzBiyNZ8FlftZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7ABE
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSflJLrAhNd3YBP8_0R9Wbh0BjQNEfh5zhgokApQgDAZ6Kgu_nm1HbX3_F-ePD0zLgK2efaPM6xLFvCIA...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSflJLrAhNd3YBP8_0R9Wbh0BjQNEfh5zhgokApQgDAZ6Kgu_nm1HbX3_F-ePD0zLgK2efaPM6xLFvCIAHgrluqNxQCNOxx4g&google_hm=hmVgHTiytYnLhlZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSflJLrAhNd3YBP8_0R9Wbh0BjQNEfh5zhgokApQgDAZ6Kgu_nm1HbX3_F-ePD0zLgK2efaPM6xLFvCIAHgrluqNxQCNOxx4g&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSflJLrAhNd3YBP8_0R9Wbh0BjQNEfh5zhgokApQgDAZ6Kgu_nm1HbX3_F-ePD0zLgK2efaPM6xLFvCIAHgrluqNxQCNOxx4g&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
date
Fri, 24 Nov 2023 03:49:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 7ABE
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmQcPji6px86BTgiyV-Jkv13cOixGGLRxKJ79m88SRUzVXAC5iOhL8GdbyNKAmYOcsIfjmbi7JYX4BpH_TBEH_bWII52c-Cttys
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7ABE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmRHYsf_EBZvbkrRcw7fy5Mor6tUanUfaD4kfFukhcMlICSVozVXq6fF8MI_Vcz0Jmri6KByROAZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRHYsf_EBZvbkrRcw7fy5Mor6tUanUfaD4kfFukhcMlICSVozVXq6fF8MI_Vcz0Jmri6KByRO...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRHYsf_EBZvbkrRcw7fy5Mor6tUanUfaD4kfFukhcMlICSVozVXq6fF8MI_Vcz0Jmri6KByROAZ_B3UP5SoH4BqXaquOnrbFQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmRHYsf_EBZvbkrRcw7fy5Mor6tUanUfaD4kfFukhcMlICSVozVXq6fF8MI_Vcz0Jmri6KByROAZ_B3UP5SoH4BqXaquOnrbFQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 7ABE
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kb8JUy7AL9kD_JTRYwY09syXrfKelQU2Ztt4YXY-7DTeQoTgIHuc7_TKDU6d-h6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 069C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d007f69c80348823c35d81e79e264885d4886a666ccdb253881867d4b9fdd5ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame 16CA
0
557 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKQB-iQAwAAAwDWAAUBCL66gKsGEMeb3_uotPLoYhgAKjYJGNh3N4qKuD8R_VEGomzjtz8ZAAAAgD0K1z8h_Q0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0nWIADAIgDAZADAJgDCaADAaoDigMKrAJoDTFwd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24BT_BeY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY2ZTJhMDBmLTQxYWUtNDU3Ny04YTFjLTYyNzRiMTRjY2UxOCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0EyWAAYcHVibGlzaAUpKDE2MjY0NTMzMCZynm0AuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnw5WVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MTIwNjk0MTg1ODc4MzQzMTExIgkzODE4NDY3MTQqBGJpbmc6LFUyVmhjbU5vUVdRak1USXhNRFEzTlRrM055TXhNREkyTURjMk1UQTJPUT09wAPYBMgDANgDoZlW4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpIjSoq3XopMnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AX63Fz6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec9QXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=9ce8cd85b2147038a6e72019e1e29d2d3d618652&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=8645674361906142253&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7665501&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
an-x-request-uuid
28946e13-0508-4042-ae71-e7a5f6cc1d3e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 11BA
99 KB
30 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f79c588fe103555f4737af90bf7bff955b841f9fc6722416f78e7a177212306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30507
x-xss-protection
0
server
cafe
etag
319 / 19685 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:19 GMT
prebid_2023_8_15_7_52_11.js
anymind360.com/js/6621/ Frame 11BA
301 KB
95 KB
Script
General
Full URL
https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/ats.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e70f5afae2896e4f0428eaaa8b95691bef9b84851a34de854b12f5205a123f3d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Wed, 04 Oct 2023 16:08:53 GMT
date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
2674736
x-guploader-uploadid
ADPycdt4JmOgxg6p11J3aZJO15MoE2tZp5cDSmikpRQzLfU6iueAizdZ4lzZjQzwrzsd-PKLo94
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
96646
x-served-by
cache-tyo11959-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797759.491619,VS0,VE0
etag
"7c3d582f641391d2eafe31b502454859"
vary
Accept-Encoding
x-goog-generation
1692085963456049
x-goog-hash
crc32c=K30Atg==, md5=fD1YL2QTkdLq/jG1AkVIWQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=31536000, public
x-goog-stored-content-length
96646
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
2, 4
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 11BA
400 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c341d4c068bf0ae703c52f1777765531bbb409249732b7ddb9052081b8564853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138525
x-xss-protection
0
server
cafe
etag
7325052372141701354
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:19 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 11BA
202 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 03:49:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
og3GIsvYEydM5eLy4PD2RVrXhnnCpaHiH6JfOi+z9bCQods1GuXFzx7CL8/AewaoRjtNpImnpGezoUXEBfbEug==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 11BA
112 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS8VMC8
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
593d7f65580ca7a6d1ed485cb1eb13b97890925b81dae472c22a3e9c5e240766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44346
x-xss-protection
0
last-modified
Fri, 24 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 24 Nov 2023 03:49:19 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 16CA
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CI783Ph1gZbKAH_2M-cAP2_euyA3S4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqAMByAMCqgTNAU_Qdvgh09vH1qcIuBKSkcZ4Zfnz-w4tqvrETGCzAdYDskKRIspwUWp_7swbdh96DBD45j7AYCOKgWGPnzDfid1Wv1WZZf7WTbPm-Utt8uM8C7hZ4KISxpUPUtA2f1UbCUFEjTjWmV8Xp5eolhfzus4yrHwnMo1yGfwkXaZSCuwnzBGPU7_dcIrfAHA0IT2VqHP-enS9t0_kyDxzpeyQPQbj2dLHOugZNyzacoHqR2TA78rf5DQDq-YkbxrRI83WZM9gJ-c_IcixNMuXHLiABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=pem43J073Sc&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNk1-CIIsGe8QGc5IGWh05_uzoYrXnMCVZqV-v6dyFbIrub_nhxR8fHR1Tuwgf24ZkpEIEF4XkGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame 16CA
0
534 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKQB-iQAwAAAwDWAAUBCL66gKsGEMeb3_uotPLoYhgAKjYJGNh3N4qKuD8R_VEGomzjtz8ZAAAAgD0K1z8h_Q0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0nWIADAIgDAZADAJgDCaADAaoDigMKrAJoDTFwd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24BT_BeY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY2ZTJhMDBmLTQxYWUtNDU3Ny04YTFjLTYyNzRiMTRjY2UxOCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0EyWAAYcHVibGlzaAUpKDE2MjY0NTMzMCZynm0AuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnw5WVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MTIwNjk0MTg1ODc4MzQzMTExIgkzODE4NDY3MTQqBGJpbmc6LFUyVmhjbU5vUVdRak1USXhNRFEzTlRrM055TXhNREkyTURjMk1UQTJPUT09wAPYBMgDANgDoZlW4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpIjSoq3XopMnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AX63Fz6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec9QXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=9ce8cd85b2147038a6e72019e1e29d2d3d618652&pp=ZWAdPgAHwDICHkZ9AAu724Oq5xxTp_RvEigHjQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbO7cPh1gZbKAH_2M-cAP2_euyA3S4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqAMByAMCqgTQAU_Qdvgh09vH1qcIuBKSkcZ4Zfnz-w4tqvrETGCzAdYDskKRIspwUWp_7swbdh96DBD45j7AYCOKgWGPnzDfid1Wv1WZZf7WTbPm-Utt8uM8C7hZ4KISxpUPUtA2f1UbCUFEjTjWmV8Xp5eolhfzus4yrHwnMo1yGfwkXaZSCuwnzBGPU7_dcIrfAHA0IT2VqHP-enS9t0_kyDxzpeyQPQbj2dLHOugZdS774ENOvQlUFb5qem2HHeIHZZ7YDdUPxkk5o1u_C-Sp9Ep1cSzibfyABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1FR13BvhF2zJZSUNpgTy_GbnH3WQ%26client%3Dca-pub-9709291217657452%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
an-x-request-uuid
c571e55f-b00f-45d9-888e-bc5b1b9f73e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 11BA
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc0802baffdf00d886488d93ca0470a4a5a7d107d08307b45e308cb9345dc774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52751
x-xss-protection
0
server
cafe
etag
1941700161029415536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:19 GMT
icons.ttf
www.marumura.com/wp-content/themes/authentic/css/fonts/ Frame 11BA
15 KB
9 KB
Font
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/fonts/icons.ttf
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-ttf
ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
www.marumura.com/wp-content/fonts/roboto-condensed/ Frame 11BA
19 KB
20 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d448991d15499edecfb0ad39bf668320897c3dba15c73aa6e13fbe6356569183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 20 Oct 2023 15:08:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame 11BA
15 KB
15 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
899651971d6c75117d28df0030f881b94f93c8b0540364cc3d569cd3c8195010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame A73C
350 B
875 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315007
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5TeJ4JKS7ir8CKAqGg4pyIWOoIBsvbZoyZMVJ1XJ6Gb52lPzVAuYi2x5Fk2cr2BQ8B9kbt%2FU%2BO2IthfaFUfpN6Fj8aIy5sDdcLolnAuhFzpYPAE%2BKSrITQ9GxiGjOyD8ttsHa5ZWr59jueaMhTYrSFz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae6d3cd09072-FRA
expires
Tue, 19 Nov 2024 11:23:05 GMT
ico_travel.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame 11BA
11 KB
11 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_travel.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
8f8534d93da83a0fbbb300cbc00cca18d6a3f08925c51a073ba90bc48542147a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_lifestyle.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame 11BA
19 KB
19 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_lifestyle.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
b1a4765c4086ab9a52000087ffb5f15b35b51394467987a50040e7e43b6c89a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_foods.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame 11BA
18 KB
17 KB
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_foods.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7f7337abd33251d4467aa6cb7244c1a3b5cbf90efcf474f9383479fa4fcc6d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
ico_item.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame 11BA
1 KB
771 B
Image
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_item.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
48c98e8609af4dbef60b052a9e7f468721bae298b23325ae7f9a99a7707d38d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
nKKZ-Go6G5tXcraVGwaKd6xB.woff
www.marumura.com/wp-content/fonts/kanit/ Frame 11BA
13 KB
14 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKZ-Go6G5tXcraVGwaKd6xB.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
de702bd87ba6644b1e1079ebe74385a9f1ca64ecc82b79a4888e8af5533a540a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr4uPhWnVadrNlJz.woff
www.marumura.com/wp-content/fonts/kanit/ Frame 11BA
13 KB
13 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr4uPhWnVadrNlJz.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c8d72610219d3200ba9ffc11cad1dc796ef68ebe94d7f75d50c41e063a22d2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame 11BA
12 KB
12 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aAFJmXYO5gjupg.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
4fb031caa17064d63bad6a66b503a2af1e73a3266b226056302f2447070d79e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
powerkit-icons.woff
www.marumura.com/wp-content/plugins/powerkit/assets/fonts/ Frame 11BA
26 KB
17 KB
Font
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/fonts/powerkit-icons.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
84bcb397ee8fb28950639b02674337575578302143c9d6f1bfc6c6fb2584c4fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
www.marumura.com/wp-content/fonts/kanit/ Frame 11BA
13 KB
14 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKU-Go6G5tXcr5mOBWnVadrNlJz.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7470a14b8058cb8e35ae75127e935c4036071fb9aa0422351830c9bec6b2764d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
nKKZ-Go6G5tXcraBGwaKd6xBDFs.woff
www.marumura.com/wp-content/fonts/kanit/ Frame 11BA
9 KB
9 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/kanit/nKKZ-Go6G5tXcraBGwaKd6xBDFs.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
61b770106aa1fa33606ec43fe30c388740ee75176f2482403a48d55ce3a3163a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 27 Jul 2023 06:05:47 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
DtVjJx26TKEr37c9aBVJmXYO5gg.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame 11BA
14 KB
15 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVjJx26TKEr37c9aBVJmXYO5gg.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f99faedbb1ca9dbf0c9261bc88c42afdcab10f792bd42873638d67f4930aada9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:48 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
adview
googleads.g.doubleclick.net/pagead/ Frame 069C
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CzGVNPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBM0BT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueIiJBbVBDxbq5QRpwV-NHItpSVuAO-V6iODkR49T7zTG0jHOJEtToAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NzA5MjkxMjE3NjU3NDUyGAA&sigh=ZZraUpOM_DU&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNers7BOD3B_vLfv3P3TAe9KeHni-01Lsg7d3oYv2_bUnz07wKuKKsPgnpu6g_aesfo-GetuIVGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:19 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 069C
0
11 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hpzh8wef5btrbryern7ezaepyt1c2ddvm60r7ngycms4ca66yw1m8daq3wc4f09jcfvrnb1nfk7mbfmx42ep51gn8h649ta3e4qjrz2n9e8wqfjakev947m2xh2wjtrf862mcd7a18zssen5ey6vsr7narte751p9rpjh4pfbwg8h3mm1d5jk2jqpztd96n2gwkwbym20dnh7856gvevn3fqenewz8ybf7exsr0cav3d1f3nyrzprb3abmqk8vtrgp0bp0c6bw2jp7vtw7bv77w4pdnktt16f67f6p2zh6snyd73dw429m08vfc0vrpg6ne8e7xnkfztcrzy3q0pyzq63ej6b0spp8wyarnsjqegq4s3er29mgqwtgv5vpbyt0z8nse0g&b=ZWAdPgAHgDIKGWVNAAsAfPbsyFuPRBQWKuA2cg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
frame.html
ad4m.at/ Frame E01F
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774322
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae6d9d249116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:19 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BHKcQIeJpC32WXAbbdra9Opgt12LnFLTaSLKw84PsQUy5%2FkTubKo5h%2Fg7KhLCWM1ZZLX4iWyJS%2Fst651bGyu3pd5TuFw9uSlU4TG%2FTS6DMZgaZ%2FMMmkHGW6u4bu9j695PBYqso%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
current
dclk-match.dotomi.com/match/bounce/ Frame 0744
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmQC5WCatK28SS3tvcwpiQOvK7BXSjcLYhpkH_GfHYw0ddlqe3MGSAwgy7V4OF_SLMWC_moAkFfGx63uk0I-Sd1hh44SoT8y1Ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 0744
43 B
565 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmR9owQTsH2ZXBLvA1sf1ao1p-03iH-mVmjRtj84cskgUdCRb8RAxBbtEROntaeavR7mohc5ibHbNVB5KTJX-hejn2dTv1OagQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR9owQTsH2ZXBLvA1sf1ao1p-03iH-mVmjRtj84cskgUdCRb8RAxBbtEROntaeavR7mohc5ibHbNVB5KTJX-hejn2dTv1OagQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae6daa2c18cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0744
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmRFSYqbonngBmdau_U9FtYSgVUyXDmucrBD2hQolh7towV_QuruR3kI7Be2N_Z2OL6keTydGHXvYW7dYCqYxhPgK3ULGTJPzyk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0744
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSbP21Hw54l2ppGxB5X-IC9QJlF2z_mfNcv9G96u6D9lNL4OJ7LCxvOZ_XQa_G_3zBwiwicRZytLi3EAH...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSbP21Hw54l2ppGxB5X-IC9QJlF2z_mfNcv9G96u6D9lNL4OJ7LCxvOZ_XQa_G_3zBwiwicRZytLi3EAHx1sHbre3BkR8FjZ90&google_hm=hmVgHTiytYnLhl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSbP21Hw54l2ppGxB5X-IC9QJlF2z_mfNcv9G96u6D9lNL4OJ7LCxvOZ_XQa_G_3zBwiwicRZytLi3EAHx1sHbre3BkR8FjZ90&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSbP21Hw54l2ppGxB5X-IC9QJlF2z_mfNcv9G96u6D9lNL4OJ7LCxvOZ_XQa_G_3zBwiwicRZytLi3EAHx1sHbre3BkR8FjZ90&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
date
Fri, 24 Nov 2023 03:49:19 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 0744
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmQFsEY4Ljp_wyQs3Vwuw0eGm_ASxXfrXcaHOTy8nvCIgdv-pJr68pU6xVs09AmL2vY35t3hPYk0jtAK5amcVFeYIeMghs9C6WU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0744
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTaagAS1O6bhtJB4e5HoxM7uE5rRGGY-TQ0gqdOfyZq97RiE8KLduB2xkGA3a9Kj1w6BRvgZLPu...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTaagAS1O6bhtJB4e5HoxM7uE5rRGGY-TQ0gqdOfyZq97RiE8KLduB2xkGA3a9Kj1w6BRvgZL...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTaagAS1O6bhtJB4e5HoxM7uE5rRGGY-TQ0gqdOfyZq97RiE8KLduB2xkGA3a9Kj1w6BRvgZLPu8BIIdyA6wM-LYDObSnok66k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTaagAS1O6bhtJB4e5HoxM7uE5rRGGY-TQ0gqdOfyZq97RiE8KLduB2xkGA3a9Kj1w6BRvgZLPu8BIIdyA6wM-LYDObSnok66k
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0744
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzNrsEhibQYWz6WiLfvRQcfPdFQCvYfuGdr1Upd0hZiP0vW-siir44iO0PJcLpPA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
travel.marumura.com/ Frame 789D
311 KB
26 KB
Document
General
Full URL
https://travel.marumura.com/
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fff2fb3fd30933844b8bfa78287698b8cd361b49a9ffc4cb5af8f1b9528c8694

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:20 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://travel.marumura.com/wp-json/>; rel="https://api.w.org/", <https://travel.marumura.com/wp-json/wp/v2/pages/5298>; rel="alternate"; type="application/json", <https://travel.marumura.com/5298>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
logo_marumura_w.png
www.marumura.com/wp-content/uploads/2019/07/ Frame 11BA
13 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_w.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame 11BA
12 KB
12 KB
Font
General
Full URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rik8s7SLUrwB0lw.woff
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
16614edb31cb210f98c4980e88e9461887b094d09ab3809d1d2587de1fc5c8ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 28 Aug 2023 12:03:46 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/x-font-woff
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame 11BA
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 15:43:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
43561
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 22 Nov 2024 15:43:18 GMT
1429288180769098
connect.facebook.net/signals/config/ Frame 11BA
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1429288180769098?v=2.9.138&r=stable&domain=travel.marumura.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
45169a0288f8652815bbffc2f599b8c93686fdaa4aaed19484dc59e639fe3768
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 24 Nov 2023 03:49:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
CihXM/o4GCDnGZyfk4R+z99x8DUj5mnoR5xEpHi6gf7etC+9gnzx2tmWoddCyRE+OTO7txqEOPQfbjiKJY2xAg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ Frame 11BA
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=ab2c8d9c0c46308aa10c728c149c59e7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae87f41773c5bbe6c60bd0450288e260f1a41918b458f0cd808b4534ad852df7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 03:49:19 GMT
content-md5
J4OdNz2fkvFxXNShu8ds2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88329
reporting-endpoints
x-fb-debug
xa3so93hkPXc4A3QDLFIRc7/nrHPT76mxXNk9yysLX50/eMt3sFZiq/5CO6OTu4sHwmLbWldzSUZGzvUyYtYWA==
x-fb-content-md5
175299b5af26fd20765aaa79d5ccdeff
cross-origin-opener-policy
same-origin-allow-popups
etag
"a40153204555e07e227d4ff5b7d8434d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Nov 2024 03:15:10 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ Frame 11BA
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: anymind360.com
URL: https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.marumura.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42511
x-jsd-version
1.0.1882
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"63a-NecRQpEq1uzv2Kl3Q8ftGEfSD4M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RPzLY7FQXd8JbJIM9NWhV0axddLFg5Qr87Lo2YrT8tP504P1LMSYXZFx24j6cTO802s2PlJs1VvwBUqHHLl%2Buxrtd2%2BkQEtN4acWyKkWWHdYoh75o4wkmqqxvVV55%2FctlnPJ6pbSEzDhBOubxg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82aeae6e89341cc7-FRA
ads
googleads.g.doubleclick.net/pagead/ Frame E116
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&adk=1812271804&adf=92567691&plat=1%3A66048%2C2%3A66048%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66048%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759463&bpp=30&bdt=926&idt=322&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&nras=1&correlator=8649921826522&frm=24&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=1314419917&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.xeezp5fst8tj&fsb=1&dtd=345
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ Frame 11BA
261 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
82f531329d8b0484de8ba498b0bd4721a56b1d027cd458b1844ed3e311cad0a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90230
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 24 Nov 2023 03:49:19 GMT
analytics.js
www.google-analytics.com/ Frame 11BA
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 24 Nov 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
7181
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 24 Nov 2023 03:49:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5578
39 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6bf95ce44961b2bb1a60076652b7e8f5578bcfc6f6866cef79f5be4a526c94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16598
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A05
38 KB
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=4061352511&pi=t.ma~as.4574689270&w=300&lmt=1700797760&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759573&bpp=33&bdt=1035&idt=483&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C220x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pxt44r6f1hog&fsb=1&dtd=502
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16137
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2b55.svg
s.w.org/images/core/emoji/14.0.0/svg/ Frame 38CD
238 B
572 B
Image
General
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/2b55.svg
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
5902ffd2b365f06db61fbebe2addae16082240141877fa5fbe2d6a7cd35ea5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Fri, 24 Nov 2023 03:49:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:50:59 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
content-length
238
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 034D
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=15502407&pi=t.ma~as.4574689270&w=300&lmt=1700797760&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759630&bpp=2&bdt=1092&idt=530&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C220x200%2C300x250&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.aa0ebw8uxi30&fsb=1&dtd=536
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16787
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 11BA
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&ver=3.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Origin
https://www.marumura.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:55:04 GMT
/
www.marumura.com/ Frame 11BA
67 B
317 B
XHR
General
Full URL
https://www.marumura.com/?essb_counter_cache=rebuild
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
d013485466894b4287d47b52869bef2ba059e2720d7cf2b33eee65dc5737cc48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
br
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
www.google-analytics.com/ Frame 11BA
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=935305279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marumura.com%2F&dr=https%3A%2F%2Ftravel.marumura.com%2F&ul=en-us&de=UTF-8&dt=Marumura&sd=24-bit&sr=1600x1200&vp=220x528&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1893264436.1700797752&tid=UA-126552441-1&_gid=2113727439.1700797752&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=955197190
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 16:54:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
39305
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
powerkit.css
travel.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame 789D
0
0

