horoskop.star.ovh Open in urlscan Pro
193.200.238.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://horoskop.star.ovh/
Submission: On December 12 via api (December 12th 2023, 8:04:55 am UTC) from NL — Scanned from NO

Summary HTTP 153 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 153 HTTP transactions. The main IP is 193.200.238.10, located in Sandefjord, Norway and belongs to TERRAHOST, NO. The main domain is horoskop.star.ovh.

This is the only time horoskop.star.ovh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	193.200.238.10 193.200.238.10	56655 (TERRAHOST) (TERRAHOST)
20	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5 18	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
70	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
10	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
153	9

24 193.200.238.10 (Sandefjord, Norway)

ASN56655 (TERRAHOST, NO)

horoskop.star.ovh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

70 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	973 KB
24	star.ovh horoskop.star.ovh	638 KB
18	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	208 KB
10	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
10	gstatic.com www.gstatic.com	101 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	321 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
153	7

	Domain	Requested by
70	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com horoskop.star.ovh pagead2.googlesyndication.com
24	horoskop.star.ovh	horoskop.star.ovh
20	pagead2.googlesyndication.com	horoskop.star.ovh pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com www.googletagservices.com
18	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.googleadservices.com	horoskop.star.ovh googleads.g.doubleclick.net
10	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
153	8

This site contains links to these domains. Also see Links.

Domain
horoskop.kik.ovh
horoskop.tex.ovh
horoskop.nett.ovh
www.cmsimple.org
www.ge-webdesign.de
en.wikipedia.org

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 21 frames:

Primary Page: http://horoskop.star.ovh/
Frame ID: A0C56E4F6BAA13E83B9712C3049413DB
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: EDB89FE8677EC1002E05756C45F560D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=280&slotname=9847469755&adk=1561338862&adf=3516689658&pi=t.ma~as.9847469755&w=550&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=550x280&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1702368290252&bpp=4&bdt=436&idt=524&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=7351502517889&frm=20&pv=2&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=525&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=536
Frame ID: 71F8F0EB1F7DE997472270FDBE6A03A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=280&slotname=3351789313&adk=2316960821&adf=1441513143&pi=t.ma~as.3351789313&w=336&lmt=1702368290&format=336x280&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&wgl=1&dt=1702368290261&bpp=2&bdt=444&idt=536&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=538
Frame ID: 612EF62B4F85991CF4E93B330F72A45F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538
Frame ID: 528F6C334D0B4F575412C8649CE9010C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546
Frame ID: 98DFE3C39C273AD8DCE596BCAC9C145E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=2005768432&adf=4125268766&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290272&bpp=1&bdt=455&idt=545&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=548
Frame ID: 895BC70DFD3BC08EF61908C15947CC67
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&adk=293675617&adf=814277786&lmt=1702368290&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1702368290282&bpp=1&bdt=465&idt=540&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600%2C250x600%2C250x600&nras=1&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&dtd=548
Frame ID: C03F7B8C772C1A489D96158C1B7CC964
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 26CEEAAF2048E15798139C9F05598B72
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 58454CBFA24BA89111B8516A00053A8A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B606F6AC9CE4E51CBE0BB11D64651DBD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
Frame ID: A964F37473A0D7FE58E6178225E42739
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5E36301A36EB331F06ABB15FAADF38AD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 201271BBE6C3D05FF42BC35DEA01B0BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5862489B3B615DCF3BEFDD5735CBC59A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 60B74BC7B04233234DDE17632430BC31
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 6BBCFBA00A3BDD3F0F63659176537F1F
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
Frame ID: 3B099943C529B148BBBA9CC1EA34A7DE
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 320B3EA0F081E12BA06B9069C632FBEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F83F5EE240BC0225777FE992C451E82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 23E388DAB3F51EBC9C1D9AA185519A98
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Horoskop. Stjärntecken. 2024 årshoroskop gratis - Home

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

153
Requests

80 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2242 kB
Transfer

4970 kB
Size

6
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://horoskop.kik.ovh/
Title: Gratis årshoroskop 2024