style.min.css
travel.marumura.com/wp-includes/css/dist/block-library/ Frame 789D
0
0

posts-sidebar.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

twitter-slider.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

tiles.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

horizontal-tiles.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

full.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

slider.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

carousel.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

wide.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

narrow.css
travel.marumura.com/wp-content/themes/authentic/css/blocks/ Frame 789D
0
0

styles.css
travel.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame 789D
0
0

public-powerkit-author-box.css
travel.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame 789D
0
0

public-powerkit-basic-elements.css
travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame 789D
0
0

public-powerkit-coming-soon.css
travel.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame 789D
0
0

public-powerkit-content-formatting.css
travel.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame 789D
0
0

public-powerkit-contributors.css
travel.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame 789D
0
0

public-powerkit-facebook.css
travel.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame 789D
0
0

public-powerkit-featured-categories.css
travel.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame 789D
0
0

public-powerkit-inline-posts.css
travel.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame 789D
0
0

public-powerkit-instagram.css
travel.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame 789D
0
0

public-powerkit-justified-gallery.css
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame 789D
0
0

glightbox.min.css
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 789D
0
0

public-powerkit-lightbox.css
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame 789D
0
0

public-powerkit-opt-in-forms.css
travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame 789D
0
0

public-powerkit-scroll-to-top.css
travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame 789D
0
0

public-powerkit-share-buttons.css
travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame 789D
0
0

public-powerkit-social-links.css
travel.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame 789D
0
0

public-powerkit-table-of-contents.css
travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame 789D
0
0

public-powerkit-twitter.css
travel.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame 789D
0
0

public-powerkit-widget-about.css
travel.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame 789D
0
0

front-flex.min.css
travel.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame 789D
0
0

frontend.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame 789D
0
0

flatpickr.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 789D
0
0

select2.min.css
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 789D
0
0

wpcf7-redirect-frontend.min.css
travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame 789D
0
0

if-menu-site.css
travel.marumura.com/wp-content/plugins/if-menu/assets/ Frame 789D
0
0

style.css
travel.marumura.com/wp-content/themes/authentic/ Frame 789D
0
0

essb-native-skinned.min.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 789D
0
0

subscribe-forms.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 789D
0
0

click-to-tweet.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 789D
0
0

essb-animations.min.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 789D
0
0

easy-social-share-buttons.css
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/ Frame 789D
0
0

legacy-features.css
travel.marumura.com/wp-content/themes/authentic/css/ Frame 789D
0
0

jquery.min.js
travel.marumura.com/wp-includes/js/jquery/ Frame 789D
0
0

jquery-migrate.min.js
travel.marumura.com/wp-includes/js/jquery/ Frame 789D
0
0

flatpickr.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame 789D
0
0

select2.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame 789D
0
0

js
www.googletagmanager.com/gtag/ Frame 789D
0
0

atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame 789D
0
0

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 789D
0
0

ats.js
anymind360.com/js/6621/ Frame 789D
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://travel.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51211
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797760.260132,VS0,VE0
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 6
logo_marumura_b2.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 789D
0
0

logo_marumura_b.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 789D
0
0

logo_marumura_w.png
travel.marumura.com/wp-content/uploads/2020/04/ Frame 789D
0
0

Kintetsu-Yunoyama-Onsen-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

Jewerium-Enoshima-Aquarium-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

Umekoji-Potel-Kyoto-_cover-320x180.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

Tattoo-Get-in-Tokyo-Onsen_cover-300x225.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 789D
0
0

Asuke-Toyota-City2_cover-320x169.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 789D
0
0

Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-272x182.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 789D
0
0

Aoniyoshi-Sightseeing-Train-16.25.29-cover-320x178.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 789D
0
0

Sabataro-Rest-Fukuoka-cover-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 789D
0
0

Kamiseya-Park-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 789D
0
0

Ibaraki-Praying-Destination-cover-272x182.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 789D
0
0

Kamiseya-Park-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/09/ Frame 789D
0
0

Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/06/ Frame 789D
0
0

Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 789D
0
0

Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 789D
0
0

disney-resort-line-40th-Anniversary-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 789D
0
0

Namco-Tokyo-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 789D
0
0

Kansai-by-JR-West-2023_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/04/ Frame 789D
0
0

Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/03/ Frame 789D
0
0

USJ-Magical-Creatures-Encounter-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 789D
0
0

Kansai-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 789D
0
0

Tokyo-Dome-City-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 789D
0
0

Centara-Grand-Hotel-Osaka-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 789D
0
0

5-Fashion-Museum-cover-1-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 789D
0
0

Hiraoka-Jugyo-Center-5-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 789D
0
0

West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/01/ Frame 789D
0
0

Onuma-Quasi-Autumn-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 789D
0
0

West-Hokkaido-Autumn-1-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/11/ Frame 789D
0
0

Sapporo-Snow_-Festival_-2023-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/09/ Frame 789D
0
0

Dragon-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/08/ Frame 789D
0
0

Tohoku-Winter-FAM-4_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 789D
0
0

Tohoku-Winter-FAM-3_cover-2-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/03/ Frame 789D
0
0

Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/02/ Frame 789D
0
0

Fukuoka-Cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 789D
0
0

Hita-cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2022/12/ Frame 789D
0
0

more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

flower-pickle-jp-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

Mu-Room-Ride-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

Japan-Kid-First-Hair-Cut_cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 789D
0
0

sdk.js
connect.facebook.net/en_US/ Frame 789D
0
0

jquery.adrotate.dyngroup.js
travel.marumura.com/wp-content/plugins/adrotate/library/ Frame 789D
0
0

jquery.adrotate.clicktracker.js
travel.marumura.com/wp-content/plugins/adrotate/library/ Frame 789D
0
0

index.js
travel.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame 789D
0
0

index.js
travel.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame 789D
0
0

public-powerkit-basic-elements.js
travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame 789D
0
0

jquery.justifiedGallery.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 789D
0
0

public-powerkit-justified-gallery.js
travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame 789D
0
0

imagesloaded.min.js
travel.marumura.com/wp-includes/js/ Frame 789D
0
0

glightbox.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 789D
0
0

public-powerkit-lightbox.js
travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame 789D
0
0

public-powerkit-opt-in-forms.js
travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame 789D
0
0

public-powerkit-scroll-to-top.js
travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame 789D
0
0

public-powerkit-share-buttons.js
travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame 789D
0
0

flickity.pkgd.min.js
travel.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame 789D
0
0

public-powerkit-table-of-contents.js
travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame 789D
0
0

frontend.min.js
travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame 789D
0
0

wpcf7r-fe.js
travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame 789D
0
0

owl.carousel.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

colcade.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

ofi.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

jarallax.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

jarallax-video.min.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

scripts.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

pinterest-pro.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 789D
0
0

subscribe-forms.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/ Frame 789D
0
0

essb-core.js
travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/ Frame 789D
0
0

legacy-features.js
travel.marumura.com/wp-content/themes/authentic/js/ Frame 789D
0
0

all.js
connect.facebook.net/en_US/ Frame 789D
0
0

/
www.facebook.com/tr/ Frame 11BA
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1429288180769098&ev=PageView&dl=https%3A%2F%2Fwww.marumura.com%2F&rl=https%3A%2F%2Ftravel.marumura.com%2F&if=true&ts=1700797760269&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700797753774.1010096808&ler=other&it=1700797759713&coo=false&rqm=GET
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 24 Nov 2023 03:49:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
Umekoji-Potel-Kyoto-_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 11BA
0
0

Asuke-Toyota-City2_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame 11BA
0
0

Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame 11BA
0
0

Japan-Kid-First-Hair-Cut_cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
102 KB
103 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Japan-Kid-First-Hair-Cut_cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
f7bdecdeda339322bd199bffc3fdc663978cb35dbfd71aa0e85242e9738bc738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 22 Nov 2023 11:42:16 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Weather-data-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
12 KB
12 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Weather-data-1-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9390bf8083e94d79e8b48de08246a3cfdc4bf9743981e2e8cd211787d1927fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 20 Nov 2023 11:41:21 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Karate-Shokoshi-Kohinata-Minoru-cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
101 KB
101 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Karate-Shokoshi-Kohinata-Minoru-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
fac05f4207766967ab1561dd00f69871a24b81b990347e1442e3f5a206133846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 Nov 2023 10:54:24 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
YOT-WATCH-from-toy-cover2-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
7 KB
7 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/YOT-WATCH-from-toy-cover2-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
75445a8bddddae24ebfb1ea245f4f535160ca58717d3f0f7fd46c695355204d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 17 Nov 2023 13:12:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Stair-Case-Photo-in-Japan-20.06.05-cover-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
75 KB
76 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Stair-Case-Photo-in-Japan-20.06.05-cover-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
a09240e461a873a767cf5cee39d63c98fcd7b759d0e9a12dba8fe9c5b3064eb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 15 Nov 2023 14:06:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
Left-Side-Driving-Japan-09.54.12-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
35 KB
35 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/Left-Side-Driving-Japan-09.54.12-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
398056776f6271ff4c2c3c57357542127d748bfe723576d269141da41b838e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 13 Nov 2023 12:44:12 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
icon-1-1-320x240.gif
www.marumura.com/wp-content/uploads/2018/06/ Frame 11BA
75 KB
73 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2018/06/icon-1-1-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
2424467a9c7819732eec4e42c82aadec3f0d8bc572d6e9b174d5488cdcaa3937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:46:36 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
Teru-teru-bozu-1-320x240.jpg
www.marumura.com/wp-content/uploads/2020/08/ Frame 11BA
21 KB
18 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2020/08/Teru-teru-bozu-1-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
ec94109bcae1ee6e05d555f638348b1750d02d9cbbcf7c806d87204679eee862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 11 Aug 2020 02:17:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Omamori_icon-320x240.gif
www.marumura.com/wp-content/uploads/2015/11/ Frame 11BA
51 KB
51 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2015/11/Omamori_icon-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
7d567162995592e5fd60a0228f5b72c31e1d7a08d9ee2ab364543951ba22bc42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:51:49 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
icon-1-7-320x240.jpg
www.marumura.com/wp-content/uploads/2019/01/ Frame 11BA
16 KB
17 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/01/icon-1-7-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
3be563fc939ce81c4edc4af7fc27cffa6632ae60164f9cbfb6c923e7dc9fac8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:53:44 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
Japanese-Hair-style-320x240.gif
www.marumura.com/wp-content/uploads/2016/04/ Frame 11BA
54 KB
53 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2016/04/Japanese-Hair-style-320x240.gif
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c395301d3636963578e927e670f7362518918c13ed99ec2332dc99eef693a38d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 02 Jun 2020 16:53:33 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/gif
Kotatsu_cover-edit-320x240.jpg
www.marumura.com/wp-content/uploads/2014/01/ Frame 11BA
21 KB
21 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2014/01/Kotatsu_cover-edit-320x240.jpg
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
c0c1eb2a7d0cc33cde82e8ab1ea9e3645dc868d0967276ca038383634a66fe48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 25 Dec 2022 11:31:50 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/jpeg
flower-pickle-jp-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
125 KB
125 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/flower-pickle-jp-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
9ff9bceecc62c12f376d057d9cab274b4da9d432eeed5d8124d2358a86ad0a87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 23 Nov 2023 13:11:43 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
topmisosoup-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
128 KB
0
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2023/11/topmisosoup-320x240.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 14 Nov 2023 18:23:54 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
18-320x240.png
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

depression-320x240.jpeg
www.marumura.com/wp-content/uploads/2023/09/ Frame 11BA
0
0

Catcooljapan-320x240.jpg
www.marumura.com/wp-content/uploads/2023/09/ Frame 11BA
0
0

Parents-Association-Japan-Thinking-cover-320x240.png
www.marumura.com/wp-content/uploads/2023/08/ Frame 11BA
0
0

more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

Mu-Room-Ride-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

Japan-Law-Twin-Crystal-Quartz-cover-320x240.jpg
www.marumura.com/wp-content/uploads/2021/05/ Frame 11BA
0
0

Japan-shock-14-cover-320x240.jpg
www.marumura.com/wp-content/uploads/2021/06/ Frame 11BA
0
0

punko_First-Time-JPN-320x240.gif
www.marumura.com/wp-content/uploads/2015/10/ Frame 11BA
0
0

catinshopjapan00-320x240.jpg
www.marumura.com/wp-content/uploads/2023/06/ Frame 11BA
0
0

icon-11-320x240.jpg
www.marumura.com/wp-content/uploads/2017/08/ Frame 11BA
0
0

RakuRo-JR-Himeji-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

Non-Fiction-Game-Hakone-Sengokuhara-Prince-Hotel-2-320x240.jpg
www.marumura.com/wp-content/uploads/2023/11/ Frame 11BA
0
0

ads
securepubads.g.doubleclick.net/gampad/ Frame 11BA
407 B
195 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3140902348476752&correlator=818051636939230&eid=31078986%2C31079668%2C31079674%2C31079658%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_ImageAd&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&sc=1&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&cdm=www.marumura.com&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&abxe=1&dt=1700797760410&lmt=1700797760&adxs=0&adys=12935&biw=-12245933&bih=-12245933&isw=220&ish=528&scr_x=-12245933&scr_y=-12245933&ucis=97kz9huuquq7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Fwww.marumura.com%2F&ref=https%3A%2F%2Ftravel.marumura.com%2F&top=https%3A%2F%2Fhoroscope.marumura.com%2F&vis=1&psz=220x0&msz=220x0&fws=260&ohw=220&ea=0&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=true&dlt=1700797758538&idt=1585&cust_params=url%3D%252F%26ref%3Dtravel.marumura.com&adks=2177692981&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73143ad782236f0b51a2063a87accdbe61232f04947e648604967e678331cf9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.marumura.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 11BA
0
0

container.html
af4a474a32e33b2aff874238c3986750.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00B9
6 KB
3 KB
Document
General
Full URL
https://af4a474a32e33b2aff874238c3986750.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
expires
Sat, 23 Nov 2024 03:49:20 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame 135F
61 KB
34 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fkhbi911snde
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c279789774b62e7077ce481e25d0d9ff8492d80094ea26c41041fafd25ec108
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q5Elak4aWM2-vVkVMJsvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-q5Elak4aWM2-vVkVMJsvVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rs
ad4m.at/ Frame A73C
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c12a30520f64c10717cd58a14623ac81f66a6c940db9b8deb7d955acb65f3a9

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMwox%2BFnvdcqPMd3WC4Am0tihok%2FJdwZvVBdzmO%2BcyRjpx4HQIGKBkWC3aPfFoiqt4P93aCiDriAJQgQSoot%2FI0CbZmhmHd16H4OhXMz42K%2BGjbrUJgzn43ie6VVhQq3dPpy15M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae730ed69219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kjgm
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae72deae9219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7edj59iCjs%2FrfsDmasoF7S7XgxHvtXLILYwe%2FjNaoKwXbbDzzo82Wb09fMYkgC%2BS26aqPWNXCp%2FNbiPn8Xlhhvd5S8B%2FTOSHBxxbUgp%2FAfCkB8mmy6Hzvetcu4I7biaMgnv34s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kjgm
rar
as.ad4m.at/ad/ Frame BF13
9 KB
4 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae03add3e626c9e1005f8a7075aa5f755400102f71370c5d592c7545711aab06
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hqat87455bw90b8acwd8ff7paf16chsr5xvcgyv38fcsjfrwdp10ek0vsaxapmqwp40gbmqzz100n9pteyvqafj6c588rh2hy4a1kkgvvqbye0qpqff4swskpcd9yeer6hppggn7gyb1rb4prz31ad4w3tjwe1k02y917e3y89nmpfbkdpndn3wc3pfbngac1faagmg4mdpbvmhkakx0dakj7ycch2tmjvbmemsa0hchb6knxbvtxfggfkh0qgr2mj3fsbpdz9g0zqq049y870e3nm6f62nefkr074t2aydat9k3jajb4j5vr0b6yb3kcg1wzj2b7e2c4bs7p5mpm46bmncvn8wtgvk61c8vmr1g664sft37s0t8n58grf99sdwzzs7qzvrg3751p672ferpkym8jhjer0486aeacdaqc5rf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae7348469116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 135F
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fkhbi911snde
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 01:21:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Nov 2024 01:21:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 135F
468 KB
188 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&co=aHR0cHM6Ly93d3cubWFydW11cmEuY29tOjQ0Mw..&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=fkhbi911snde
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 08:55:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
192016
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 08:55:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5578
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5578
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame 5578
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxP1qAm3DIVe0yn0rM7ETn_RBAo5vPDT5-4C9c-__AETB2VT87qZLdFiAXv0nHdt4OFopoe-JWvFkua6ijRi9Y7gW44A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5578
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:20 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame BF13
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774322
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc7kVSp7Oy882It9x%2F6F0Uo64GJlMn97seXy6qp5grkx%2FrnVSRQIsp8OBBkTiMliqC6po5SSg7i7aDScqLyrbyUMH2Ywut1GRiFwr3YPkbpa4hBgaimCq18H9PjRmgicBdkGet0ykFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae73886f9116-FRA
expires
Sat, 25 Nov 2023 03:49:20 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame BF13
7 KB
7 KB
Image
General
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190924
cf-polished
qual=85, origFmt=jpeg, origSize=8714
alt-svc
h3=":443"; ma=86400
content-length
6672
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Nov 2023 08:50:26 GMT
server
cloudflare
etag
"52953af169f970e1ac17ba40d8c26548"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLBUtyVwV%2F%2FPhhdudz3qPFXUm%2FUNTVJoj353A5XrxkaqR2366vro0%2BnUxfZuElrInoQKyOrojN8qUPfaA5kuN3OzmMSpUAPgB8azAkoPpOfw9GxBKruPHXazM3wrFi0GD6294F9UGL0inncd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae7388719116-FRA
E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
assets.ad4m.at/ Frame BF13
31 KB
32 KB
Image
General
Full URL
https://assets.ad4m.at/E1613AB51B8289501DC4E750FD05DAF49FBB0AEAEF6155FD81001404C0F388525557C80572BA5C3D895730DA3957A6D15AF6D079DFB5F55ED0C22B8402FC82AE
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72034
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
31793
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Nov 2023 07:48:34 GMT
server
cloudflare
etag
"ac24017e395215a412b39d1cdc9c2ad5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvfcQ9IDNxTU8%2B4J9EaepKPcfUvmd4yBPCo362j36WWad7l5rjUUVSlVEfRw2yRi1r%2B5Bf1qWmzIAMVy%2F8kGY%2B6VxuQZcBUBF53BBRDEc8PpaKLzfFGCM2GxoP3FKPNHQ714VTf5HclXlOxd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae7388729116-FRA
ztpv.php
www.conrad.de/ Frame BF13
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzDoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1700797760_73118590-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
0
198 B
Image
General
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1700797760_73118590-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache
cf-ray
82aeae741a4437e3-FRA
content-length
0
expires
-1

Redirect headers

Date
Fri, 24 Nov 2023 03:49:20 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1700797760_73118590-8a7c-11ee-98d5-22653d8c0e4c&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame BF13
8 KB
8 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
190956
cf-polished
qual=85, origFmt=jpeg, origSize=12951
alt-svc
h3=":443"; ma=86400
content-length
7758
cf-bgj
imgq:85,h2pri
last-modified
Fri, 20 Oct 2023 22:22:01 GMT
server
cloudflare
etag
"12e3523b35b31c7ddfe7c77dcdb14a34"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=To%2BzXEJP0YhEfvs8g7B99WoqPlfOXyCKhboWaVjJ1qwbi9PAnIFHIqg2WpxNstPUOy84OHMZbbjjq9nYU46S%2FNBIiyaYkzzCdPOAfbXQ5DuZLIu%2FoGqFUa5WCa83pnWN8guF579IZ4%2BMJBp5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae73a8799116-FRA
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame BF13
20 KB
21 KB
Image
General
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
198915
cf-polished
qual=85, origFmt=jpeg, origSize=29026
alt-svc
h3=":443"; ma=86400
content-length
20740
cf-bgj
imgq:85,h2pri
last-modified
Sat, 21 Oct 2023 21:22:49 GMT
server
cloudflare
etag
"9e8c0f685f08676e3b6bec8849b76e69"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFq2mhbgG1ADGImY0AfNHedorUwS8j8Cn1Hyo4vPN2NTktk3VnwM%2BOLzlTsdN1R5gMq2xneTVaCcOD21mCILGxYudkO4CNjjbSi34rXkiN8jI8AIp5VK4gskg%2B4o0OhVNlReiX%2FPvRrkRdjV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae73a87a9116-FRA
/
partner.o2online.de/a/ Frame BF13
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLC467Ld24IDFc_BuwgdGqECxg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023112404492090772425441X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202311...
0
0

E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame BF13
9 KB
9 KB
Image
General
Full URL
https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1217916
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
8772
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:13:38 GMT
server
cloudflare
etag
"15b1f39d668aa86c2ba2ba17d94cc733"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twmJP1jbvzaL80sk5%2FRDu41AObNbpOJzSl7LB5djPM4NFgpkWTb%2BmYsUtu6dyj%2B%2BRGbXrE7o5o6PNfFgTJIZrYRDjKWLhxuZ3%2F9wMbzKRlmwsQ%2FTPp3QhskndG0aodSgBSrlk9HItSSnxkBd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae73a87b9116-FRA
2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame BF13
32 KB
33 KB
Image
General
Full URL
https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1280520
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
content-length
33043
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Nov 2023 08:07:19 GMT
server
cloudflare
etag
"4248eb804269666620fb86952a326d7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqY%2FKyDS5Ip0yxfh9IfoFB2DVsPzWrzJ3R8zgeCT8wRMsJ7mZfbNY2%2BOkyFF%2BBul6ggI%2B%2BOKMfy177LLOXlnRhc%2Bk2OZcXNKOhUp1%2FKcCuGsmeCfajlTewPw05WZONOj9%2FkF9PWxv9K9H5mA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae73a87c9116-FRA
view.aspx
pb.media01.eu/ Frame BF13
Redirect Chain
  • https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_...
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&action...
0
182 B
Image
General
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=981741&produktid=&dt_url=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=537178%2C195016%2C34719&b=8RZUDf8fZQ3phgHJHEtxtkbjfGSwT8J9TzD%2CVx7fwfmfD6rGFVHbHAtRtEEmcBSzTzQkTb6%2CZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27&f=ZxJfwfBf8rjdtmHDHDtDCJW8T6SXTx3qa27%2Cm3AsefGfWPD8FmHZHZtQCJJpCKSwTX8AfbJ%2C9jeTMfmfr19cKHBH2tzCJK9S9SmTZY2TeE&c=300&d=250&e=&g=13bfca6d2e17c400966e172cb2d9b6f8%2F13172744299348134194&i=21596%2C20774%2C26474&j=16%2C14%2C41&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797760502&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kfhbqapp0xygs4e2e0kxy38w77zn6qsm2055z8596n8vymvsas6mk9qx0dpng39t9ebt8n8exj91qwwk8w2tw5vp4rdb0kgj4cby1ddq37secsj60y7x8b7a91z2yc3gwjxq0m4dqejh4dbxf8b6vxwrks1s0jz59kefd475p2w2wzmn557t7vfys8xdra1x6ggj5c9expy47s32re0dg3qhv2f7fgagkppzraqyreycx2wkqjs88q2054p1zvp5nhsrgjb5h3jrd3t84dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCW4YQPh1gZbKAHs3KZfyArIgOkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItOTcwOTI5MTIxNzY1NzQ1MsgBCakC46S2mfhLsj6oAwHIAwKqBNABT9DpjNSuIw63flBfGEhpmmBJLAcn-Mdj9iO9FFSvbRQkhohzB9qVr6IycyZRYG2o7HJHZLSHi2VHDC4Sh__wPq3ZS-eZLj4PEts8FjBu_H4DYJN6hDOim0Ris3W07zKcXupLrHx7QZqL95WDZQ7qVYvwbx_GLK41ruZRAauMIqw7LeMYj60ODJyugV-z3Ka-ekJrDBNHjLOc-6dnekVEcvcwLYAWueJgJjdH08Xc61yW75OkfeDfnDFkreW78v4DU1evtyjNN1AS5A5thhqm14AGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3obIDOLjSESs7TN7TiFALRnXbeuA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:19 GMT
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 24 Nov 2023 04:49:20 GMT
server
Microsoft-IIS/10.0
access-control-allow-methods
GET,POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=15768000
x-iplb-instance
40027
content-length
0
proxy-host
pv.medialead.de
attribution-reporting-register-source
{"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx/1.17.5
host
pv.medialead.de
x-iplb-request-id
B9D59B99:E6A8_91EFC182:01BB_65601D40_740A510:1E879
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=wkzMotivBoneidZxJfwfBfmJpsmHDHDt3tP8Zc6SXTx3qa27oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&actionid=981741&produktid=&dt_url=
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
keep-alive
timeout=20
afr.php
ads.eu.criteo.com/delivery/r/ Frame B36C
122 KB
0
Document
General
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:19 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2jTsTETPs9aHMANRcbhvBp1lX4jGXJYSirPLnetI_boVQ7W4vwaN7ZZ_-ewa2KQn3gVCGbNRZ-AH_FNBYHopSQrrdRLX26egF_J1EVrJBjI_6hm8g_neZKxdn7dSZhk64vHH11_2V5s0g4QSxiqFNLqf2X0fkk4iyvhepj-bjLIyIIZ7oBhcjfzWpPj-dKgq9AoXNTCU3hJC-D1fABfq1sLGXga33rBCExjZ7Vezs_lz7gMh1OCA8iBBD1jxG0ssUmnHIA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
13121148
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E9F8
1 KB
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=200&slotname=5449908357&adk=4155895856&adf=1936672856&pi=t.ma~as.5449908357&w=220&fwrn=16&fwrnh=100&lmt=1700797759&rafmt=1&format=220x200&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759539&bpp=8&bdt=1002&idt=416&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=132&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=2.xsrcio2745e4&fsb=1&dtd=426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ Frame C09D
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4R68YF3NQ8&gtm=45je3b81v880762829&_p=1700797755205&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893264436.1700797752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700797752&sct=1&seg=1&dl=https%3A%2F%2Fwww.marumura.com%2F&dr=https%3A%2F%2Fhoroscope.marumura.com%2F&dt=Marumura&en=page_view&tfd=6276
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4R68YF3NQ8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.marumura.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame B36C
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:20 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame B36C
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Nov 2024 03:49:20 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame B36C
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Nov 2024 03:49:20 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame B36C
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Nov 2024 03:49:20 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B36C
43 B
347 B
Image
General
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=PPfa6nH7feACxV7WL2nYIhEQoA9nvhPrZWkEJSgu888gOOl35QO4RiCASrW2GdtCEEiqdaOXd3RAWEnhMoVNtOgSadT7EedpFn7Y5-a3oXX4nVwqKTDNESawv03Z9eJdt7zdgv-4CBSjI8CEU1pJ68J7oMQuQas77yowIYJiwrW7AVJ-InYiLGLkxc2lLcPxCgmnXW5QBjae71iUOkTNmuTUSNgRHOBNns76q9j_a1lQ8B-CVm7eNT80XJfhcteZkbFl_nRzBLB_D1UGCVbBAkz_KfrU58LVNovtzsrlTnNX4qq8PjIrgEAHlY02JD3JXVg3dfBGbu2yZaku8Uw_Vp7FXmdW145yDuDwTFe9jCDIVM0Lswsm3PXu8NtnVcOsaqSx2pMe6gzt7v6QzyLS6CacPIw5PL1YDaR1sJ-SwFNFAXfw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZWAdQAABVxwKZL3kAABdpQimio-QVdbPJaIeEA&u=%7C%2BunGrVTyaYdgPMHbMJVrhDkLv45yyY%2F5MwmpeuB7%2BX4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANaIeQW4v_qWpu9tqCYETPjvCxGfCpdZxklkXDDEzqFU_SolHNZvHbRjShazI8U-luu35EbRQjSXToTD9dQCMVK2LVqbR0L6boa_bERFGjoZorzivAYmzkZ6FQDdWwUhXHu3rOYPJsxEGmIGvEr4SsPMQplFLbsSpEJcdhIaumgOugBtsJYxYz7YxTFF4RMDVEDdHJ6QZTiUD0hg08tLI3Ep4nD1-hSGvjX-G4VYmJVfGRMeEbThNsnmDtsZ2NO71HF-zJddltYfq1NAowjQvVkx-LmL7PrGwysFpOptW2L7CRpnDzmOc2wVsmrprRrFgcHkwaaswTtOWvYtu36-OSuCZuBnBSdrpIETVs7j4NYi6ikjcnfy_sOIy88lsgKy3O9h3aC_SUW2SGzr9lZV30-6z-dB_JqH8QycBGd1CKFaK0nHmCFocuLJM-clPkNc9ec-W80SqlD2FwqxwbsKpzv2soHi7DlVJAwbjfCP3h_E0cBwf1UXA-S8iCNRb0ZxFxp89uMPM2k9W8P57K1nKAjzvQkQrCjWngALUpfQXjdPO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCwgWQB1gZZyuBeT7kgOlu4HwAcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTPAU_QDD_S5BC2GJZw98rP1xr6bVvnjnqAZuhx3KgduKTqTb3HKbDpAKC4UKFSHz74QIM2J1UTiGLg34QeGDGxrQ79QDQRprYo3wWe7kqyi_3ymUmRbl8OWGNB1FX-imioWLWFbbx5j5QUEUoJDZPTH9i3EGcWsRFFc0WtFsBsBfSgboD2Zinesayr6QzcthhqYorzvvT7TO5zMibLKjrCM9tR79QHMgiJDXVf-E6vsCCLLyxShEhYMRdorRBrh7oFOS1nKY7pvq9yeCqwdunZyoAGvK61htmRoaMxoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2-PsJJJY7WmuoIhRmI2NCfxIMI3A%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2311926
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 5578
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
931974aa760809192f7d15b8c88389d160e4c698c0993e75782d664472a12888

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3A05
0
0

qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3A05
0
0

l
www.google.com/ads/measurement/ Frame 3A05
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyRiyy4LyGFFowhCNjvXZEock5LDuHx0BGdytT_ZQDJVaLSZ-PEFkM561UNt3zCM0dEULhNv3h0iCX5IompM7weiWOKw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=4061352511&pi=t.ma~as.4574689270&w=300&lmt=1700797760&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759573&bpp=33&bdt=1035&idt=483&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C220x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pxt44r6f1hog&fsb=1&dtd=502
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3A05
0
0

dr
as.ad4m.at/ad/ Frame 2CEE
0
0
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1kxa4pt10ca07sv98bynhf54fb1t90veyfcg4vtyj5k285shqe7saxg6rbya4dj8yj3erwdzwgcnjsjprmm1syd5dc3rk39m57jmsfdjmpgfvbfehsgvxqmq1zm0yxt3504c19pmks05wgfb2n2fn1dcpm3e0kwr5fk95n076gdm8b0kxhj7mgtyhvv8ddmbkd8221n9tsxbnd9ewvw3eamzdsq25cqsnmxgd5gj85213v2gj7824sp6mb7ymg97jhqm5gyaph2n8fkv6veq8m3jv66jn9pfg5m1chz0c9pjh92zsfzctq59n3bk6y31426fvega3xg9pb5vg1bn3pnw7bxf19vjadds2x7gmxc3p2mrf8mze2h6qwzyp84989ntk3b3wnmnawpnvd65wk3cb7sbb0njk75b8vf6m893xzwk2qk99w5ht9cg810g272wmwvv4c&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVt9NQB1gZdnHC4eFkwOkvLOYA5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAuOktpn4S7I-qAMByAMCqgTOAU_Q2z_5p0AtA976xYK1oP7AByqWuTKO1yYTtXQdy3JLvosOmPW0vXueOuby7eIuuH30uNacjCKqy84UxU8oi_526YdyUcyal1B3_92kZbP0iKhUwoXMhJ1QbVtnA1tjG0fD7D9_2fsUyE6Upw3z99nMakybTNxqEas64nITK8fkEkkfd3tJ_g-1wwLCtyg_rQvzEzF2eqoqwL0dYgavRL00x7BPCkBJuRFIkAp6LmV_2uq9bW-gKqQGxe-jaASsxGdo0q53NbstWY2teMzIgAb8k6yH8smngiugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1CXel61pRUmXmvGDxHqWwW-XnoOg%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=4061352511&pi=t.ma~as.4574689270&w=300&lmt=1700797760&format=300x250&url=https%3A%2F%2Fwww.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797759573&bpp=33&bdt=1035&idt=483&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C220x200&nras=1&correlator=8649921826522&frm=22&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=1&nhd=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=220&ish=528&ifk=4081011624&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C31079605%2C42531706%2C31078297%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=3140902348476752&tmod=406738313&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C220%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.pxt44r6f1hog&fsb=1&dtd=502
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae7509149116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:20 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 27D4
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 069C
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame D06D
38 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f989602f313600471bf15bdcb48d527d503ca423247b3a0bbf6963c0a9267409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16120
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 16CA
0
0

vevent
ams3-ib.adnxs.com/ Frame 16CA
0
0

ads
googleads.g.doubleclick.net/pagead/ Frame C72A
48 KB
19 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
477fb9dd420f9043243761346ecc42820e479d5973b982b6fde2b0212aae0ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
19592
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ Frame 11BA
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 5578
0
0

/
www.marumura.com/ Frame B5A9
295 KB
26 KB
Document
General
Full URL
https://www.marumura.com/
Requested by
Host: travel.marumura.com
URL: https://travel.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
be2ffa28912e8c4640e66d61a3b6436971dd4873cd25764939de24cef5cf5118

Request headers

Referer
https://travel.marumura.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 24 Nov 2023 03:49:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://www.marumura.com/wp-json/>; rel="https://api.w.org/", <https://www.marumura.com/wp-json/wp/v2/pages/763>; rel="alternate"; type="application/json", <https://www.marumura.com/>; rel=shortlink
pragma
no-cache
server
Nginx_Rc-Cr
vary
Accept-Encoding
x-cache-status
HIT - 15m desktop
powerkit.css
www.marumura.com/wp-content/plugins/powerkit/assets/css/ Frame B5A9
25 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.min.css
www.marumura.com/wp-includes/css/dist/block-library/ Frame B5A9
93 KB
11 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:38 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
posts-sidebar.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
4 KB
862 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
twitter-slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
1006 B
378 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
4 KB
711 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
horizontal-tiles.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
4 KB
713 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1667635447
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:07 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
full.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
4 KB
735 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1667635446
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:06 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
slider.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1667635443
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:03 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
carousel.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
3 KB
561 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1667635445
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:05 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wide.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
20 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
narrow.css
www.marumura.com/wp-content/themes/authentic/css/blocks/ Frame B5A9
9 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1667635444
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 08:04:04 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
classic-themes.min.css
www.marumura.com/wp-includes/css/ Frame B5A9
217 B
320 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:14:29 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
styles.css
www.marumura.com/wp-content/plugins/contact-form-7/includes/css/ Frame B5A9
3 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.7
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 13 Jun 2023 14:33:59 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-author-box.css
www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/ Frame B5A9
2 KB
684 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-basic-elements.css
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/ Frame B5A9
21 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-coming-soon.css
www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/ Frame B5A9
1 KB
572 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-content-formatting.css
www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/ Frame B5A9
9 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-contributors.css
www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/ Frame B5A9
3 KB
843 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-facebook.css
www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/ Frame B5A9
477 B
364 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
public-powerkit-featured-categories.css
www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/ Frame B5A9
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-inline-posts.css
www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/ Frame B5A9
4 KB
910 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-instagram.css
www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/ Frame B5A9
5 KB
1 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-justified-gallery.css
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/ Frame B5A9
3 KB
825 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
glightbox.min.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame B5A9
13 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-lightbox.css
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/ Frame B5A9
1 KB
642 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-opt-in-forms.css
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/ Frame B5A9
3 KB
814 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-scroll-to-top.css
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/ Frame B5A9
1 KB
512 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-share-buttons.css
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/ Frame B5A9
71 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-social-links.css
www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/ Frame B5A9
149 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-table-of-contents.css
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/ Frame B5A9
3 KB
1014 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:42 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-twitter.css
www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/ Frame B5A9
3 KB
946 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
public-powerkit-widget-about.css
www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/ Frame B5A9
1 KB
506 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:44:41 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
frontend.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/ Frame B5A9
101 KB
14 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
flatpickr.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame B5A9
14 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
select2.min.css
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame B5A9
15 KB
2 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
wpcf7-redirect-frontend.min.css
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/ Frame B5A9
316 B
273 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:41 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
if-menu-site.css
www.marumura.com/wp-content/plugins/if-menu/assets/ Frame B5A9
929 B
602 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
last-modified
Wed, 19 Apr 2023 15:14:58 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic/ Frame B5A9
243 KB
29 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:53:53 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
subscribe-forms.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame B5A9
23 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
click-to-tweet.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame B5A9
3 KB
737 B
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/click-to-tweet.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
essb-display-methods.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame B5A9
10 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/essb-display-methods.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
social-profiles.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/ Frame B5A9
32 KB
5 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/lib/modules/social-followers-counter/assets/social-profiles.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
easy-social-share-buttons.min.css
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/ Frame B5A9
71 KB
10 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/css/easy-social-share-buttons.min.css?ver=9.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:42:57 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
style.css
www.marumura.com/wp-content/themes/authentic-child/ Frame B5A9
15 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic-child/style.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 09:37:51 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
legacy-features.css
www.marumura.com/wp-content/themes/authentic/css/ Frame B5A9
13 KB
3 KB
Stylesheet
General
Full URL
https://www.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=1.0.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 05 Nov 2022 07:57:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
text/css
jquery.min.js
www.marumura.com/wp-includes/js/jquery/ Frame B5A9
88 KB
30 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery-migrate.min.js
www.marumura.com/wp-includes/js/jquery/ Frame B5A9
11 KB
4 KB
Script
General
Full URL
https://www.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 01 Dec 2022 10:16:25 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.dyngroup.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame B5A9
2 KB
1022 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
jquery.adrotate.clicktracker.js
www.marumura.com/wp-content/plugins/adrotate/library/ Frame B5A9
365 B
394 B
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:39:08 GMT
x-accel-version
0.01
server
Nginx_Rc-Cr
x-cache-status
HIT - 15m desktop
vary
Accept-Encoding
content-type
application/javascript
flatpickr.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ Frame B5A9
49 KB
14 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:19 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
select2.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/ Frame B5A9
69 KB
18 KB
Script
General
Full URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Nov 2023 13:45:20 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B5A9
150 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?ver=6.1.1
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4f73134113524c59a58fa69ff588aa0b355a80932876ef61b45a15b9c06b0f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52690
x-xss-protection
0
server
cafe
etag
1648912638539688882
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:21 GMT
js
www.googletagmanager.com/gtag/ Frame B5A9
0
0

ats.js
anymind360.com/js/6621/ Frame B5A9
181 KB
41 KB
Script
General
Full URL
https://anymind360.com/js/6621/ats.js
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 13:35:49 GMT
date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
51212
x-guploader-uploadid
ABPtcPrKhQh2itZ3gZKfLMYTRGqzqs3IgX9vFt8n2ch7vbHB1MzE1eWG_lZ09YJBJm9y_zdU8KI
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
41143
x-served-by
cache-tyo11943-TYO, cache-fra-eddf8230031-FRA
last-modified
Tue, 15 Aug 2023 07:52:43 GMT
server
UploadServer
x-timer
S1700797761.222196,VS0,VE0
etag
"f71ad782360fec7bbcc0a6698a95ad0c"
vary
Accept-Encoding
x-goog-generation
1692085963448822
x-goog-hash
crc32c=4f+vWg==, md5=9xrXgjYP7Hu8wKZpipWtDA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
41143
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
4, 7
atm.js
adasiatagmanager.appspot.com/js/v1/account/5668753656250368/ Frame B5A9
0
0

adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B5A9
0
0

logo_marumura_b2.png
www.marumura.com/wp-content/uploads/2019/07/ Frame B5A9
14 KB
14 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b2.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_b.png
www.marumura.com/wp-content/uploads/2019/07/ Frame B5A9
16 KB
16 KB
Image
General
Full URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_b.png
Requested by
Host: www.marumura.com
URL: https://www.marumura.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
45.64.187.237 , Thailand, ASN58955 (BANGMODENTERPRISE-TH Bangmod Enterprise Co., Ltd., TH),
Reverse DNS
qaswair.anasx.com
Software
Nginx_Rc-Cr /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.marumura.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:22 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Fri, 25 Sep 2020 00:05:27 GMT
server
Nginx_Rc-Cr
vary
Accept-Encoding
content-type
image/png
logo_marumura_w.png
www.marumura.com/wp-content/uploads/2019/07/ Frame B5A9
0
0

Kintetsu-Yunoyama-Onsen-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame B5A9
0
0

Jewerium-Enoshima-Aquarium-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame B5A9
0
0

Umekoji-Potel-Kyoto-_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/11/ Frame B5A9
0
0

Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame B5A9
0
0

Asuke-Toyota-City2_cover-320x240.jpg
travel.marumura.com/wp-content/uploads/2023/10/ Frame B5A9
0
0

Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
travel.marumura.com/wp-content/uploads/2023/10/ Frame B5A9
0
0