Search URL Search Domain Scan URL

URL: http://horoskop.tex.ovh/
Title: Gratis 2024 årshoroskop

Search URL Search Domain Scan URL

URL: http://horoskop.nett.ovh/
Title: Stjernetegn 2024 Tyr Vær

Search URL Search Domain Scan URL

URL: http://www.cmsimple.org/
Title: CMSimple

Search URL Search Domain Scan URL

URL: http://www.ge-webdesign.de/
Title: ge-webdesign.de

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/HTTP_cookie
Title: More Information »

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 65

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CLe_6IhR4ZeSeNfGI9fgPsLW36A2929usc6zzyMjhEdOpnLCrDxABILb92QNgwwSgAdDxq6MoyAEDqQJHOaabtg-yPqgDAcgDyQSqBM4BT9A54JYEHU68lEbPsbFpsaMTBtBhh7sFqAQDAyBsRMQO4t2zmKsx0lTPLqfBs_6GX7U3cWbswTM3Ab-mKUXHP_Hs2oZx4xNXI73AX7TvgnDDmvirzZcwuSoFMn800LlnVstlGmZ3CDqXq1l4BkaRRbGC8fhrXeKaC5nciF_vh4rfic4vzyc55znRiT2U7pkOTvd6rn7tZNS2_B7KC--fjliivjMjnT1LeMtkwRjtIH2c8rQptCD9h_Byj5zXtMNbv9VARDbQ419Gk7eWkDLABN3UmamuBIgFy7Oz9UuSBQQIBBgBkgUECAUYBKAGA4AH0Kn8ggOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC4qAbSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJKDhIq4iYMDmgk-aHR0cHM6Ly9scC5hbGwtdW5pdmVyc2UuY29tLzI2MTgxMS9OTz9rZXk9Zmh4bHQzZ2JzeHRmeGc2MXhzdGuACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIwNzQwODU5NzE2Njg5NzgYAA&sigh=QvKlVtDMqQU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNyiAJRnD_pV1N5lkeWVkVnnwv6Q8B-jShgBEo9ookdmSiwEGTynLYyEDBbRqhQwVzOXZeJEHQoPNIgJskh2My7uq2Isdqc7SCRxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210366553512113967688%22,%22debug_reporting%22:true,%22destination%22:%22https://all-universe.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210811537616%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211271223555732498049%22}&andc=true

Request Chain 74

https://googleads.g.doubleclick.net/pagead/adview?ai=CJoDyIhR4Zbv_NPGI9fgPsLW36A3qv6q6c_bKlPmbEr_hHhABILb92QNgwwSgAYeDv_cDyAECqAMByAPJBKoEygFP0FFhhCIWpQ3QYFIYhQAPxak1TQLXJvZMRrnNL8bTVXUi0r23WzLCqrzpu7_XOPlf9C-jbAsSRrJsWcD8-jJHri9GjdgVRZrqeD8COcSeLqk3HVaJpGscB2wpsi0L7DXsR-wZIixM_5jW8yPoNFj68SAGKkEu7xMXagBYy8l0C9vnxJoc2iv3hvPpRBpW1iVpKRVgtFe8b4BLjh1pbhIZ9RRhRiK5UDuGcj3yhacNIXoZQCS6hTv6SDt44TsVhiJfIBoStldGyicIwASWqsOuywSIBYmcorpJkgUECAQYAZIFBAgFGASgBgKAB8ic5IoEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQq9kL0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliFz4OKuImDA5oJpgFodHRwczovL3d3dy5saWdodGludGhlYm94LmNvbS9jL3dvbWVuLXMtdG9wc180NzEyP3BybT0xLjIuNTEuMCZ0b3BfcGlkPTk3MjQxNTUsOTcyNzIxOSw5NzI3MTg4LDk3Mjk3MDksOTcyNzIxMiw5NzI5NzUzLDk3MjcxODYsOTcyOTQzMSw5NzI3MTgyLDk3Mjk0NDUsOTcyNDI1MSw5NzI0MzU4gAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMjA3NDA4NTk3MTY2ODk3OBgA&sigh=ZlqYrTs--Qw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNWcRH7v5I3rQ5dTPo5MO7cij4Na7t98Gq3-JjUqmAev-fe8fD75Zl1OQtqTCSuIvsRsUro0LWSCNd63EZkIiEVmbmBVBKsrBpyokYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22499656122859946668%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216499563441966046417%22}&andc=true