AD_side_banner.jpg
www.marumura.com/wp-content/uploads/2019/07/ Frame B5A9
0
0

wajapan.png
www.marumura.com/wp-content/uploads/2019/07/ Frame B5A9
0
0

maichaiguru.png
www.marumura.com/wp-content/uploads/2019/07/ Frame B5A9
0
0

sdk.js
connect.facebook.net/en_US/ Frame B5A9
0
0

front-flex.min.css
www.marumura.com/wp-content/plugins/siteorigin-panels/css/ Frame B5A9
0
0

index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/ Frame B5A9
0
0

index.js
www.marumura.com/wp-content/plugins/contact-form-7/includes/js/ Frame B5A9
0
0

public-powerkit-basic-elements.js
www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/ Frame B5A9
0
0

jquery.justifiedGallery.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame B5A9
0
0

public-powerkit-justified-gallery.js
www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/ Frame B5A9
0
0

imagesloaded.min.js
www.marumura.com/wp-includes/js/ Frame B5A9
0
0

glightbox.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame B5A9
0
0

public-powerkit-lightbox.js
www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/ Frame B5A9
0
0

public-powerkit-opt-in-forms.js
www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/ Frame B5A9
0
0

public-powerkit-scroll-to-top.js
www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/ Frame B5A9
0
0

public-powerkit-share-buttons.js
www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/ Frame B5A9
0
0

flickity.pkgd.min.js
www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/ Frame B5A9
0
0

public-powerkit-table-of-contents.js
www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/ Frame B5A9
0
0

frontend.min.js
www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/ Frame B5A9
0
0

wpcf7r-fe.js
www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/ Frame B5A9
0
0

owl.carousel.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

colcade.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

ofi.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

jarallax.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

jarallax-video.min.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

scripts.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

sharing-bar.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame B5A9
0
0

pinterest-pro.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame B5A9
0
0

subscribe-forms.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/ Frame B5A9
0
0

essb-core.min.js
www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/ Frame B5A9
0
0

api.js
www.google.com/recaptcha/ Frame B5A9
0
0

regenerator-runtime.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame B5A9
0
0

wp-polyfill.min.js
www.marumura.com/wp-includes/js/dist/vendor/ Frame B5A9
0
0

index.js
www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/ Frame B5A9
0
0

legacy-features.js
www.marumura.com/wp-content/themes/authentic/js/ Frame B5A9
0
0

c.gif
www.bing.com/aes/ Frame C72A
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=1239f412-989c-4664-8134-32244378f70c&bidId=1&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=552ea9b6-a8b3-40d2-b7e...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e9d707d58edd4377a68add63cbe8d1b5&SNR=1&GV=2&med=10
0
18 B
Image
General
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e9d707d58edd4377a68add63cbe8d1b5&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42FB4F65A269404E950528E8D35301F1 Ref B: FRA31EDGE0618 Ref C: 2023-11-24T03:49:21Z
x-cdn-traceid
0.39d53e17.1700797761.24d249f5
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 24 Nov 2023 03:49:21 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B4CF322428AC4D64B705EA1D1531659B Ref B: FRA31EDGE0108 Ref C: 2023-11-24T03:49:21Z
x-cdn-traceid
0.39d53e17.1700797761.24d249e9
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=e9d707d58edd4377a68add63cbe8d1b5&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
150
quic-version
0x00000001
sdk.js
adsdk.microsoft.com/native-to-display/ Frame C72A
91 KB
36 KB
Script
General
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231124T034921Z-dpzhn36p752x70p81xx3cedhk000000001a000000000n4z4
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa866cf1-701e-0084-305e-1d91e3000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame C72A
80 KB
28 KB
Script
General
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Fri, 24 Nov 2023 03:49:21 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
740540
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230074-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700797761.253774,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 957675
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C72A
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C72A
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C72A
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D06D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 12:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
56064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 12:14:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D06D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 10:09:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
63606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 10:09:15 GMT
l
www.google.com/ads/measurement/ Frame D06D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEf6mIdbWbPHJJJa-iHMLyh0bencnnL9JjdnavvQ98p7EGirGWjhwWgWLatIF0cdqPjNQDVZXfazRYYwdo1WxtlL4pbw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D06D
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:49:21 GMT
dr
as.ad4m.at/ad/ Frame DDCC
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1jn0xfpmhs96x37zxdn10ve20yw2bnne55gpdcxmh7v5ybbs19tryd9ftmmh2s2yaracv2030ygwttz29nx250jemqabe4efr9zhff6hjkhyjrjwah0bpkbkx9j11ar70n43w2xqrgew8kv9vwx88rrkkyk14a8a2482d9z345c5qvw1ja07a0vtg7xzhgrkz1zckydcbkyk60bfhx11s0t5xhpp2v89f6y85k86wzdwyzgebkyyzca8z2x1j17nf6wazz606tymd2e26whnm0v3rgds38jvnff9z8dav2xd6q9xhd0zx60hqapqp1jtwks6jsb0h9cb68v6455psests767pafgksk0sjywr3n6by44hsps8dgva1h4cq0yx92rv3tyrsrwrpr45j8bwjwx5snnbq8djm82p16e2pyr436sh0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%26client%3Dca-pub-9709291217657452%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b538751bc4419d2a405aa98a7d4bb073fdfc4f4a15223c2a8c47bf09608b4618
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae77fa7f9116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:21 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0BC7
1 KB
653 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
th
www.bing.com/ Frame C72A
4 KB
4 KB
Image
General
Full URL
https://www.bing.com/th?id=OAIP.b22bd42ff3414a944a357631de575d76&pid=AdsNative&c=3&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62f9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0d97972d409ed02744716872d8f6c3b15dc8007075e44050c19ee1e57d97ae86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.39d53e17.1700797761.24d249f2
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
4216
alt-svc
h3=":443"; ma=93600
quic-version
0x00000001
rd_log
ams3-ib.adnxs.com/ Frame C72A
0
534 B
Script
General
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKABOgAAgAAAwDWAAUBCMC6gKsGEKWX7Nf13rLXDBgAKjYJTfE0-3dZmz8RU4a5xzqfmj8ZAAAAgD0K1z8hUw0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ivEFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0n8FiAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2AOhmVbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAXWWIgFAZgFAKAFpNnMxYfBisJSwAUAyQUABQEU8D_SBQkJBQt0AAAA2AUB4AUB8AUI-gUECAAQAJAGAJgGALgGAMEGAR80AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHivEF0gcNFWMBJgjaBwYBXqQYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=b75bcc23ebd67f3bd6db5ee5222c62d5a054fef9&bdref=https%3A%2F%2Fhoroscope.marumura.com&bdtop=false&bdifs=3&bstk=https%3A%2F%2Fhoroscope.marumura.com,https%3A%2F%2Fwww.marumura.com,https%3A%2F%2Ftravel.marumura.com%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9709291217657452%26output%3Dhtml%26h%3D250%26slotname%3D4574689270%26adk%3D2761220695%26adf%3D3701853997%26pi%3Dt.ma~as.4574689270%26w%3D300%26lmt%3D1700797758%26format%3D300x250%26url%3Dhttps%253A%252F%252Ftravel.marumura.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700797758196%26bpp%3D2%26bdt%3D1048%26idt%3D241%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D3b7d84e77066d36c%253AT%253D1700797752%253ART%253D1700797752%253AS%253DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg%26gpic%3DUID%253D00000cdaeaeeebf2%253AT%253D1700797752%253ART%253D1700797752%253AS%253DALNI_MaqZcUqX463gStgPbS0Es03xSpijg%26prev_fmts%3D0x0%252C260x200%252C300x250%26nras%3D1%26correlator%3D7015020409522%26frm%3D6%26ife%3D1%26pv%3D1%26ga_vid%3D1893264436.1700797752%26ga_sid%3D1700797758%26ga_hid%3D1181455639%26ga_fc%3D1%26nhd%3D2%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D260%26ish%3D528%26ifk%3D2013920840%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D44759876%252C44759927%252C44759837%252C31079438%252C31079759%252C31078301%252C44807405%252C44807754%252C44807763%252C44808148%252C44808285%252C44809054%26oid%3D2%26pvsid%3D1021158891192274%26tmod%3D491636430%26uas%3D0%26nvt%3D1%26top%3Dhttps%253A%252F%252Fhoroscope.marumura.com%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C260%252C528%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3D4.408zuv6gzgz2%26fsb%3D1%26dtd%3D250&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
an-x-request-uuid
a93c9d3c-253c-4a3c-ab4e-12527d5e4cfd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame DDCC
115 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn0xfpmhs96x37zxdn10ve20yw2bnne55gpdcxmh7v5ybbs19tryd9ftmmh2s2yaracv2030ygwttz29nx250jemqabe4efr9zhff6hjkhyjrjwah0bpkbkx9j11ar70n43w2xqrgew8kv9vwx88rrkkyk14a8a2482d9z345c5qvw1ja07a0vtg7xzhgrkz1zckydcbkyk60bfhx11s0t5xhpp2v89f6y85k86wzdwyzgebkyyzca8z2x1j17nf6wazz606tymd2e26whnm0v3rgds38jvnff9z8dav2xd6q9xhd0zx60hqapqp1jtwks6jsb0h9cb68v6455psests767pafgksk0sjywr3n6by44hsps8dgva1h4cq0yx92rv3tyrsrwrpr45j8bwjwx5snnbq8djm82p16e2pyr436sh0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1jn0xfpmhs96x37zxdn10ve20yw2bnne55gpdcxmh7v5ybbs19tryd9ftmmh2s2yaracv2030ygwttz29nx250jemqabe4efr9zhff6hjkhyjrjwah0bpkbkx9j11ar70n43w2xqrgew8kv9vwx88rrkkyk14a8a2482d9z345c5qvw1ja07a0vtg7xzhgrkz1zckydcbkyk60bfhx11s0t5xhpp2v89f6y85k86wzdwyzgebkyyzca8z2x1j17nf6wazz606tymd2e26whnm0v3rgds38jvnff9z8dav2xd6q9xhd0zx60hqapqp1jtwks6jsb0h9cb68v6455psests767pafgksk0sjywr3n6by44hsps8dgva1h4cq0yx92rv3tyrsrwrpr45j8bwjwx5snnbq8djm82p16e2pyr436sh0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%26client%3Dca-pub-9709291217657452%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
774323
cf-polished
origSize=118430
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Nov 2023 10:26:17 GMT
server
cloudflare
etag
W/"486507ccce9ac587d11c0ef3f32a109a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLctON0k6Ab2qLsKMpUX9OKfiskALDwQhuGjcrz91dBENCu26eTtlHEtr7M9GROYSuHWRjcwxb6Dc5BAXQ0n3klZX7n2oqNYYCPvhprpvyxVmg7v49FagUWXVDZszihq8y5rbHewH7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400
cf-ray
82aeae784a9d9116-FRA
expires
Sat, 25 Nov 2023 03:49:21 GMT
r62eglto.js
ad4m.at/ Frame DDCC
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jn0xfpmhs96x37zxdn10ve20yw2bnne55gpdcxmh7v5ybbs19tryd9ftmmh2s2yaracv2030ygwttz29nx250jemqabe4efr9zhff6hjkhyjrjwah0bpkbkx9j11ar70n43w2xqrgew8kv9vwx88rrkkyk14a8a2482d9z345c5qvw1ja07a0vtg7xzhgrkz1zckydcbkyk60bfhx11s0t5xhpp2v89f6y85k86wzdwyzgebkyyzca8z2x1j17nf6wazz606tymd2e26whnm0v3rgds38jvnff9z8dav2xd6q9xhd0zx60hqapqp1jtwks6jsb0h9cb68v6455psests767pafgksk0sjywr3n6by44hsps8dgva1h4cq0yx92rv3tyrsrwrpr45j8bwjwx5snnbq8djm82p16e2pyr436sh0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%26client%3Dca-pub-9709291217657452%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
335283
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ivv9bG9NJ%2FITF5LNddtgWiOg4va%2FzPItWfLIHD%2FXfFkTOTSQkNTSyAIzypITUcYRGeeldxu%2FKBJJYRwSzaL%2FuTLoKboKGaTPATjqYXkXoRalnyMOrxaq05WpXdGH9sVrQapKkDA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
82aeae784a9e9116-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Nov 2023 06:41:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8124
1 KB
653 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
22348
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 21:36:53 GMT
etag
48472445140208031
expires
Fri, 24 Nov 2023 21:36:53 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C72A
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aad3800cebd15b83357fe46daf2bffed126a19bfe34be835e80e0532b5df4f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame C72A
0
558 B
Ping
General
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKjB-ijAwAAAwDWAAUBCMC6gKsGEKWX7Nf13rLXDBgAKjYJTfE0-3dZmz8RU4a5xzqfmj8ZAAAAgD0K1z8hUw0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ivEFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0nWIADAIgDAZADAJgDCaADAaoDnwMKugJoDTFwd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24BT_BeY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTU1MmVhOWI2LWE4YjMtNDBkMi1iN2VkLTA2ZjEyYjA3MTJmNSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0EyWAAYcHVibGlzaAUpKDE2MjY0NTMzMCZynm0AuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8GlfaHpmXzM1JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSOTEzODkwOTM4MTM0OTI0MTk3IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56VXpNVFkzTURNek9EUTVORFFqTnpVBRTwUk9EUXlNREUyTkRjPcAD2ATIAwDYA6GZVuADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAWk2czFh8GKwlLABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAeK8QXSBw0VYwEmCNoHBgFesBgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=0420e129228950c33bc7805b9151c1a2c3c5cf06&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=8645674361906142253&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7665501&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
an-x-request-uuid
9a64158b-57af-4381-b0d1-62246bee04cc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame D06D
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4a93549451c69caaa6a67df2d2e19c14dd8a770a1b7463d6debf3368f54b0f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame C72A
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoVM9QB1gZeDPNtCd-cAP0fiC4ATS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqAMByAMCqgTNAU_Q6bncRA8cjcTwZ6eIVZxdn4Prml7sayTnvTUlyKZPdVFSIlq5P5FG_YdQU6_ZoR_ntO2TbxvKb9O0gwtSYLLVFn8UfAg0o8g3POAdj24Yib3xr0_sInQD2ALHyoY7qK5l1qGSE3umCPYQvtJalveAa9Y993K5AIK-TDmjNPbg73EAg5IoqDmYjS2aG26IaAUnWbeQSpZ04jCXwWnqHl_S0lTxVJrqCEtAuxaThlcqL-fbXJvhuyY-fXhlQxYJKG-FZ1ZDTEFWS7Jn0_KABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTcwOTI5MTIxNzY1NzQ1MhgA&sigh=KQi1DfVW_m4&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNIgomPyBR0BBrkgl_GXsmkwFvvcmavXMpl5IZrMFJ32tqvDEBEn67X6KB45pjIThYAE2I3exDGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
ams3-ib.adnxs.com/ Frame C72A
0
534 B
Image
General
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKjB-ijAwAAAwDWAAUBCMC6gKsGEKWX7Nf13rLXDBgAKjYJTfE0-3dZmz8RU4a5xzqfmj8ZAAAAgD0K1z8hUw0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4ivEFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0nWIADAIgDAZADAJgDCaADAaoDnwMKugJoDTFwd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24BT_BeY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTU1MmVhOWI2LWE4YjMtNDBkMi1iN2VkLTA2ZjEyYjA3MTJmNSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0EyWAAYcHVibGlzaAUpKDE2MjY0NTMzMCZynm0AuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8GlfaHpmXzM1JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSOTEzODkwOTM4MTM0OTI0MTk3IgkzODE4NDY3MTQqBGJpbmc6NFUyVmhjbU5vUVdRak56VXpNVFkzTURNek9EUTVORFFqTnpVBRTwUk9EUXlNREUyTkRjPcAD2ATIAwDYA6GZVuADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERXZYiAUBmAUAoAWk2czFh8GKwlLABQDJBQAFARTwP9IFCQkFC3QAAADYBQHgBQHwBQj6BQQIABAAkAYAmAYAuAYAwQYBHzQAAPA_0AbCjQTaBhYKEAkSGQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAeK8QXSBw0VYwEmCNoHBgFesBgA4AcA6gcCCADwB4njAooIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=0420e129228950c33bc7805b9151c1a2c3c5cf06&pp=ZWAdQAANp-ACHk7QAAC8USaF_iaNMtIkaC6RNA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR4ifQB1gZeDPNtCd-cAP0fiC4ATS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqAMByAMCqgTQAU_Q6bncRA8cjcTwZ6eIVZxdn4Prml7sayTnvTUlyKZPdVFSIlq5P5FG_YdQU6_ZoR_ntO2TbxvKb9O0gwtSYLLVFn8UfAg0o8g3POAdj24Yib3xr0_sInQD2ALHyoY7qK5l1qGSE3umCPYQvtJalveAa9Y993K5AIK-TDmjNPbg73EAg5IoqDmYjS2aG26IaAUnWbeQSpZ04jCXwWnqHl_S0lTxVJrqSklhKdQ3fDq-1ZNuwsJlDSIdd_xsbQ7Qiunc4-rDZm1OizOFvmbrBq-ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZfXduQs8Cu03cnj7PYyqxdqQY0g%26client%3Dca-pub-9709291217657452%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
an-x-request-uuid
2e419710-25f6-4245-9ab7-fa01bdbb7f83
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.153; 185.213.155.153; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0BC7
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmQ8T4W1HIbUAeGvq92JWjs7IsTgXVpDTdc6CN3uadXg6pbSv-fc9vBoJjguMbmoEI2A-_5yojKnmuyWolLsrfg14cNtnJCW
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 0BC7
43 B
560 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmQxxqzyV3y4igns0cl0CePTnC8zz47tZe_kMQXswPuOyAhC91NBuf42vXJ19WFDoNJ3pHW11r33cly-9zZ02S-055O7EzGT&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQxxqzyV3y4igns0cl0CePTnC8zz47tZe_kMQXswPuOyAhC91NBuf42vXJ19WFDoNJ3pHW11r33cly-9zZ02S-055O7EzGT%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae7a0a9918cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0BC7
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmRIU1AsXr3NbGFRFsoeYGbrvBduusFb9lIIoyWddaMnTnZ_GHYIakaMBQK6I6UrxIzC1dQfoR9YFvucszdlyM0nv2ozrRScnw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0BC7
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmSe-l6C5GkwosZciaTHsczQjIKzZfivPhYTJWSnRw5-QmF71HKzH4RgC0AFwsU3dYnJaD2L34x_bXYWWi...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSe-l6C5GkwosZciaTHsczQjIKzZfivPhYTJWSnRw5-QmF71HKzH4RgC0AFwsU3dYnJaD2L34x_bXYWWigV_efzYzZOYxsiyA&google_hm=hmVgHTiytYnLhlZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSe-l6C5GkwosZciaTHsczQjIKzZfivPhYTJWSnRw5-QmF71HKzH4RgC0AFwsU3dYnJaD2L34x_bXYWWigV_efzYzZOYxsiyA&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmSe-l6C5GkwosZciaTHsczQjIKzZfivPhYTJWSnRw5-QmF71HKzH4RgC0AFwsU3dYnJaD2L34x_bXYWWigV_efzYzZOYxsiyA&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
date
Fri, 24 Nov 2023 03:49:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 0BC7
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmQDuACFJId3uVwQjVDI0dum0fiMGk6O1tt-__E1zMsWUSkuW1oaXPLfGNW9pZ0m9f1NefjiK0F8ILys2ixecgeckcGBVrQRSQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 0BC7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTlDLRQipU_6ehb6cEXpvtytmlG95F18wUsba1HKq0UkDauo2HqtlTh8Nxv1J7axHg6zJOx0Eti...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTlDLRQipU_6ehb6cEXpvtytmlG95F18wUsba1HKq0UkDauo2HqtlTh8Nxv1J7axHg6zJOx0E...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTlDLRQipU_6ehb6cEXpvtytmlG95F18wUsba1HKq0UkDauo2HqtlTh8Nxv1J7axHg6zJOx0Eti3ievs_3GBVc1tMkpn0BhjQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTlDLRQipU_6ehb6cEXpvtytmlG95F18wUsba1HKq0UkDauo2HqtlTh8Nxv1J7axHg6zJOx0Eti3ievs_3GBVc1tMkpn0BhjQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 0BC7
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IHWmDJBid--90bLh-YHBbI2j894Y9rJpbw6o9OxWzI8kZiKhCho5keBWf6IirJ1Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DDCC
350 B
877 B
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
315009
alt-svc
h3=":443"; ma=86400
content-length
350
last-modified
Mon, 20 Nov 2023 11:04:04 GMT
server
cloudflare
etag
"e7fc49b61cae983db8c3a1dccf923b93"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yz6rC3%2BW3wmmiXNkS8ulsXOcrsAJ93MOH0609IqceAqiWduodrNImvBaG%2Bqq%2BF5pQ6ryKHXEgjzl7etNXDDirGMWlzEDd%2BSPwzqBScq3iDdCZAcFmCt0jb9XswqwfbPB8bY0y3bJ3eO%2Fm3G3xzogJoeE"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
82aeae7a0c219072-FRA
expires
Tue, 19 Nov 2024 11:23:05 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 8124
0
103 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMZjarcHNU4TIT7lQyH3NAs&google_cver=1&google_push=AXcoOmS514pXSaVLVE4nY8_aazhBWMKRW7Z5mMKyssMscB0jAacs3YB2H0bTlnZ5fbH6UHxROobi-8sfxpq4xB7SAs5OXE10xtjkzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
a.tribalfusion.com/ Frame 8124
43 B
566 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEK7yP9crM46NA4hYiFFEL-U&google_cver=1&google_push=AXcoOmTy09sohs0p3nAvATNTzcWrn04_NCLspGvYPfzyRfSR1kKK9egkDH58ahzDwjNNZm7rGa6SwFF_1eAgW2fN59pealRj0WqSyeU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTy09sohs0p3nAvATNTzcWrn04_NCLspGvYPfzyRfSR1kKK9egkDH58ahzDwjNNZm7rGa6SwFF_1eAgW2fN59pealRj0WqSyeU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82aeae7a0a9a18cd-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 8124
70 B
148 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEBtTCatNXr9v4SBOZ8aB5LU&google_cver=1&google_push=AXcoOmROgun9YHo6_xsqMPZUMLgzhtV-fsWon54gce5Ik2bsocSBDollDxz6pEVYuJCHsMiU7NDU2Fp0eL9ok2VcDIFK3Ge7UlOP-b0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 8124
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECzCmEn1qiJ2KaG0WrTR2VM&google_cver=1&google_push=AXcoOmS3GDj7sw8RS0g4dDyzoXEFCPePADj5Rwc9tcl9boIohJ9gZmNN0aCXZTQL1OFZIMwBU1gBVnJIciawnc...
  • https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS3GDj7sw8RS0g4dDyzoXEFCPePADj5Rwc9tcl9boIohJ9gZmNN0aCXZTQL1OFZIMwBU1gBVnJIciawnc_Fz-XUP3bQ91UiHg&google_hm=hmVgHTiytYnLhlZ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS3GDj7sw8RS0g4dDyzoXEFCPePADj5Rwc9tcl9boIohJ9gZmNN0aCXZTQL1OFZIMwBU1gBVnJIciawnc_Fz-XUP3bQ91UiHg&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmS3GDj7sw8RS0g4dDyzoXEFCPePADj5Rwc9tcl9boIohJ9gZmNN0aCXZTQL1OFZIMwBU1gBVnJIciawnc_Fz-XUP3bQ91UiHg&google_hm=hmVgHTiytYnLhlZZYw&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D65601D38B2B589CB86565963BLIS
date
Fri, 24 Nov 2023 03:49:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
x.bidswitch.net/ Frame 8124
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPk25BYKdNAyaA3u59AOWoA&google_cver=1&google_push=AXcoOmTCNE-hgHk0YAPJ69BTGVcR2yf_TvSizcPJD8wMmXqSsLpFpxe5l4MSmZTzGOspX0G-55_UE3nY676L2bM54oDdAB81GA6brr8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.99.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-157-99-226.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 8124
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHR3NRI-Yhz0NR0DpW9hBWQ&google_cver=1&google_push=AXcoOmTHMnI4BjU1W3SIAl0Glw2BPQfD11FB9lxTwvPl3-MrhywxoYCPlFjKI1-1q1wd4m1sx4gOJvXy...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTHMnI4BjU1W3SIAl0Glw2BPQfD11FB9lxTwvPl3-MrhywxoYCPlFjKI1-1q1wd4m1sx4gOJv...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTHMnI4BjU1W3SIAl0Glw2BPQfD11FB9lxTwvPl3-MrhywxoYCPlFjKI1-1q1wd4m1sx4gOJvXydBUpuJV1EHCuOc0QBQwBcf0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 24 Nov 2023 03:49:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjYzNTE3OTg1NDQ0MjYxNTk0Mg&google_push=AXcoOmTHMnI4BjU1W3SIAl0Glw2BPQfD11FB9lxTwvPl3-MrhywxoYCPlFjKI1-1q1wd4m1sx4gOJvXydBUpuJV1EHCuOc0QBQwBcf0
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 8124
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_Wq8a6VtV43e-8K5mbYUEt8pOgAibl6rKYhaacugp6OlLMxt6LLihQ5j5cWdDGQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=3701853997&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758196&bpp=2&bdt=1048&idt=241&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200%2C300x250&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=4.408zuv6gzgz2&fsb=1&dtd=250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame 6C7D
2 KB
2 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
774324
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
82aeae7a1b6a9116-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 24 Nov 2023 03:49:21 GMT
expires
Wed, 15 Nov 2023 05:14:36 GMT
last-modified
Tue, 17 Oct 2023 09:43:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNrL7WyIXLWv2Sp4C47apjWyfzBXnk7tQeaE%2FWPyntv%2FLRrYkxiiwvGFCvCa5CZ%2FbUujvsBKzgXFFlY7mPZLFTJSrfRSn5ry6wEK4zztzUrog3wPpll9lIaSdq4UtnkCc5Z0V%2Fg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adview
googleads.g.doubleclick.net/pagead/ Frame D06D
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdoLpQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoEzQFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqCKEWz8f0ZPjm9jI-tR-qSm3DtMt9UBPyctOtZLPzkJeBHUIre7tgAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MDkyOTEyMTc2NTc0NTIYAA&sigh=nvqfOG0BUbY&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN7amche6IxAeRFwy0-2mDtYhEugDYrCIAROTYLxWROGmq0AME6cegyMVHNKy5loN7BMcLC6YpGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 24 Nov 2023 03:49:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame D06D
0
11 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j4cw3whhjf9brg18qr2am16vvs7zgct35v6jcyn441xzecmeqpsqxwqhaafe1cx24110d9n3xz4pv8wrr1869t89t1abfbcyrstfaayhmbcs62xwtaybwzc0eja1cm3crhy625fz1qrshj7kqg2zn908xky9b8r1zewqc5hv8ptz20x8ypwnvvnbck1nvmh0evjke08whqn67xtn3deppw0013m01mr6rjfmw03jmtajk77rj19camawpfmfeg00n2c6tpymd1a147ebqt2e3fdyw1763xb74j9bdqxh8q9yxbqkvd9nz1sr3spq4dvnx8gfkx93m5k7mwjtvvm4k11cqgxrd1p3twhp0ng5qh9v6pp5qd0bt95yr07cqawmttnf4fqdr&b=ZWAdQAANno8KGYwEAAQrQAkP6x_hMBEJmaciWg&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=657002129&pi=t.ma~as.4574689270&w=300&lmt=1700797758&format=300x250&url=https%3A%2F%2Ftravel.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797758195&bpp=1&bdt=1047&idt=223&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&prev_fmts=0x0%2C260x200&nras=1&correlator=7015020409522&frm=6&ife=1&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797758&ga_hid=1181455639&ga_fc=1&nhd=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=260&ish=528&ifk=2013920840&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31079438%2C31079759%2C31078301%2C44807405%2C44807754%2C44807763%2C44808148%2C44808285%2C44809054&oid=2&pvsid=1021158891192274&tmod=491636430&uas=0&nvt=1&top=https%3A%2F%2Fhoroscope.marumura.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C528&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=3.7o4n3q364tiy&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 24 Nov 2023 03:49:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
rs
ad4m.at/ Frame DDCC
1 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 24 Nov 2023 03:49:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBGw2RZ5Cdw9zcr0VGCScwXv%2B66Ye8THfEdcVWBbc2Hkh6KlZvCStX09e7XoEDF9w0k7PlzuEosaoeO1JR5CBwIKYpyxqXyXOfkhhX09ujW%2BzHTq89WCjjPaihW3wWMCzvSVmuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
82aeae7afc1f9219-FRA
x-backend-server
aa-reachservice-group-europe-west1-kr25
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82aeae7a8be29219-FRA
content-length
24
content-type
text/plain
date
Fri, 24 Nov 2023 03:49:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2FzcYwNWG7cuRjQT1qxFep%2B8OsV92zxWIy4AHr2wjhnXNum65ZashODB8X9tGvkDG0xAVWuNwmVXEkAeq7KlrPHCa%2FAXhdFBxzd3Yb2GO6egkeNnoj7QYCuW6R%2FkMcx4c1hinuY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-kjgm
rar
as.ad4m.at/ad/ Frame 97FF
11 KB
0
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=177100%2C196438%2C29002&b=m3AsefGfWYXGSmHZHZtztkDerhKSwTX8AfbJ%2CdEQfEfkfpEY8SEHjHwtEtK72aeS4TGW4fJk%2CQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRG&f=7QZTqfzfjA53urHXHgtECB6RZT4S1Tr9ZuE9%2CK1eHRfZfGJ7jt5HMHktzCgJeh7SATwGkFPj%2C2beH6fqfZjRHVHWHktwCRwYuxS7T7G4fEP&c=300&d=250&e=&g=3aff0e162b4922045a77e5c899196e79%2F7225063022383144890&i=65803%2C25174%2C25052&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1700797761775&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1h62easaazafr0cgf3e9ftc1x4swrhxgg2aztk0y1qke199jjmjva47zx525gaqdjrz1fkwx0vzg6zexy11m1qn45929hscedm2ps8f5pkqg7ak5vcxzsv9gh09s4aj2b6k76ske618xtpy22bbxqjy9scnbh7xm6he1zcxcbtybyjdgvb2nehydnze3wjy3z16vbpfkgj5t6hzs762mk8cykhwh0r9e5rpncmh5tyjrmmbhrsxm661nxfa4jd2gv02kbjg47b9rh8cer5w0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%2526client%253Dca-pub-9709291217657452%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1jn0xfpmhs96x37zxdn10ve20yw2bnne55gpdcxmh7v5ybbs19tryd9ftmmh2s2yaracv2030ygwttz29nx250jemqabe4efr9zhff6hjkhyjrjwah0bpkbkx9j11ar70n43w2xqrgew8kv9vwx88rrkkyk14a8a2482d9z345c5qvw1ja07a0vtg7xzhgrkz1zckydcbkyk60bfhx11s0t5xhpp2v89f6y85k86wzdwyzgebkyyzca8z2x1j17nf6wazz606tymd2e26whnm0v3rgds38jvnff9z8dav2xd6q9xhd0zx60hqapqp1jtwks6jsb0h9cb68v6455psests767pafgksk0sjywr3n6by44hsps8dgva1h4cq0yx92rv3tyrsrwrpr45j8bwjwx5snnbq8djm82p16e2pyr436sh0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_YiJQB1gZY-9NoSYZsDWkDiQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQLjpLaZ-EuyPqgDAcgDAqoE0AFP0Dqg870zwFC6_Z55LFEFJFXRWeL9m1l41gUBDkd-b7Xq8e_mX5C585gJgaqzDRuNLlXLrNyPJl2YtNJMqwUr9XGErkgxcBcXujnCG1d9jyOKIcz8TLeZFT5uFYRAxbMau_wpkfXrsBDDZKbDiPVEaNJZY8-FP7mKtPF1MKF6IdncxhdUy1XYiwPnE8aW9Y_Sbce6zkUmM4tdPlgK0Y1fytMGoG8pqGCGeq3IKBSjU1-AbA43O9uOGtmA_25XFEuM_AA3WlxyHKDUMq4lWpvogAaevoX5_NHcht0BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3ePmhlY5P1Dh4DHdEKXgcf6NoApA%26client%3Dca-pub-9709291217657452%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
82aeae7b8c059116-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 24 Nov 2023 03:49:21 GMT
expires
0
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy
accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B5A9
0
0