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=CI_UPIhR4ZYb9NPyv9fgPqKWf2AGN67bfdK27oqH9Eb_hHhABILb92QNgwwSgAYeDv_cDyAECqAMByAPJBKoE0AFP0Gbjc5GRSiYcARhiSgiWae6Ubx_iahgeT38zyU1HsXD-oeoA4nChtagLYqwsGMFB8uVbLS56MGJJK96xdiI4SnRMjporBlb_tKDc5UMUzVWHO53dzLrSjMBNV8vzAGpLz_q-PPVz0tj9teUiBgDjewgXRu7NUWg-0TRpcvLJ3kx4xMYHk-o8Sqmsdd8_Gh9_v9xucviSxiKlSZs5yGp5IuIWe6TJAX3cuWekeGf0JPn2c4QMJUoMg89uY2mU9-UynK9cpueHJ1ZVUz0SoedZwASXktnMzwSIBYySuZ1NkgUECAQYAZIFBAgFGASgBgKAB9_xzYkEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQpdsI0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljI4IOKuImDA5oJxgFodHRwczovL3d3dy5saWdodGludGhlYm94LmNvbS9jL3dvbWVuLXMtdG9wc180NzEyP3BybT0xLjIuNTEuMCZ0b3BfcGlkPTk3MjQxNTUsOTcyNzIxOSw5NzI3MTg4LDk3Mjk3MDksOTcyNzIxMiw5NzI5NzUzLDk3MjcxODYsOTcyOTQzMSw5NzI3MTgyLDk3Mjk0NDUsOTcyNDI1MSw5NzI0MzU4LDk3NDMyMTMsOTc0MzI3NCw5NzQzMjExLDk3MjcxODWACgHICwGiDBAqDgoM5LSxAu61sQK1uLEC2BMM0BUBgBcBshccChoIABIUcHViLTIwNzQwODU5NzE2Njg5NzgYAA&sigh=guzBTXfCkVo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNB1kEIA2AyaFfaTWz69mTqps39-uMmxa-1gMt8KNj_S88XcabwYOkIF3919jt1YtZ09OoELKUW7pesFkUwlN2-pMXdvK2yjHMS-cYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225352046482485297142%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225411347580211630065%22}&andc=true

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CFZkQIhR4ZY7-M5mZlgTgupX4BfyaqKBzq4mW_7wRhrP02o4OEAEgtv3ZA2DDBKABoZXy7QLIAQmpAkc5ppu2D7I-qAMByANIqgTUAU_QqUj0jqvM8cszEp7PQrPV0w50yDDeEMZCYMs72CfOlro_4Teg0zbCqX7_bF3hMPUVrKyrQa42U9BXqakQa5eCwZ6IUWWVWrd_1Vo2KLCeY5YZd8RhgObbnjMd5wU3nRMJEirl8Go3XToLB9DhPHJVpG8dorcCzWlohua2cXS-19AYFoIxpqB9UylWyeNWyXmCkc3argtVWZlIhME9f8zmkLES3sX5JCJVRlxXqLowNNVwELH-IpjcbKNzeD2nj470JXz25R2_ZVq8PpoTgjvMjpRowASP857HrASIBd-Jx9lLkgUECAQYAZIFBAgFGASgBi6AB8fqjZIBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiuMY0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlii4YKKuImDA5oJPWh0dHBzOi8vcXVpei5iZXR0ZXJtZS53b3JsZC9lbi9maXJzdC1wYWdlLWdlbmVyYXRlZD9mbG93PTE1NTOACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIwNzQwODU5NzE2Njg5NzgYAA&sigh=OtwF3cnI4U4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNCXneQ8kqjbA8sx2OlTsl8SxoFcBJgW8Tj6wa8-MMiR1TOD80ikyTxNWXtHK4s7qHSUlc7l1NCXyS2a7b86BulxwEPbH0HeQ16BEYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214862483127777810293%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224498211738190156305%22}&andc=true