prebid_2023_8_15_7_52_11.js
anymind360.com/js/6621/ Frame B5A9
0
0

show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ Frame B5A9
0
0

fbevents.js
connect.facebook.net/en_US/ Frame B5A9
0
0

gtm.js
www.googletagmanager.com/ Frame B5A9
0
0

default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 97FF
0
0

63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 97FF
0
0

A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 97FF
0
0

F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame 97FF
0
0

BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame 97FF
0
0

B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/ Frame 97FF
0
0

7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
assets.ad4m.at/logo/ Frame 97FF
0
0

EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
assets.ad4m.at/product_image/ Frame 97FF
0
0

cshow.php
www.awin1.com/ Frame 97FF
0
0

icons.ttf
www.marumura.com/wp-content/themes/authentic/css/fonts/ Frame B5A9
0
0

ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
www.marumura.com/wp-content/fonts/roboto-condensed/ Frame B5A9
0
0

DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
www.marumura.com/wp-content/fonts/sarabun/ Frame B5A9
0
0

ico_travel.png
www.marumura.com/wp-content/themes/authentic-child/images/ Frame B5A9
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECiaIdL-G-cMnBCBy_qGO6c&google_cver=1&google_push=AXcoOmR6P8AUjNQBlQqWmYIjokPTONznYEqpFv9DSqH-MWhWJUVNUrZqEegOLeDVBPQHoiQ6-6msMNvbihnRTqgjnBfb8G-h6XJ6AQ
Domain
travel.marumura.com
URL
https://travel.marumura.com/
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
www.gstatic.com
URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js
Domain
www.marumura.com
URL
https://www.marumura.com/?essb_counter_cache=rebuild
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumQXVnw_qcxKGblopOP47yRn15Ycgt5qRyIErEZP0KaRbeuvXCmT6Z9y9H82_xcbwRwAGRbGCuUZ_Z7vC4tuPs9zQXeLyFp0GooZi3xdd1fqC4ZSr5&sig=Cg0ArKJSzA1bqGwFBWunEAE&id=lidartos&mcvt=1598&p=0,0,250,300&mtos=0,0,1598,1598,1598&tos=0,0,1598,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0.58&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=b&rst=1700797751719&rpt=818&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvy0URASF5Y21M6ZDrD39QDRNnaDKPzwIT2dWQYGky227vO_fej3_XCf51erowDo6xdGQOn9eybHXWrylX2T6antCUT4ydWsDUi40J6-ur69fomt_vwCA&sig=Cg0ArKJSzGJsArd0PLIBEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700797751789&rpt=792&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlUEVK5waqrG_1rPgBozz0We3vvbXCC5N7jowx7S97c7n_yaXHewBovHkGVPMuD_7epi_qXZT5iZkNHaARHXeLcV4ksHUq5hJKc8cvcduM5NeW-rqT7w&sig=Cg0ArKJSzOsjgAROlVzsEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700797751801&rpt=874&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4R68YF3NQ8&gtm=45je3b81v880762829&_p=1700797753539&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893264436.1700797752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700797752&sct=1&seg=1&dl=https%3A%2F%2Fwww.marumura.com%2F&dr=https%3A%2F%2Fhoroscope.marumura.com%2F&dt=Marumura&en=page_view&tfd=2844
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/essb-native-skinned.min.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/click-to-tweet.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/essb-animations.min.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/easy-social-share-buttons.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=5.2.10
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Domain
adasiatagmanager.appspot.com
URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_b2.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_b.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_w.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x180.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-300x225.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x169.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-272x182.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Aoniyoshi-Sightseeing-Train-16.25.29-cover-320x178.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Sabataro-Rest-Fukuoka-cover-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/09/Ibaraki-Praying-Destination-cover-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/06/Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/disney-resort-line-40th-Anniversary-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/03/Namco-Tokyo-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/Kansai-by-JR-West-2023_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/03/Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/02/USJ-Magical-Creatures-Encounter-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Kansai-cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Tokyo-Dome-City-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Centara-Grand-Hotel-Osaka-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/5-Fashion-Museum-cover-1-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Hiraoka-Jugyo-Center-5-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/12/Onuma-Quasi-Autumn-2-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/11/West-Hokkaido-Autumn-1-cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/09/Sapporo-Snow_-Festival_-2023-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/08/Dragon-cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-4_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-3_cover-2-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/02/Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/12/Fukuoka-Cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/12/Hita-cover-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/flower-pickle-jp-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/Mu-Room-Ride-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/Japan-Kid-First-Hair-Cut_cover-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/sdk.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=5.2.10
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/pinterest-pro.js?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.js?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/essb-core.js?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=5.2.10
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/all.js
Domain
ams3-ib.adnxs.com
URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.marumura.com&e=wqT_3QKqB-iqAwAAAwDWAAUBCLu6gKsGELTr54WN6d7MPRgAKjYJHPEQSb4Clz8RxdwIrgxmlj8ZAAAAgD0K1z8hxQ0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_fEFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIYaHR0cHM6Ly93d3cubR0kWIADAIgDAZADAJgDCaADAaoDqAMKvgJoHS7whmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWMyZGFhOGMwLWZjNzgtNDQ4My1hMjZiLTM5ZDQ2OGFkZTllMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlcVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnwT3V2cmVuZXB1dnBueV9veWJweHZhdCZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ0Mzg3MTQ0NjA0MjAwNDQyMTIiCTM4MTg0NjcxNCoEIVvwgTo4VTJWaGNtTm9RV1FqTnpJMk16WTNPVE0yTVRrME56RWpNak15TkRRek5qTXdNRGt5TURBek5BPT3AA9gEyAMA2AOhmVbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBfFiIBQGYBQCgBcGjy7aNwqbwWsAFAMkFAAUBFPA_0gUJCQULPAAAANgFAeAFAfAF0kT6BQQBWyiQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_3xBdIHDRVkASYI2gcGAV6wGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=e0ee6cacd342ca21403f547c2644215206c1466b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=8645674361906142253&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7665501&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjvPaOx1gZbOnJYzA5LcPr7eKmAXS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqAMByAMCqgTLAU_QXuke9you705IJ2AxKXvVXqsFQ9LGm7LacDu8ox8aopG45O7gPkL9lOhRCT6khNHxDF1ezKUGQGaMiWGEBv0TUSk4FVooDDpg_TXnxsQ-KYKu-93-mRE4GfzzHK-lH76FfThwi7MTP9nVZvwPq7_VfdOxZgXbT2cy64mQqGIESSF86h-jTZCpDfWd7QAfFJ3CdgCpiyMBb9F9HkawsA0cBjaHPDXHdWR1jfc_-aDkIXwCEc93nGcc-eSzxb56Y7P7g6IIbOWcvL4MgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MDkyOTEyMTc2NTc0NTIYAA&sigh=vJ2K8pEC01c&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNSSKc_8LQYBTuooRxv-qu8PeZKk_5lvC-i38CSFE_rmSgH2XP33tjV3-4QmQRtUNFSxLBFio9GAE&cbvp=2&vis=1
Domain
ams3-ib.adnxs.com
URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.marumura.com&e=wqT_3QKqB-iqAwAAAwDWAAUBCLu6gKsGELTr54WN6d7MPRgAKjYJHPEQSb4Clz8RxdwIrgxmlj8ZAAAAgD0K1z8hxQ0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_fEFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIYaHR0cHM6Ly93d3cubR0kWIADAIgDAZADAJgDCaADAaoDqAMKvgJoHS7whmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWMyZGFhOGMwLWZjNzgtNDQ4My1hMjZiLTM5ZDQ2OGFkZTllMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlcVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnwT3V2cmVuZXB1dnBueV9veWJweHZhdCZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ0Mzg3MTQ0NjA0MjAwNDQyMTIiCTM4MTg0NjcxNCoEIVvwgTo4VTJWaGNtTm9RV1FqTnpJMk16WTNPVE0yTVRrME56RWpNak15TkRRek5qTXdNRGt5TURBek5BPT3AA9gEyAMA2AOhmVbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBfFiIBQGYBQCgBcGjy7aNwqbwWsAFAMkFAAUBFPA_0gUJCQULPAAAANgFAeAFAfAF0kT6BQQBWyiQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_3xBdIHDRVkASYI2gcGAV6wGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=e0ee6cacd342ca21403f547c2644215206c1466b&pp=ZWAdOwAJU7MA-SAMAAKbr1SW4ELdOflFdFMjJQ&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcIHWOx1gZbOnJYzA5LcPr7eKmAXS4Nfgbo-ktpOTCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqAMByAMCqgTOAU_QXuke9you705IJ2AxKXvVXqsFQ9LGm7LacDu8ox8aopG45O7gPkL9lOhRCT6khNHxDF1ezKUGQGaMiWGEBv0TUSk4FVooDDpg_TXnxsQ-KYKu-93-mRE4GfzzHK-lH76FfThwi7MTP9nVZvwPq7_VfdOxZgXbT2cy64mQqGIESSF86h-jTZCpDfWd7QAfFJ3CdgCpiyMBb9F9HkawsA0cBjaHPHfFVPa3KQ1SbVqQlOJblXlzv22Y8MqrHBz8OjdHA4gkdCUdXtOYRnGpgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2BYeaYj64kVzFyfiCPBZqcHdRW8A%26client%3Dca-pub-9709291217657452%26adurl%3D&cbvp=2
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWI9c1jyEG-K5O3lsDsQljIVd2q6EaPM_DgAvPz5tqqEGS0Q4Nr-DMKxcHMRRhG9jnrbvdzY07ZbRdshRyu6hCCKEw8WBj8moJtD7DaOQbmUdMNKIbvw&sig=Cg0ArKJSzOBdRKdEBwQuEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700797755500&rpt=1169&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
ams3-ib.adnxs.com
URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.marumura.com&e=wqT_3QKqB-iqAwAAAwDWAAUBCLu6gKsGELTr54WN6d7MPRgAKjYJHPEQSb4Clz8RxdwIrgxmlj8ZAAAAgD0K1z8hxQ0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_fEFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIYaHR0cHM6Ly93d3cubR0kWIADAIgDAZADAJgDCaADAaoDqAMKvgJoHS7whmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWMyZGFhOGMwLWZjNzgtNDQ4My1hMjZiLTM5ZDQ2OGFkZTllMCZiaWRJZD0xNTAwMCZiaWRkZXJJZD00JmNtRXhwSWQ9TFYyJm9BZFVuaXQ9MwlcVHB1Ymxpc2hlcklkPTE2MjY0NTMzMCYBDgBjjnEAuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnwT3V2cmVuZXB1dnBueV9veWJweHZhdCZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ0Mzg3MTQ0NjA0MjAwNDQyMTIiCTM4MTg0NjcxNCoEIVvwgTo4VTJWaGNtTm9RV1FqTnpJMk16WTNPVE0yTVRrME56RWpNak15TkRRek5qTXdNRGt5TURBek5BPT3AA9gEyAMA2AOhmVbgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBLpBfFiIBQGYBQCgBcGjy7aNwqbwWsAFAMkFAAUBFPA_0gUJCQULPAAAANgFAeAFAfAF0kT6BQQBWyiQBgCYBgC4BgDBBgEgNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB_3xBdIHDRVkASYI2gcGAV6wGADgBwDqBwIIAPAHieMCiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=e0ee6cacd342ca21403f547c2644215206c1466b&type=nv&nvt=13&jm=1003&px=0&py=0&bw=300&bh=157&sf=0&sid=8645674361906142253&vd=ct~0|rr~319|dm~90&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7665501&pd=0.13&d=0.12&id=0&ic=0&d0=0&d25=0&d50=0&d75=0&d100=0&ft=3
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CkYCYOx1gZfiYJoLZkwPx2ruAD7SehuVzppjOicIKwI23ARABIABgleKQgqAHggEXY2EtcHViLTk3MDkyOTEyMTc2NTc0NTLIAQmpAiCAM_05TLI-qAMByAMCqgTMAU_QRVcQvp1Ch4MlGxFXXirfgHcRXD5bRgQcOXKPqY7ugLiE7aqncWg6NrV_cwGTP-nO83yUkcxL3S9OYGrgKW8qyhl-uKrpNeHzXTv26HLPxsK_Zp0Xrr0pqBzEyCnNqastSQ_g_K1LS3sc0b3EyR0xSE0_9btP_24ha4Uoc0rxePj_Il4MRcXY73wUfa9284ZSljLptd1TF19I1ackuNGIBxnGy0Z2aujzycwCQb6zkd3_BCUgWbG8d8D3M8F6c-nDNX0jGulPtFhtUYAG7bGmw76LlZc5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MDkyOTEyMTc2NTc0NTIYAA&sigh=ULGFO25H7aE&uach_m=%5BUACH%5D&cid=CAQSOwDICaaNQJTx6vEzskWypZbnxarAgS2ekA3uA1EEuDwGOtSdjR4E0_jXCYngM05iq4vik3uCQrd_p5WwGAE&cbvp=2&vis=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZs2lRA05gDmzAjPwoElNGOG75PjA2438FTm4cPbHareioLiMCMg5DWcwJjg9zP1toahuKDEkqH3ugJH17-LHI0VPo8Ncir8LWtQRYKkgpCzPyi73_1A&sig=Cg0ArKJSzOYndY49KcttEAE&id=lidartos&mcvt=0&p=0,0,250,250&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700797756236&rpt=328&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/assets/css/powerkit.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/posts-sidebar.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/twitter-slider.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/tiles.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/horizontal-tiles.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/full.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/slider.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/carousel.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/wide.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/blocks/narrow.css?ver=1661973572
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/author-box/public/css/public-powerkit-author-box.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/css/public-powerkit-basic-elements.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/coming-soon/public/css/public-powerkit-coming-soon.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/content-formatting/public/css/public-powerkit-content-formatting.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/contributors/public/css/public-powerkit-contributors.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/facebook/public/css/public-powerkit-facebook.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/featured-categories/public/css/public-powerkit-featured-categories.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/inline-posts/public/css/public-powerkit-inline-posts.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/instagram/public/css/public-powerkit-instagram.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/css/public-powerkit-justified-gallery.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/glightbox.min.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/css/public-powerkit-lightbox.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/css/public-powerkit-opt-in-forms.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/css/public-powerkit-scroll-to-top.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/css/public-powerkit-share-buttons.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/social-links/public/css/public-powerkit-social-links.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/css/public-powerkit-table-of-contents.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/twitter/public/css/public-powerkit-twitter.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/widget-about/public/css/public-powerkit-widget-about.css?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=6.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=1.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/if-menu/assets/if-menu-site.css?ver=6.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/style.css?ver=5.2.10
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/essb-native-skinned.min.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/click-to-tweet.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/essb-animations.min.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/css/easy-social-share-buttons.css?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/css/legacy-features.css?ver=5.2.10
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.14.0
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Domain
adasiatagmanager.appspot.com
URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_b2.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_b.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2020/04/logo_marumura_w.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x180.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-300x225.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x169.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-272x182.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Aoniyoshi-Sightseeing-Train-16.25.29-cover-320x178.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Sabataro-Rest-Fukuoka-cover-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/09/Ibaraki-Praying-Destination-cover-272x182.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/09/Kamiseya-Park-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/06/Edo-themed-onsen-spa-complex-in-Tokyo-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/Disney-100-Anniversary-at-Tokyo-Skytree-Town-1-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/Tokyo-Skytree-Town-Golden-Week-2023-5-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/disney-resort-line-40th-Anniversary-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/03/Namco-Tokyo-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/04/Kansai-by-JR-West-2023_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/03/Harry-Potter-Warner-Bros.-Studio-Tour-Tokyo-1-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/02/USJ-Magical-Creatures-Encounter-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Kansai-cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Tokyo-Dome-City-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Centara-Grand-Hotel-Osaka-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/5-Fashion-Museum-cover-1-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/Hiraoka-Jugyo-Center-5-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/01/West-Hokkaido-Autumn-2-cover-FB-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/12/Onuma-Quasi-Autumn-2-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/11/West-Hokkaido-Autumn-1-cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/09/Sapporo-Snow_-Festival_-2023-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/08/Dragon-cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-4_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/03/Tohoku-Winter-FAM-3_cover-2-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/02/Kochi-and-Saga-Tourist-Train-cover-FB-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/12/Fukuoka-Cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2022/12/Hita-cover-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/flower-pickle-jp-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/Mu-Room-Ride-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/Japan-Kid-First-Hair-Cut_cover-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/sdk.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.dyngroup.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/adrotate/library/jquery.adrotate.clicktracker.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=5.2.10
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/pinterest-pro.js?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/modules/subscribe-forms.js?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/plugins/easy-social-share-buttons/assets/js/essb-core.js?ver=9.2
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=5.2.10
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/all.js
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/18-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/09/depression-320x240.jpeg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/09/Catcooljapan-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/08/Parents-Association-Japan-Thinking-cover-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/more-people-prefer-sleeping-to-partying-at-year-end-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/Mu-Room-Ride-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/young-adults-surveyed-in-Japan-have-phone-phobia-1-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2021/05/Japan-Law-Twin-Crystal-Quartz-cover-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2021/06/Japan-shock-14-cover-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2015/10/punko_First-Time-JPN-320x240.gif
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/06/catinshopjapan00-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2017/08/icon-11-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/RakuRo-JR-Himeji-320x240.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2023/11/Non-Fiction-Game-Hakone-Sengokuhara-Prince-Hotel-2-320x240.jpg
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3140902348476752&correlator=818051636939230&eid=31078986%2C31079668%2C31079674%2C31079658%2C31078660&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=21622890900%3A21749164042%2CTH_marumura.com_res_article_right_300x600%2C160x600%2C120x600%2C300x250&enc_prev_ius=%2F0%2F1%2F%2F2%2F%2F3%2F%2F4&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&sc=1&cookie=ID%3D3b7d84e77066d36c%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg&cdm=www.marumura.com&gpic=UID%3D00000cdaeaeeebf2%3AT%3D1700797752%3ART%3D1700797752%3AS%3DALNI_MaqZcUqX463gStgPbS0Es03xSpijg&abxe=1&dt=1700797760418&lmt=1700797760&adxs=20&adys=11880&biw=-12245933&bih=-12245933&isw=220&ish=528&scr_x=-12245933&scr_y=-12245933&ucis=eje5mdos04m1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Fwww.marumura.com%2F&ref=https%3A%2F%2Ftravel.marumura.com%2F&top=https%3A%2F%2Fhoroscope.marumura.com%2F&vis=1&psz=180x0&msz=180x0&fws=260&ohw=220&ea=0&ga_vid=1893264436.1700797752&ga_sid=1700797760&ga_hid=935305279&ga_fc=true&dlt=1700797758538&idt=1585&cust_params=url%3D%252F%26ref%3Dtravel.marumura.com&adks=2240944414&frm=24
Domain
partner.o2online.de
URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023112404492090772425441X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023112404492090772425441X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWI60TYtQnC7tC0e1Ln0g9XTuJ6nkhpqIiInlXN8JCc3TXFTrrxm0MUHMscs_eu0zKwnoPgziuRkYeM_RbvnmNsYi7r08UIpJ1mFL6UE2I2ZmCRASJUA&sig=Cg0ArKJSzE86Dp8CcXjCEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700797758427&rpt=994&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst0JNE6wtlcIDC2HeRb_4MGudWNJ-cvyQgLy0eWi7W-6EFiUH0ORXVsydH6UG8GDlKkeWm0sWx9lY0uBR8yoW3wVzZkVzgcggsOU3UVJ-0XrL2O31o7jA&sig=Cg0ArKJSzB1WSD4yHA3EEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=2761220695&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1700797758447&rpt=916&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
ams3-ib.adnxs.com
URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftravel.marumura.com&e=wqT_3QKQB-iQAwAAAwDWAAUBCL66gKsGEMeb3_uotPLoYhgAKjYJGNh3N4qKuD8R_VEGomzjtz8ZAAAAgD0K1z8h_Q0SACkRJNAxAAAAoJmZqT8w3e7TAzi1AUC1XkjjA1C6iYq2AVjAsT1gAGifpFR4nPUFgAEBigEDVVNEkgUG8E-YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAPoBDjEtbWFydW11cmEuY29t2ALwBuACoqgx6gIbaHR0cHM6Ly90cmF2ZWwubR0nWIADAIgDAZADAJgDCaADAaoDigMKrAJoDTFwd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24BT_BeY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY2ZTJhMDBmLTQxYWUtNDU3Ny04YTFjLTYyNzRiMTRjY2UxOCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0EyWAAYcHVibGlzaAUpKDE2MjY0NTMzMCZynm0AuHJ0eXBlPW51cmwmdGFnSWQ9NzY2NTUwMSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRnw5WVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM3MTIwNjk0MTg1ODc4MzQzMTExIgkzODE4NDY3MTQqBGJpbmc6LFUyVmhjbU5vUVdRak1USXhNRFEzTlRrM055TXhNREkyTURjMk1UQTJPUT09wAPYBMgDANgDoZlW4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFpIjSoq3XopMnwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AX63Fz6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec9QXSBw0JESgBJgjaBwYBXrAYAOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=9ce8cd85b2147038a6e72019e1e29d2d3d618652&type=nv&nvt=13&jm=1003&px=0&py=0&bw=300&bh=157&sf=0&sid=8645674361906142253&vd=ct~0|rr~319|dm~90&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=7665501&pd=1.41&d=1.4&id=0&ic=0&d0=0&d25=0&d50=0&d75=0&d100=0&ft=3
Domain
region1.google-analytics.com
URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-4R68YF3NQ8&gtm=45je3b81v880762829&_p=1700797759463&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1893264436.1700797752&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1700797752&sct=1&seg=1&dl=https%3A%2F%2Fwww.marumura.com%2F&dr=https%3A%2F%2Ftravel.marumura.com%2F&dt=Marumura&en=page_view&tfd=2773
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDs4C7LXXbwnj9MDnOK5bQ0vY9Sf_gTdvRBa3tAbsLdwU4OH2oypJWOU00QPC9zH8se6EPSbnqE5Ng0klNTslFQlC9Een6vhhwHxc4jS2xSFzs0_JPPg&sig=Cg0ArKJSzPHuI4nGnflzEAE&id=lidartos&mcvt=0&p=0,0,200,220&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=20&adk=4155895856&rs=2&la=0&cr=0&vs=3&r=b&rst=1700797759966&rpt=764&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-126552441-1
Domain
adasiatagmanager.appspot.com
URL
https://adasiatagmanager.appspot.com/js/v1/account/5668753656250368/atm.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2019/07/logo_marumura_w.png
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Kintetsu-Yunoyama-Onsen-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Jewerium-Enoshima-Aquarium-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/11/Umekoji-Potel-Kyoto-_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tattoo-Get-in-Tokyo-Onsen_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Asuke-Toyota-City2_cover-320x240.jpg
Domain
travel.marumura.com
URL
https://travel.marumura.com/wp-content/uploads/2023/10/Tan-Pen-Ton-Cafe-Shimokitazawa-19.50.39-cover-320x240.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2019/07/AD_side_banner.jpg
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2019/07/wajapan.png
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/uploads/2019/07/maichaiguru.png
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/sdk.js
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/siteorigin-panels/css/front-flex.min.css?ver=2.28.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/basic-elements/public/js/public-powerkit-basic-elements.js?ver=4.0.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/jquery.justifiedGallery.min.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/justified-gallery/public/js/public-powerkit-justified-gallery.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/glightbox.min.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/lightbox/public/js/public-powerkit-lightbox.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/opt-in-forms/public/js/public-powerkit-opt-in-forms.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/scroll-to-top/public/js/public-powerkit-scroll-to-top.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/share-buttons/public/js/public-powerkit-share-buttons.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/slider-gallery/public/js/flickity.pkgd.min.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/powerkit/modules/table-of-contents/public/js/public-powerkit-table-of-contents.js?ver=2.9.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=4.14.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/owl.carousel.min.js?ver=2.3.4
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/colcade.js?ver=0.2.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/ofi.min.js?ver=3.2.4
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax.min.js?ver=1.10.5
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/jarallax-video.min.js?ver=1.10.5
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/scripts.js?ver=1.0.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/sharing-bar.min.js?ver=9.2
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/pinterest-pro.min.js?ver=9.2
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/modules/subscribe-forms.min.js?ver=9.2
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/easy-social-share-buttons3/assets/js/essb-core.min.js?ver=9.2
Domain
www.google.com
URL
https://www.google.com/recaptcha/api.js?render=6LdzbtMUAAAAAP79t0St1qdTFzNsD5YCtaXoOUSi&ver=3.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Domain
www.marumura.com
URL
https://www.marumura.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.7
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/js/legacy-features.js?ver=1.0.0
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Domain
anymind360.com
URL
https://anymind360.com/js/6621/prebid_2023_8_15_7_52_11.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9709291217657452&plah=www.marumura.com&bust=31079654
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-MS8VMC8
Domain
as.ad4m.at
URL
https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Domain
assets.ad4m.at
URL
https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Domain
assets.ad4m.at
URL
https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Domain
assets.ad4m.at
URL
https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Domain
assets.ad4m.at
URL
https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneiddEQfEfkfpEY8SEHjHwtEtK72aeS4TGW4fJkoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
assets.ad4m.at
URL
https://assets.ad4m.at/logo/7DC86BB3A0677D1A111CF2F02BF20FC822723E084233C66D05A3D22F9BFF9CBFABB3E42ACE676F78BB64730FEC16E4997CC372D96DF4EFE43050DA28B276D6EA
Domain
assets.ad4m.at
URL
https://assets.ad4m.at/product_image/EEACCF1387D6770984DA8E61AC19B9B106EFAB433C9BC99F272CCDE7F6C5F6963A2BD7EDCA944083C5D1FA54EA7EB69DFB75D9EFC064FB7CC124FCCC8412C2AC
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2524318&v=11420&q=392147&r=412871&pv=1&pref3=oneidQxef4fjfMPBtxH5HYtGt82VC6S4T5qBcRGoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic/css/fonts/icons.ttf
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/fonts/roboto-condensed/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5XpjLdSL57k.woff
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/fonts/sarabun/DtVmJx26TKEr37c9YL5rilss7SLUrwA.woff
Domain
www.marumura.com
URL
https://www.marumura.com/wp-content/themes/authentic-child/images/ico_travel.png

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS object| atspbjs object| _wpemojiSettings object| csco_mega_menu undefined| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle function| gtag object| dataLayer object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| atspbjsChunk object| _pbjsGlobals function| showhide_toggle object| impression_object object| FB function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| click_object object| swv object| wpcf7 object| __buffer object| google_tag_manager object| powerkitJG function| EvEmitter function| imagesLoaded function| GLightbox object| powerkit_lightbox_localize string| GoogleAnalyticsObject function| ga object| opt_in function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger object| powerkit_toc_config function| Colcade function| objectFitImages function| jarallax function| VideoWorker object| translation function| essb_ajax_subscribe object| essb function| essb_open_mailform function| essb_close_mailform function| essb_mailform_send function| essbasc_popup_show function| essbasc_popup_close object| essb_settings boolean| essb_buttons_exist number| essbCurrentPinImageCount function| essb_manualform_show boolean| pendingUnlockOnSubscribe function| essb_optin_locker_unlock function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| regeneratorRuntime object| ox_esp object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| twemoji object| wp

56 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ANTvZwVJfTNNZUOaqCpP_VpajhJqMEdEZH5DQV-VgWCwWSDO4bHLGIW8hyBvVJXpJy5gI--cOFOkHfQgZ-vw2QY
horoscope.marumura.com/ Name: PHPSESSID
Value: se81q9i3r4rn6gtck5a2l0s3ku
horoscope.marumura.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.doubleclick.net/ Name: IDE
Value: AHWqTUnhXm2S9xZQeSlMRvmBKC2MxC3zgdIu0DoCbvuKOQS646HFedif75PxIy-w_vg
.marumura.com/ Name: _gid
Value: GA1.2.2113727439.1700797752
.marumura.com/ Name: _gat_gtag_UA_126552441_1
Value: 1
www.marumura.com/ Name: PHPSESSID
Value: jkt7ba4i490pcpih6a8nopc7d6
.adfarm1.adition.com/ Name: UserID1
Value: 7304870721960933516
.blismedia.com/ Name: b
Value: 65601D38B2B589CB86565963BLIS
.turn.com/ Name: uid
Value: 4116150965949781706
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 2635179854442615942
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 2a5d660e-fff7-4f4e-92d7-656e2bc5a21b
.openx.net/ Name: i
Value: a116b905-2cbe-4078-8c99-0c1d23cb95c6|1700797752
.marumura.com/ Name: __gads
Value: ID=3b7d84e77066d36c:T=1700797752:RT=1700797752:S=ALNI_MZVB3B5w1LuCzDL9xvUUohkniV9Pg
.marumura.com/ Name: __gpi
Value: UID=00000cdaeaeeebf2:T=1700797752:RT=1700797752:S=ALNI_MaqZcUqX463gStgPbS0Es03xSpijg
.ctnsnet.com/ Name: gid_CAESEGLEG8b0myYJ2S141jpNwIY
Value: 1
.ctnsnet.com/ Name: cid_a88dedf0124b42c0839db85a80b6f9d7
Value: 1
.simpli.fi/ Name: suid
Value: 68AA1CBDC4D34F58A256AD01C577AE39
.de17a.com/ Name: guid
Value: 1.3725506903085853479
.yahoo.com/ Name: A3
Value: d=AQABBDgdYGUCEED8ff1CNVtlxelg7ZwYlykFEgEBAQFuYWVqZQAAAAAA_eMAAA&S=AQAAAuz07T6LBhUaKb65pDxE9X8
.marumura.com/ Name: cto_bundle
Value: NfQCmV80N0dteDlJJTJCUjJaUVJRRWllWDBzVXZjU1F3dzgwWDdvWHY2OVU0V3pPMXRaZHByaVBLeGVacmJJUmZ0ME9hQ0NEMVFHakZJZFNndjlONlU4bWZtYWRjQWR6Y29SMExsa3prRUN3ZzNkeGtjcHpwJTJCVURVSVNhJTJGeWdsMGFTbFRROFNuZFlHUm9NV1NBMXduUTE2UEV6blElM0QlM0Q
.quantserve.com/ Name: d
Value: EHIBCQHAKoEA
.quantserve.com/ Name: mc
Value: 65601d39-515d6-4f4c0-9cfd1
pb.media01.eu/ Name: ASP.NET_SessionId
Value: eyvjvz2zglnnuqoctlabuqbt
pb.media01.eu/ Name: DTU
Value: 2E39AF80C16BE91DE0F1EF78761F8641
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
www.marumura.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.marumura.com/ Name: _fbp
Value: fb.1.1700797753774.1010096808
.simptrack.com/ Name: ntm_tps__4011
Value: NNtNxjUmQ-eqUbaTBnC3nfJjo7KFaDquwcdIJuASNc2_JjsOs0ec1JcRIFyc0gdNNngBP6zGK0covQ3CuW-R85kEmiZE25cZKGkkGpwCaR_VG0RmwxvHv_xboKozzCEYd_-uqrBsi0h8lh2H25ymP1AaM5KskQQSDKJuMIbEAKlCzkMaOJDsN1S6nEMEtXHv8K-UpTwh5ErbL_V_LPXjvMsmgWrqk8VNdBrBazMpyIcHVXEyJTSqgN8OHZUGNySlFbdGTkJ7ZGQZt_k8mu7Y-HRsr9DpSEpmqFipEnTacqoq0oYk5xnsDOS1Ax2WARK4JNK23TPOZReHjDJZNNNNNNNNNVf4U
.simptrack.com/ Name: v0rur7gqspb3_uid
Value: ef53f2a4dd789340
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: 2iWNLfmyRsxq9Ffr3h8YEjLT9MdqYnIQADT54Ftoun4-1700797755-0-AcCuZu9RGpsNP6oS2LPxiIYe7UbiUikRFLop6aI2J4iEa4Et7QQP+jH1KOPRtnkZzzG4PZl/JLRzX/C4lEsgap0=
.doubleclick.net/ Name: APC
Value: AfxxVi5oeVTjz03FoLDHSwMS4YtrRPCjL65SLnhi5a_jrVuaCelU0g
.awin1.com/ Name: awpv11938
Value: 412871|1700797755|6fd9b320-8a7c-11ee-b3f6-2239b4908fbf
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1700797755_6fd9b320-8a7c-11ee-b3f6-2239b4908fbf%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/ Name: nscQ485
Value: V
travel.marumura.com/ Name: PHPSESSID
Value: utac83e3lb9h3065bg6kdhklbf
.bing.com/ Name: MUID
Value: 223B3358CC2B668C182B208BCDA06702
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%225C02F536-ABD7-479F-BD2F-CF518840484F%22%7D
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%225C02F536-ABD7-479F-BD2F-CF518840484F%22%7D
.w55c.net/ Name: wfivefivec
Value: jJaFTBcm1R6nbT5
.w55c.net/ Name: matchgoogle
Value: 5
travel.marumura.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.awin1.com/ Name: awpv14702
Value: 412871|1700797758|7199b2a0-8a7c-11ee-b3f6-2239b4908fbf
.awin1.com/ Name: awpv20044
Value: 412871|1700797758|7199b2a0-8a7c-11ee-84cc-223908f3a6a6
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMDc5Nzc1OHZsZWExZGUyMDIzMTEyNDA0NDkxODkwNzcyNDI1MjMzWDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023112404491890772425233X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTcwMDc5Nzc1OHZsZWExZGUyMDIzMTEyNDA0NDkxODkwNzcyNDI1MjMzWDEyMDIxMVYxMjI2MTMyNzAyT
.awin1.com/ Name: awpv11354
Value: 412871|1700797758|71b88540-8a7c-11ee-98d5-22653d8c0e4c
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1700797758416
.tribalfusion.com/ Name: ANON_ID
Value: a5ntXLsjyDjmTFMeEINQgsKR6NmC3gM4NWthS63ZahFB55GhZdr7CdtbOFeoeKZdnbjvOIPfc7ZdN1INnXQm4qSFiFElEb78
.marumura.com/ Name: _ga_4R68YF3NQ8
Value: GS1.1.1700797752.1.1.1700797760.0.0.0
.marumura.com/ Name: _ga
Value: GA1.1.1893264436.1700797752

20 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9709291217657452&output=html&h=250&slotname=4574689270&adk=2761220695&adf=1053265147&pi=t.ma~as.4574689270&w=300&lmt=1700797751&format=300x250&url=https%3A%2F%2Fhoroscope.marumura.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700797751322&bpp=46&bdt=871&idt=389&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C970x280&nras=1&correlator=170811255513&frm=20&pv=1&ga_vid=1893264436.1700797752&ga_sid=1700797752&ga_hid=1679820595&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=556&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079437%2C31079759%2C44809317%2C31078301%2C31079653%2C44807763%2C44808149%2C44808284%2C44809053&oid=2&pvsid=3898294889357657&tmod=851944756&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=394
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jnpz4kqmrpvjf4tsnt399s2pmhxcdjq37q47xv85b3bq0g5bt37dbhh3mmgj7b7k2m8m1awa2s5bnkam74yz4acrk47c1t8qq51456rjja4z3bvbmde0q96rq6s4zm0zeat88qrpat0tbvpprswekf08gsh0848skfsdprt8smedmxnd52p3y9k742am3r39e96ay4pnyad3zgwtpzrq75cx1vs8ch36zbx7mv384wpcex146skdtv3cyj6ttyd79wg%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kxkbjatv9v6cn710terecrg9s594jw6wvw68e1g7e4rfb7d1chzhwabsqvs3gfgcf63vs251931wxq6fs45fp8qnjn2e8wha1552sn3sxgjc2dy5dbc4hpjv62s0rkj5f0zm9nkp2wavvxs01escver67y502ath2vmqmasnkrth1e7jhfrj7nh7k2b96gn5gcqgwq9pjctfn7rr0xc72fwxwbpmqkdbpf8y0rsgb5tsf6vtbj9sqddg5jj3gsy0nx5n2rs0bxgt8jj7z47jhyq%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCY_rXOh1gZY61FOGOiM0PqZ-08AuQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05NzA5MjkxMjE3NjU3NDUyyAEJqQIggDP9OUyyPqgDAcgDAqoE0gFP0G9w6T4I9j7P-mGkaqgA3NQN_bzahjmax0cldFC0fetnNEtxOrV_KBFAbhzyRvHx6iWgJV5Xppg60zJTxCoZSyeIgtwlLSKRSXB-WPI-86KOQ2VRBz8AambrB7RgcMydINI0ob7wqdPPasdD41URRvfNTxXNwLVMA5iUYQPhWrdOEhOCw9ZL6BHE7OkYgO2mShO7SRDqIPQeIkviA8H3_H2Odbhgk3G_POlaC8ESTNc8I2ev1Y9D2sBusjTkl5SmqU1_sBPQbGEFVSPCIPycf4qABrX8kfCVhLLv4gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2U1VFyoPR0eQzQjTXVBDRMJpELOQ%252526client%25253Dca-pub-9709291217657452%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidZ28fwfBfz65xcmHDHDt3tJ41C6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network error URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c007565ca18fd20a1110ea586eb0fb4.safeframe.googlesyndication.com
8757e24f1ddcc22b19dc72e979cfba96.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
adasiatagmanager.appspot.com
ads.eu.criteo.com
ads.travelaudience.com
adsdk.microsoft.com
af4a474a32e33b2aff874238c3986750.safeframe.googlesyndication.com
ams3-ib.adnxs.com
analytics.webgains.io
anymind360.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bd9cdb6a62645734ff0730abaf70af1b.safeframe.googlesyndication.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
horoscope.marumura.com
imageproxy.eu.criteo.net
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.o2online.de
pb.media01.eu
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
region1.google-analytics.com
rtb.ads.travelaudience.com
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
s.tribalfusion.com
s.w.org
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.criteo.net
static.travelaudience.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tag.adbro.me
tm.simptrack.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
travel.marumura.com
um.simpli.fi
www.awin1.com
www.bing.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.marumura.com
www.telefonica-partner.de
x.bidswitch.net
z.moatads.com
ad.doubleclick.net
adasiatagmanager.appspot.com
ams3-ib.adnxs.com
anymind360.com
as.ad4m.at
assets.ad4m.at
connect.facebook.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.o2online.de
region1.google-analytics.com
securepubads.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
travel.marumura.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.marumura.com
142.250.185.130
142.250.185.194
145.239.193.130
151.101.129.108
151.101.129.55
167.233.13.224
178.250.1.6
178.250.1.9
18.130.85.236
18.157.99.226
18.170.173.249
18.66.147.52
185.89.210.212
192.0.77.48
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.185
216.58.206.38
23.32.185.123
23.35.237.56
23.56.205.163
2600:1901:0:76b9::
2600:9000:2250:400:a:e047:753:a221
2606:4700:10::6816:30fd
2606:4700:20::681a:71b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2606:4700::6810:c0cb
2606:4700::6812:19ad
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:46::45
2a00:1450:4001:801::2001
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2014
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::c
2a02:26f0:480:22::1726:62f9
2a02:fa8:8806:20::2040
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:ed3e:d5aa:dca8:d92e
34.102.146.192
34.120.135.53
34.91.62.186
34.96.105.8
35.186.193.173
35.187.184.108
35.190.0.66
35.244.159.8
35.244.170.237
37.157.2.230
45.64.187.237
5.9.97.176
52.223.40.198
52.28.254.225
84.200.5.215
85.114.159.93
87.118.116.9
88.198.250.30
99.86.4.36
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
00d75ee4777b74634422816bc15a70bc6bba3a7c75f4084131105f4451aca270
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
04b07fe3cbec83e56aa991bd421ca3a1ac40f3060ca2834df11c9e41e07d29ff
052fdbb140642c604a160f547dc78c9019b540c6479dbf5df2397bcf4c86567c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086201b1717dc01de92caf616dba26dac813fabb51aa117fb6c42502b4b1e08c
08e19f20c0c4613dbd701066936c7d1fd5c3b6e497e8ef78700bb550805798c7
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0992d15da4413aece766e90e0c035a8123c8c923844f019950d743bad46d9728
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d165421be82f9c9b43a92cbfccde1a9afa491f05ee1d7f083f0e1bd1722ae01
0d97972d409ed02744716872d8f6c3b15dc8007075e44050c19ee1e57d97ae86
0dc4eae4be6a462c97268c1238442d36dd78708a5b3ed989a4943b185854c465
102e056bb19e5438541542aae480b9003c3a1a4c8ceaf8728722ce7d94ac6a1c
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
1126261762db36bce53560ac36f5ede1954662d33a6d6eeb62d84b715070e7bc
114ef306a2bb9b74f2c168785aac84d463aad1b59dfda893a3b67f46c64da024
11b27fb8be1f5de613fe7512317c2412afdcdb86b9ea19fa9b26781504b93b5b
12283f9864f47dbc4fdc26a2bd17d27154f7659893bf2c2e188cf476f53a27be
1328007b840201e2485f2d1f6479f510823bbc7ae7ccc6b657d27eedf128fa85
1333e43ea716bb908af6f9f1e55f751fe41652b41bd5080a1d1f1c204c4a8ef6
1337faec15505996a642eca60aa6b8d2af048dba968cc528c1d6eb2b3e228f3a
134bde9b160a6af9315c1ed8c695b42e5551ea4e6d390a6a66a4624254885136
137da3a02b0207fbcb70cd734e066073d8523422ceac7317855d748d69aa53d8
1382c8a53f7b1507aa7097e398a8d966d9fbf892cf6d659b75d928c1a2b0838d
13e2601fd28db576414bf4d48107d9318c3a789f4a0d3e7fd891046088383ea8
143ed41fe58e7d412f14a6ff4f8c0f38094ac683f3f8ace929bd0c4f3c54ede2
1499b12c8439713c3313a96820d953e1fb5eb3cf3a9a0f670415e96f068fb648
16614edb31cb210f98c4980e88e9461887b094d09ab3809d1d2587de1fc5c8ad
1724646da775a861e2e73ef05aa2c63775da5d1779c51d9b0c8ab7f28bfaa29b
172790fe3c83b2f57db2095b32efe1437d2bfd47b97ed2b5686bc3ec2258c1db
17d38276d1943707ec1893cfbc3c60edca4ca54d824bf2001093058879713052
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190c55c270ec5e3ba40904a45caef4d9c03de6d213475bfa293b6236570fb455
1a2b12c61aaecc6fcb929b03631b00676c3a2449a6b1ec0f31db5d1aaf2539d3
1aa871bfe9fa89c6f4f39426df6c430a7fe26afe36c01a8464aa9eb4d2573f70
1b2c840c876c28ceb0caabb2d97908f90c408e0d9a19ad35f6d2e535f9aa9ec2
1b68f78330614e2fd21a8f9a7c789c8bad65c2399654b3426939763669549625
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bc30f5f189b3ecfa366ae3b518740178a72fa7096f9cf1a57a3e5875cf400c4
1bde8f8252479c69c24c224e6022c596941e5ba3a4b94f5d7d508d4f872a82b1
1c12a30520f64c10717cd58a14623ac81f66a6c940db9b8deb7d955acb65f3a9
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cece893b67125d4185e5d6cd59060be41db5271d0f4d629c8b34e8f787a9d89
1cf56089b3f871922a8cc2d9e7d3090cab4598cd069eafefda7a8bb6e0c4d6b2
1d851b6dc26a9493b376c3be688bbbdf372abbf444f991d06e05b84c0efc2cb3
1def1097b72490db9d47af16bb61b42fd7e1fea9b227fd43efa61b3285020dac
1ed188f42e3f76c96d6e3e2fde1374273186b82068412ad0460ad4e721db06a8
1f1f0ac78072eef4d16a1bc01daea2cd53b6899ec5ba3474882dd8efc10c124a
1f2da7813fbea4f37ed994e7f4995e9046463b9fbe26e5195cca3bcc743eaa55
2021b173b1a23fd6a2cb20e7e6428bd48e0d1d27ae0ef2f7294c7f769bb45394
21684861bcf143250acf3a9f0c4fa87b990884b5d9ba86ce0a986661acc860e5
217262c398ef2b0bfe90ded0d49887f3276022fb9953f8cfbbd09509a39e4556
2272a05fe281ba72a9903c24ee9d62d78ca4b555e715a23bc18c04008446c79e
23b4610687ccbc3c09cab52597776a7132c40491dd9a2273a7af1da286c262f9
23c598377d919c865f466b5ef3ac8cd31e00249faba6b8149920d63bcefbdbc2
2424467a9c7819732eec4e42c82aadec3f0d8bc572d6e9b174d5488cdcaa3937
259eda99ee3624cec41cf232d583d78cc9260cec0ae6ddb7f4f41bc9cdba8b40
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
267ab4a5ea85c601950cdb29b6e278c024b3e1be38d2ba27d2c39523c2e34741
2738f4fb1d498ab5bf2fc6a4f6756b9ebfdf60899395e9bbd9c781bc959e0816
274092432a2d58df5ad52ba6b516d96166bada65843299fdca4b8dd6db1d9e89
2755880a302e6a7798832cca1e37a952a57c1fad0e16ce8dbfc6acdb99ea8db1
28093fc2ee1e60073c2d50d666f1b0eb5c1401a09730a469875d950dc8e9507d
288c972ea50b63705a6b34a68f5ecf47741cbff939d5e10e728071c107d18e4b
29c02cbf1cf9f4fd70dfb1c067a1975a30b75bf22cc45e2ceaf1060e46f29367
29fa6a0f7796e520bdc0b7a04d040a4788647f3d16ac3719e519bafc0ecb9da3
2cad29b0a78bccba1e2fab28921139943bbb71b85ee2629ac458320875ed41a4
2d518aa745e59d7399def706fa5e1b3ca1bb9acdcd5d31518c31f61d27dc758a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f791f62920f18fda3fd609e00303fbf575836812b561a05fb7d230a189127f2
30ec71893c027ac54602cb5eb38d30a97c39540f4a5384f6a175a4d49935118e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fa0eb14e02feec1108591398123b9a3a5ab1f4c5e8218ac040afa2a4e2ecf1
327ad04216c88f3f35ac035e4451fa3a0bdaa3267784ad8ecb99ce5946051ad6
32879ecf9aea0b36eb97887c282c3edf857d3dab33fe098fd4047be1c0edeb4a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3299348e8fd1d1ceb361ed0c56076412041c42328c82173c45e330c27c4b7a8d
347f6cd20880fc426f1d7099177d6b448493d2af646dc89fe9a4fe4f5db5cf31
34838b3fa4eb46e4ca27c1c364cef31d722726a8e2d9c388d315378ab44672f7
35294f3aea1be84744bb4c705cc6fbe03cd6f1f468ae5731347a52d3acff94e1
35cbf58f55e501b2c5c94d6642bca02ad66b31b11d30b1e830313094a44bfe04
3668f6d335416599574fb1f336cbd2b9bb2f8fcff63e63a9ca3b68df4d0c6165
3686488c46168e023bb4d2dc39962502ee3e372cc8823516fa54cb7b1f51ee8b
369f334a9aa55fb45d92555727544bed4924211689a66e39be993b53744d8e68
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
37700da260864e73dc40f3e1dd4a6c4e652584db54c69df71ca8f93e6de3573f
3771f3a776bf69e9876a7158a93d20da3b629206332dfad0d17b78a1c2dea772
37be9771bb7032cccd856084f2489bdd36728c670ab8fec9b459615911cbb2de
380561ebc04aa3b51054f0437acc42edd874a86263a34e58370d79f6edbfca6a
384c2298804d5e3477a2de30441a8bf44b2da10698dabe12c87cdf93710d2e1a
38b3ea36d1d500f5de1750a65a3f9cedfe724ef337523786fedb2eac56fa6c66
398056776f6271ff4c2c3c57357542127d748bfe723576d269141da41b838e71
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b1e7b3e0eec1cdc333c7a0d9ae90531ba47b3a46b99365c22f7c5956c530e7a
3b274ccab22ae80e2b294f5c99ad5519b374e77c6298a1ba82949374fd778b82
3be563fc939ce81c4edc4af7fc27cffa6632ae60164f9cbfb6c923e7dc9fac8a
3bedfc6a1eccd45281b8c1a4b66af947f9944b7e750566c2268a4eb927ee2cdb
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d9b0e771bf0255ccf5583a85b215c674e866614409b9c5f10c0e8264d1687b1
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
3df5f66b06138571e546c41d265a0dc1df6d43fd65e7d96c0c34f26897a28c97
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f24acd57aec035fffd76b0bbd29ed438417cbb1d355e95c99ad044d74dc68c2
401683e74cfc3026e6f417130a9efd43f4381d7fb37faa71f037132462b94d6a
407c57f44df9370aa9daf3f6db4458de526dfaf6c825c9017b1206537c91aca9
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
41b4bb5f1b18aa7756c1cfad4745dfe33833aeb0f9f4a75698f5a830b5283296
41cc6ed5297c362dea13bb01065b4f1933beeb375a989da1b8ba76f709818cde
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42695f05784ca153268152fc8d6ec39f8477dcd7e1c1a38557917500ab30bad4
4275ee4b58a39dcbd59ebeb2c806cb7afc45bde82e90daf14808b64702ad40b7
42dcc2b958323d7a616009919760efed772ff09b07318ff72f06f3a5dadef2c5
430ae8b61952325c33fe32ceb2d01afe3b581431022588b14c0d0b0f9a491618
433a60bba0dc3c10ed023fec651cc21d85c1bb1cdb23e95907f142f88da3a040
4384361fa2e71faf7990051ab247fec44e3a7c7a0c8f81cc73269c867da0b207
44e4d961813f71a34e995007d1137b2ad53508d7decd2f0e272351aeea304495
45169a0288f8652815bbffc2f599b8c93686fdaa4aaed19484dc59e639fe3768
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45941cddb32c44e5eff43b00a2f5ead40b9d0e6323ae161a40c426bc8c500f71
45d61531fa79a09724615074961c66c4060d8fe4606cadd771b9b1a71a7cb7ae
45dc509eada8751cd1e902f5df9e27627f4a4b08cc187ea24c7b9232b096c7b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46da426936c56abae3784c590958a4029fab6886218e91340924b23fade940bd
472ccc77ca94c7b945cacc525c335cb96fb24766a1579e3bf5b743815a51ab7d
477fb9dd420f9043243761346ecc42820e479d5973b982b6fde2b0212aae0ac7
47967b4a22d5b85e5e5cafe36fedeed4a59ee746e5971a047af8ce6a80d4fd8e
483ae5b7ecaf13dc583657e06cce1ed4287c6a9058882315d41415e22932cad4
48669812a425fdeaf56ffd4edd0e5a816603c63c8730343096f9af36a6236025
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c98e8609af4dbef60b052a9e7f468721bae298b23325ae7f9a99a7707d38d7
48e79f9a8af22b127ce3a6f8690a730c267205ef31773b2c55319913c15e8d82
4a4916c174a4a973131449091d8ca84fed7b6460dab15352d24cf18a787e4cda
4a7323e227b0329d5d5b2e2a9d61bbefead3aad14e0dfce58a0fd1a009624036
4ace7cb9bf8a3cd67c5d43ab6b1e29e5733b05fd71babbe32d9230d8d1e7b720
4b02651c618d9aed2682ee59715d8432e22d567fed5090a591a536a102681663
4b6193c71ca1a7dc4113c81856c09de19c58212f6e7adc67cefa506db0daa4af
4b7de23adcb4d4c8adddacb20e4ac9f0500b142f880ddd6422f013f455fa40f5
4dacabc4dabd01ad27708f6444f4e6353ad90a4c9426483bd4806f94a640db2c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e86134d0a34170ff9893d9544a3b241bd60ff526ec9566e513f8d39e131c4bc
4e98c5badd54c82b21d1b3b51c3e3630a1b147458622b94791ce378f5dac8afd
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fb031caa17064d63bad6a66b503a2af1e73a3266b226056302f2447070d79e9
4fb42ae8738d17ee3744def47860b403e435e1f2504bfca289a38e2cb339d6b4
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
527086ffd8aa5bdb2b00dd5be1b15e7d0d282ec26955944b49fe40dc21a7c274
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
530e6dda430947dc397cf705b384bc38b6e23d601d5b23a7169aed6918d307c3
534e0339d7dd364cde1afcf77eef6a88b4b9c6cfdd1b450c622f0ad1004a04ff
5350afd1ce34772b9c9ccb2cfb6c839988d4e279ad977c756943afeda48b6609
53e7c89065e0bbb78c6265df4a262b70b5edd1d03568548c2c4915bbebdb86f5
5409b00c1531cf7e989e59f50a440f3a70c019dbefd5379327661fcb8d16bdc3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5465db67d8305b08d7d9bd1ef87b4b0f1291fa7dbc2bc92d460b56a8036e8ca4
546dbfba402775472f914f6b2779552efa3db2c3eb4affb0d0356da5bdc3132a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eb3616f0144dd0047b807b0c882db45b39c6e130f9997e9e08305de3c876d1
5530a14a46b88600883db7c995657dac787fc500a855e05c4000a2a4627f8159
55ddc4350919696487858704796ed175de6215690d73f6c0d55d623621af7d18
565637476a6f33a1187e3dc40aa6f65fda018dd1ed19f088490bdd2c2076b6d8
57491fec2f6e3f5937f25b01ab92ab5dbbaed435d4f96a508d63d4c54258bc00
57bb80202f72a1899e8eba944001bbbdf2c5b089730dad75b0f477ac2d57b790
5902ffd2b365f06db61fbebe2addae16082240141877fa5fbe2d6a7cd35ea5bb
593d7f65580ca7a6d1ed485cb1eb13b97890925b81dae472c22a3e9c5e240766
599fc36cdbfa2e704431b32f80c0da4d9f1207860923856f9aaf94ec34485b1e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a787c63f0d6f4a19cbd3a90bc03d6f65514eebcd6ce472bb1a59c9bf9269643
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b9db7e260a58a6125841ce09cbc2c8440aa5eabc1737e301011eed3a81721e0
5bbae302752900362cfbec76c9c9ae21ebc29d7c503682abde3e5189a56f0a47
5c8aaf3a0a4a9840eef8109904bf9d8ca3cf0933567fc63c82f239b7bd344ce3
5f4be103da5669c15790e1c4307e13ab2a95eee475d1e8d0111fcc91c77b28d4
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5fddd158ce7c6a55fa321359162cbe94a34b5990db6a94bcc38715b4e737bfe9
5ff82651bad11dadddedff788d683f42c89d7fa0dd284ed7ce62d66015f6197e
60b118d30d1c214d6aa4047ea4d459d74a5caf1c73073f26fa2099f3569a1a77
612eeca9f9cd5259f3270d8c08e877dc6cc6dbd4fca48aff38ce4cfdf7d82818
61b770106aa1fa33606ec43fe30c388740ee75176f2482403a48d55ce3a3163a
61bb554f7f2636654d8753efec0e55ae8e1ff4853af1942d7efd1f28f54e783a
61c04ed094f6de63be6b153423608ed266e23ea935ba3d7f829f07244d29b3f6
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
626605fe89380aae0e5f7a593f35ef6ea030305a204d96a1c24856e1879ddd7f
6448a3fdc4dbcd23b0f6e3039929a39c35c6df1a12b8749d05b313f620cbe059
64d5734555f36812cefe3ea85714d1ccaebb39a42f9452af15264e5677631df1
654cdd620446f3e743dab2ef1ba9f47e6fb8c053ae0d4dd9f0ee0688519e285c
65cfa6801a0886fab249b224e8a6982b4740fe7879fce99ff13ddaac9aaca01a
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
674586cdf3f2575bbf0910b5cce3a250c50c750b730d6196567a53f7fdce8efa
67ad993e9f3b230407136f790bc677d05874eb2bcd39e8658bf9ce4a128485da
6863ec498e6b64638491cccd2d5f6ffe2beebdc1f03fbcb92842e37eb100282b
689914cf34ba4bec16ba9c2c275d7b9c5fb5f2d82e68e8ae96807b525bff5297
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a8e75b196cdfa77bade2d95197e54271ed7b8acb0f9c6f7211c92fa07891de7
6abe50ef3e60504ea153ca28d383b84b8b184428f316d1038feebd6282463d52
6b5a790ef0b83866efa52124df594365620855b0644e98e0959641949929439e
6beeecb273015521bdee590f53b5cf839ed939c39767689df623d19d74f56e4f
6c6be7331c3d44a11a2eeabf7bfa52816d79b6ddd7a4cbac40edd973d2e93c10
6c83ef48243bf86e466c85c3b7607ef403290a616dc5354b53e6960083f32fc2
6c98c501f3abd11bc6d5f77d9ba30a0ff8b52af44f7ec0dba9b64b0e6e059e77
6ed7bbe0f7534d7be667cc1a7e7298aeab204090fc0606d87d0bc86e0bfdc764
6f79c588fe103555f4737af90bf7bff955b841f9fc6722416f78e7a177212306
704563b588aa1b28b49d192ef2ea7ff6cca3ba76f397aebf1cef3bfa2d15e8f3
70ec208d025b5e9f991e0b6617bededa40f988de1e40b30944cdccd3b3e89192
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73143ad782236f0b51a2063a87accdbe61232f04947e648604967e678331cf9c
73c7fa0824b4410bbbce093e126ae60c8f8b05c66df0664e49022c2c964e0881
74341c9a0a07533331c409a84321579f7663974f93e2ac1f7191121aaa659c09
7470a14b8058cb8e35ae75127e935c4036071fb9aa0422351830c9bec6b2764d
75445a8bddddae24ebfb1ea245f4f535160ca58717d3f0f7fd46c695355204d1
76ec1d292f994a741484db5a2cbb55f9dc8cc6a33aab395f61884f632c1c82e5
77e62403c5cf03c97081a20ccba81971391e554663c76f39b323a2e6045958c0
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
79833636acca510b690d7e89aaf35a10c54a335085bf27adeeffb9edd5b0fc73
79eea35917caa693c0f48a68a035d706e73105d08e216cd1a613bf6b918dc913
7ba59bdfa5df7ac0f5efd3d15e24f89455c8f30e3b8260586c0429b2219c2887
7d0fd465e6448ac9eac534b1e2b4a3db8452a384b95b1f2c8133a07ee3754976
7d567162995592e5fd60a0228f5b72c31e1d7a08d9ee2ab364543951ba22bc42
7dd416b391a01b21e4db22e2d63e78c35ca71f41891b03dfb990e68740c6a3e8
7df956c080a1bb3ed36decdc5b978505ddf07aa8d4b1b69e6ded3a9773464a2b
7e5fab99472dc83e9e5bcd23c18083cb02c196b5a9724b4a78d8e44b6ec40e2e
7ecf190f26ee96daca27d28b2150409d191acf884e1e8006688e2063c5e32cac
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7f7337abd33251d4467aa6cb7244c1a3b5cbf90efcf474f9383479fa4fcc6d51
817c9c5b2332df9dabad6d6008da8aefb012c0b3adfb6642e90adfcc24447344
819082a4afc84d55e834a6b6cde9503eb1ce3898d7b3d0d699c2a5c136fb9b92
82f531329d8b0484de8ba498b0bd4721a56b1d027cd458b1844ed3e311cad0a9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d85ef3715d5271cd60166250e25c6a134657f70c3b99076d842e0cc0eb68dd
84bcb397ee8fb28950639b02674337575578302143c9d6f1bfc6c6fb2584c4fc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b691a046695d4457e6c0f3eff33e9dd528378df87be3af0244da33e5e1de2e
85ed86099be0bb589d176e7b01dcde9fb2e179e8b2dc847e8ac149701f86c0a6
86d1b8c1e0d30b5918ce369f46fdb1c7cd529cc823e443b961cdda9c9b73e53c
872b9355e9384f4f8d6b4b83f278a53123c1cdb0b1a0f9fca82a5ae8f23f572c
873e5c46cc8ce0b17fbe1f11dd95e9f15dbfa715e3e407d97f31611b5a460d8d
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
882b4d380a87c8ba083a7ce4c45245a7b49df2903af33fa26d0294bbfa11fe8a
899651971d6c75117d28df0030f881b94f93c8b0540364cc3d569cd3c8195010
89db90ba811ebed9e4e7f1b0f9ec1e3f4c6b414e05b43b6fab023a4dc3782f51
8b9190a67e86adbb29ec7dc195e16bc9cb540b59a213f4a5dfd6f63e637c0a99
8be82f349b2994d7f0ed7fcba5e50ffb8a960f135e513b34730af4578cab9883
8c25195f3368bcc350d8c28698e649efdb426cb070a03f0ceee602e0fb01141e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc0b8445f80ad134748d7c83953db4326302247a34ba6fa2239b61836930842
8e23758941bd4687f38d9a5c1b3f7a147f609a8334083933ddc18150edbb1dc0
8eaf58dc7665361afc4e458d32a340c78f656c2758f4302a98b2ffcb740a70d6
8eb30c9cd87253fd806a8e0e661c6f19366a4023d5d162ec42b3d6370237aa33
8ec159d7b694445c663bac2dfe43b1883b7e24b4c8dd370821d45702938e0833
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f520476b3c7e02702e80af9a07d6633860bca07fa529f68eb52cb4ef1260e52
8f62b043df43b0a6d167dda8d027c2c9fc312db795e95ac8e6cea31fb406d7be
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
8f8534d93da83a0fbbb300cbc00cca18d6a3f08925c51a073ba90bc48542147a
8fdd8ca5f713a0d50301ecbba140ee4a1fb52e6c7e43a241e8616c1b3915885f
91040c8238aed2f09ce6719c809a0197410805e46a7cbee7d5aad74d94cbe77b
931974aa760809192f7d15b8c88389d160e4c698c0993e75782d664472a12888
9390bf8083e94d79e8b48de08246a3cfdc4bf9743981e2e8cd211787d1927fda
93a7c855c5c309a1c29e5ed25d42fce6ab89d8abf6e760354cd54b42e71f1865
93bbc818559fa12ddb145f162e92721bc22b3b74444c91ce9cab7a8c10c7c8f8
93d7ac14b726f72c7b7b1d9574f0486ddffc43d365d65cf69550971d6acfdd00
9402e2307075b3426a9e8b2785fee1b5199315506d110e8e3b7a9b9c0abae38d
942ec3e04b2aef7efccfd107f3884aeff4f8e945275165114246ba702a6fd68c
96982b32c280ec6fcfbaee6e8640f8aeb2b726b8e44ff8763f0d5be4e1d7d01a
9776bac73ebc8b0da31ca195eadbcde7224c06c50e0c87b6ef131209a44c3d8e
98280a0e0f89cb9b601c89313eeb3b711cc8f239ed313daec8fd509dd63148e2
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
984dc59dbd7cfc4483be13c8a6d95a65099ddc8d7010db6717d1d8dca0ae3cbc
998993c4252cc2f4f061efa2af29ce32a3a8ba07e6d27f722b2a1a38a0fe58c3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acfece592e3602d6c75922af0271dc6cf23fdd6b68991ffb206d091d13eccd7
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9c279789774b62e7077ce481e25d0d9ff8492d80094ea26c41041fafd25ec108
9c300b6fbfe6d373e1f53b2f0d33cf9df86d9310cc60531ad231cee97aca2bf0
9cd3358120e9690cdeef256ade204e2a306d28b08abb0aa46b1a40ac55c57fef
9ce96f893f96f9bf5317af7de31b05aa2d98ca417fce1a1e8f87c6ff60088b27
9d5d7792deca0a1e004bc20c223d23ed6804a01bd08871a0e021adb920489fe9
9f74b28455a9eb67a249458c44376615e1ee2912b878254291282220b99fd2ba
9ff66b97bd8767ce16889bf15fc6e18e59fb7e60edc88bf9ee41416d3031bd24
9ff9bceecc62c12f376d057d9cab274b4da9d432eeed5d8124d2358a86ad0a87
a09240e461a873a767cf5cee39d63c98fcd7b759d0e9a12dba8fe9c5b3064eb5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0de710afef1c2feaf0c4969f1bf294a6279286cf70e9e7880c100d6752858ee
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a189e2639e82f3fe4b5219c9437248ce278ca41b2091c9836aa9f36038647704
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a27cd454a79b5036e0169cea6e189e0d5d566f18f5c9ef571dbfa6fabba56e9d
a2b5544f12c0e42555dc45675cdb4b76e9e6d973da7fbb223ab3c6090a7c3d6e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a479f7232194e535a71f9c6b59199caea997e5c1e8aa8e2950485c028181e2fa
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a53a0ce30a4c985b721c337b6d0d1fd3defd7aa55ac3ba60419b38e2c6879bad
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5493a5b3c37e372b6fbad104606ee808ea4ff2f4f9b9f42ab060e20ca78cf84
a57b6eb013320f0094f0c57997c807b2b0f3dcd1df5440a82d297ab8bbd9cad3
a5aef1c4b0aa0f759f69bc46b35fee7f2a3b76ac3a1ca96a6cd6783c9dad9bcd
a69fdcb76cedff3988c06646cb604910ebd690df73ea280f5607f6890e053b82
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85e27adc76b1029df5bab64b340bd9e33ae46e652651dbdb36695b48225ded0
a9c8c9a37641484b70c3f306d5bdbddec691a1c219ae95cb3dceac43b0560324
a9e5858ee8176b876f4b50a46fef01341ff02b2f7f3dcecdffe16eb1493480fb
a9e934f6ab1a45cf0e4cb01a607ad712bbde00573b82170eee5650aaf5038915
aad3800cebd15b83357fe46daf2bffed126a19bfe34be835e80e0532b5df4f16
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
abb054f2c20ea3f385f53a9077a74f509d811bf6faf8215b5dad6dbffd02c274
ae03add3e626c9e1005f8a7075aa5f755400102f71370c5d592c7545711aab06
ae7841767a161e16c74ba1c0a511b6370579266df69a3fa207d955bc502a4dcc
ae84d8ecece64009771372aaea7941fe8e801bca007275da0c536b652533266a
ae87f41773c5bbe6c60bd0450288e260f1a41918b458f0cd808b4534ad852df7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b05f9cef6ad75482bee12ed553ec1c7d6e8cc2cff969d26c10fc29bd43c65b7f
b0c31cb57388bde65d3a9a7f7807d909c4946121be0d2c06ed1a791e2b1d0cb9
b0fc7f7bf734c61b8e92ae4b2a424e309098ae38af61d0d8462a26d56479b39c
b17254ce09af2cd16eb778ee73037172a21dd952a03e1850eefcf6c39a80a576
b1a4765c4086ab9a52000087ffb5f15b35b51394467987a50040e7e43b6c89a5
b396a226099848f402ef5695b662acc20430fddd59d405586e1afb3b8d95c0e9
b4cda2b6aa71c00ebd47e5ea401c1305949f975e6289c2b5d7ff45c0deda3bb2
b538751bc4419d2a405aa98a7d4bb073fdfc4f4a15223c2a8c47bf09608b4618
b623af9309956c6f9729df28935ff60dd025a26feb72f4fd0ea691b46deb74c0
b63a4e458767b1f4cd47370e93877e706d1e7b798a2bba9e7b1de960391d056b
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b6bbd8458be64c8c625de5592476e38bdc09721245b5220cebe8f0b8a44e3c10
b72fdf646bbdad0beff6f6fe46f43ff864be256cb575af00d4b58cd26a629285
b773acd824b6444c4c07523a131ef56b0371920ae17e69cba022d332a6311128
b78f8fef13572495cebed9f3ce52729b8f80941aef6109d849111ba3a13938a6
b79750031e947474bbd1b01ca475a4ceb19edfc3cd7be1ec9333ad270e406985
b8d0217a4cd3a83990d857f5d9277abd261b88c03a5c85dcb6fce2ba45f3cb25
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
ba5fc39844de982947817307cdf44c2355351bca821c7f3df52290c7a2d78993
ba8f07b8a7817a205b52694f8e68fd86cee6027cc257af92d3e7767645dd2185
bac6d1edb06778ac423302cbfda1156c9a9be7476bd7851f7e547d64a400da88
bc0cc9843febfdb9725f2d2c9f089bfa46dda9da40d13278d97e4e52bba7e84a
bd2fdc1cd07ff5d490035bfcd453ff8755a3b25a1a8eecf94181dfe3e9a576e8
bdbf202cd096103d51142548fbc224c54daec112d86dc4fd4a1bd123dddc9927
be2ffa28912e8c4640e66d61a3b6436971dd4873cd25764939de24cef5cf5118
be3ba7e056677a03577a5228783d4c2d12a85bfd84c2f4c0db2a610ddcd7cd0c
bea9c6f394cbae24278ea3b46fa3dc7e13efe94a76d96c38b7b839be4b4eded9
bf0817f82de9416db8e42a8d19e9b4c43e35cedbb2d3593543cc25c13f4fd9d4
bf836e56f5a3409da4bde7aac38bff468625a7e37862bfedc347450a9b70fb89
bfe58c3e4f67928f320950cb05524dc012abf7ab1096958560101be80f83d447
c0354c512fe9ac534670f42761c954a5cb683ae7a1c74b6e93e866113cc76863
c0c1eb2a7d0cc33cde82e8ab1ea9e3645dc868d0967276ca038383634a66fe48
c1458c70382790487d0f025efddeafee3e313e9c7ee71ba49acb40fee2b6fa2b
c1c31da6701c069a64de4558efa94add8da398c77422a890c9ae1d6f7033d5ec
c1e63b51e56737f962aa57de3ee19c02846b40990a3234d785818df127908aa5
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c208f932d9a1c8ea23299037b4a0a8dc08c8746203f2241390b1494aa01ed7d2
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c341d4c068bf0ae703c52f1777765531bbb409249732b7ddb9052081b8564853
c38d64ac2d50fb25555294316768cfed9f7b57cf11f4e477a045d088b816e91e
c395301d3636963578e927e670f7362518918c13ed99ec2332dc99eef693a38d
c491723385ea40b510133648e1bb513ba60c56ce0fe290fe349c540da0c312e4
c5d5c870a8cbf1cbf6ed11b64fcdcd3bd9469e757b27de7c43113026bcdac23a
c6b8a38bbe88d40495cc0db00d5da7e22b9c291a83e1d7fc07ea812f9d9e79f0
c79880eb33bc3b562d84a1b02a69fe949c32ea81603843301c7cea2d653e35af
c7d7f3ace5a02cd7c9116f7e3f168478029169df8c7f173848f875a109bab18b
c7f7f5265aeb0202ce88e8a6dfcc0ca25a7b990bb9ffac2f9e430ae6af2b6154
c813626711a109d161fc3d9ca62ee2f06c4b513be96c9d32a2ebf505959cd741
c840c71ce9406e85c9e529fa1072c07f8413ec284078ad6830555bff404fd8ab
c8d72610219d3200ba9ffc11cad1dc796ef68ebe94d7f75d50c41e063a22d2fc
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca63359f06714f8efe2191d9d3269b178dc27b13f342ba5b1693a159c2c1b0aa
ca6f4b225b4c6f57fc84eea4672a4cfd5b2451146005dc2c79e15c1692cb1fde
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbf736f12d658470e6926d309bc0b77d6f2d48f3412f7659aca07a96f5f90897
cc0802baffdf00d886488d93ca0470a4a5a7d107d08307b45e308cb9345dc774
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
cdc1dd287e933ba5b12ccde120c9de8b24f82633b7470cd487fc99d01f3e580f
cdc4ad56822ba8b1a62bff799bc68e1e9a6f27ff37c6f6f37f9e0da834af5d8d
ce297fd48857fc1a50abff0f3908aa607eec9093d8acce0b14c2ecc7946cc79a
ce658b59c64c9591d7dec80588f8629f37fe0cb594c405eb4942a1bb76dcba4f
ceeedf14e053d8796846ae37946887e0d8dc046ee424da7246b7f449e3dc4b07
d007f69c80348823c35d81e79e264885d4886a666ccdb253881867d4b9fdd5ae
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0111739ebd74f42436b420762a1354526423c5e4bef74c01e2f457c44751082
d013485466894b4287d47b52869bef2ba059e2720d7cf2b33eee65dc5737cc48
d034d4f3e5584e7d06a7b6b24e3655a46254d4ca7de5829b9767889c97fd845f
d0364a8643c1531b82bf9d55d51693f899d46fd61afa65a07cd7033e11f4306e
d0bedf4a2f718cb81e021224dd034b779c1da933380c20223a90c6df91a904f5
d0cff2fd3597c88f1b982ddb521951c0b1b16dad809a2ee804fa1eb0cd4d246e
d28d76d0a17f0452a261d11245ef69967a4e9fbba9b5766973e117009e2238b6
d31f9b55e9a81bc18ddbdff6580753ac5d6a2536f7f709171c4d98d206ae5da4
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d448991d15499edecfb0ad39bf668320897c3dba15c73aa6e13fbe6356569183
d4a93549451c69caaa6a67df2d2e19c14dd8a770a1b7463d6debf3368f54b0f6
d4da2752a0c926a286a5ed2627348471eb7fc863524622afdfe5314759be02fa
d50eb4daf35aad6a43d0270f0aded0d2da8b311efd98ffc9790c77cbcf34c2e8
d6dfd1a863b123c4a61e4598992002fe5dd22d492a74125e0f2c53ad2efec27e
d7ce17565c2a0c106bd39bffc6b4ba0baec2f9946f2c3bbfb0775269f4b630dd
d808a17e3af8a81ba0c3f9f64ff580af3ba53b11580d2a9c4fa4504760d90b75
d8fa52f8cebc5e5239290cf554ab7b7d3e0c9a8a065e6ab72372142cffe82502
d8ff17203d21139a9622b9dcfb5843aacb7a7e92b2fbfc2845486111d46cc8fc
d92dea6580bf50e1731ad28624313ad200ee301f33eb697e4b9ef4d64d66fbd2
d9f42e129b5f270f5c8b2312a09280fbcb4a475690456b782d1adb682402daf4
da0c85f46df4a1c20e142a77d60921d507890665cb81e7e9b0742ed1b9f8e826
dc15061d8c788e977befdf83b405f229f96556c3fb1c31e18958a66f20754f0d
dc39b26a60ca5c40eb1b737bc7811ff55431197a284ffbe690aff85c641ed600
dcaf67b5503a2b2d8944fad0d26468c7205bf8c2975e1c86a1500da7f2b5a5f1
ddbda21655c0c2cb09913a9e33d856a8b8f3e1eae610cdbda8524def2dc71f7d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de702bd87ba6644b1e1079ebe74385a9f1ca64ecc82b79a4888e8af5533a540a
df19891eb1979bed5bad1a5b827ee6e1c5766de50b95b375c96f65b64e7d7430
df8b947e72a3e609e4c24ebb6fb02c7f2cb9119af8dcdd4dc083f1a7eaa9ae74
e0d006d3b93ee93e669d0b6b3b2b29bc4da89483eef6007c90ab91598a8bf701
e198064a03222388a3bd96cc8d466722f7b25fc0af72c1f4a3fccbd7a67ad42d
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e2c322ddd1ab256136b78fa5ccb99138d80c23ede846aa9f0136e3c055b6281f
e2cd3d65c33ec48aaa53bd85eea545423f11711568b68948b845448ddf56d383
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4053b9ade974c2b27717a436f3e6ccacb96460eb8d46b3b579a720a94542984
e552518e914bcb389ac1c194bc39611583e6d672b646f89a2589dd4604e446e3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6888cd690ab2b9c9361b3e1bdccdfa37be04374c5ab731d7651bbcae5eab6c9
e6bf95ce44961b2bb1a60076652b7e8f5578bcfc6f6866cef79f5be4a526c94a
e70f5afae2896e4f0428eaaa8b95691bef9b84851a34de854b12f5205a123f3d
e81e6b638202bbdf9e2ebe46b4137db06f58c43baa9f35b3e79d98108001a212
e84635a2564af08e5d0ec024e5e2c8452828dad83e4353a2bd21ba8c3808c324
e86d3703af27920836907968ada5890309f2e37d05fafe361cb5d25e9ce02a67
e88e77ce759120fd305a508ba42969857e9302257f7f692326ecd78c5d32f214
e8b38cd4372f230487a9d2c5f2934d1b43a24d781ff9e733907a9ba035a4f473
e8b9704ac1420eca9d1fc12052ec43b1dc680cc85ddfa8c82387291fcce90c10
e9eb0dfb3e114bd11eaa4cbe8a05836cee318b60cca12c94c3b0d3f5f2bfd8c4
ea22c4a91bec6695a49e5af5aefb72367436f798c7615087cb78d60e3c91fd21
eab81047f9499bc3d4426c980967c5356f6340e39bce3f9d56e639308285fe15
ebf1bf9bdba065165f7248032eac751020e8cf6cc8d07813edee79a46c46c58c
ec94109bcae1ee6e05d555f638348b1750d02d9cbbcf7c806d87204679eee862
ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1
ee34f794894c923da9a02fcb16b5caae785feb2be8aada3244881633e2ef514d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a79b76f29f3b28b2f8995f7bd635bc5fe214d434bf0deb43d91c2c36219b26
f1219031371fb4fd7a59f47c43b49e92caf774b62741ee243c666550f331cdff
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f3d4d0d92564201ceb0ec3465188a37497bd7b635be731b78700c3b04461f1f1
f4ab97a0a3f38a6c386aca79430418636447cd0ba053d0acc2e38cf69e7de5f4
f4f73134113524c59a58fa69ff588aa0b355a80932876ef61b45a15b9c06b0f0
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5c6fadfb3fd62eca8b226de74d73b64e2235f1d7962b5440f136aa6cff0ac35
f5d1555ca1d1736e61e55fa9abd975a91b48490c4582944fe2d23c22b20b817f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f76d076ecf1c4f835a707d1853cc16c80a638b2c1c32e634c664c959b228ad2a
f7bdecdeda339322bd199bffc3fdc663978cb35dbfd71aa0e85242e9738bc738
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f989602f313600471bf15bdcb48d527d503ca423247b3a0bbf6963c0a9267409
f99faedbb1ca9dbf0c9261bc88c42afdcab10f792bd42873638d67f4930aada9
fab1b142df68e9bcbca68839925310211f33989c4da5b6143fa6276dbaa7f219
fac05f4207766967ab1561dd00f69871a24b81b990347e1442e3f5a206133846
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc418b8f556aca3aefbf6f6e0208c2bd88b8badda8828b27c366bbf91784c310
fd18f307f2ea7cf56820308e4f49804ce386477dc038b36d62a33a55ae44bf29
fd281585ca3ab1f985a357ef1345b8fbf3e21d4cede3edf85602342ab56c5706
fd7b79d17db059b195de500702a5cce9473d33427fb4e1f2e440667dcd3c8010
fe0a2abfe223d36ff3e251c34c2675171f4203487c66798b63cac1cfb1a893e7
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
fff2fb3fd30933844b8bfa78287698b8cd361b49a9ffc4cb5af8f1b9528c8694