Request Chain 118

https://googleads.g.doubleclick.net/pagead/adview?ai=C3rNyIhR4ZfTBM8S09fgPr4mB0Ar8mqigc6uJlv-8EYaz9NqODhABILb92QNgwwSgAaGV8u0CyAEJqQJHOaabtg-yPqgDAcgDSKoE0QFP0MD9ojUlRN-1ov4HlAj0Gxh3MH2_Eg3xGcry3JpehzhDpA9snfZcrMZOWpG5GkFUu9kRBh7EfCNM1VAijZ_DToj1HKiofuusVPf8OyxC6YCqh9SerW9gJR3Mrkub15k8LL7V2iJu64CGrMjuvXIbPFFDNurdMlhfEHrYCYGm2yg5WhIhmuHvCq2MRJXTvEklrwIEHzY5aplcAuMD3JECNZ2loNqMYQXLe1NkYNayE-DPSqQb5XWbPqp-Lsb-9yz5Af47z-NfLTiJo4KYduEvPcAEj_Oex6wEiAXficfZS5IFBAgEGAGSBQQIBRgEoAYugAfH6o2SAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKjRPdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY_qGCiriJgwOaCT1odHRwczovL3F1aXouYmV0dGVybWUud29ybGQvZW4vZmlyc3QtcGFnZS1nZW5lcmF0ZWQ_Zmxvdz0xNTUzgAoByAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTIwNzQwODU5NzE2Njg5NzgYAA&sigh=sr74ZL-dXG0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNTEsaA3yvhZv0aR6NZNWvlhcVJnAUJQbddJmM9BhuyBE7AteF8dkd-iYxBcDg6B4du6l3TBJzzffyYzjzFk1GCc0iDSENl_dQxBgB&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222709529033434016554%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213892781950107607665%22}&andc=true

153 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
horoskop.star.ovh/ 10 KB
3 KB 126ms
60ms Document
text/html 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 681b5bc99c4d4781d194ec558562caf08908b0c5fb2ac02e2723ea085400880d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3177
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Dec 2023 08:04:49 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK core.css
horoskop.star.ovh/css/ 21 KB
4 KB 51ms
48ms Stylesheet
text/css 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/css/core.css
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: c49139b2f3dca84fb5081d37ab232c1bc2ce27191f41c6fd5b0c8dfc80a863fd

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:19:54 GMT
Server: Apache
ETag: "5371-58a2900b97680-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3991

GET
H/1.1 200
OK stylesheet.css
horoskop.star.ovh/templates/wave3cols/ 12 KB
3 KB 97ms
48ms Stylesheet
text/css 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 581300624230364831f6ed085b746d6d658f788a1e41a3a7df984e06ed626b8b

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:22:06 GMT
Server: Apache
ETag: "3007-58a2908979f80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2831

GET
H/1.1 200
OK jqueryui.css
horoskop.star.ovh/plugins/jquery/lib/jquery_ui/css/smoothness/ 36 KB
9 KB 99ms
50ms Stylesheet
text/css 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/plugins/jquery/lib/jquery_ui/css/smoothness/jqueryui.css
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: a7ac54f58ba507b13621ceb6fcf5fe879f5ac9bdcf049d16153110c6ad048c7c

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:21:48 GMT
Server: Apache
ETag: "91ce-58a290784f700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8683

GET
H/1.1 200
OK jquery_3-0-0_min.js Show response
horoskop.star.ovh/plugins/jquery/lib/jquery/ 84 KB
30 KB 104ms
56ms Script
application/javascript 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/plugins/jquery/lib/jquery/jquery_3-0-0_min.js
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:20:51 GMT
Server: Apache
ETag: "15144-58a29041f36c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30002

GET
H/1.1 200
OK stylesheet.css
horoskop.star.ovh/plugins/convert_h1split/css/ 831 B
656 B 98ms
50ms Stylesheet
text/css 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/plugins/convert_h1split/css/stylesheet.css
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 9baf1f446eccb1da25838ac9094da97b19d76ffa552495fa65a41f10240a8f0c

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:20:12 GMT
Server: Apache
ETag: "33f-58a2901cc1f00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 336

GET
H/1.1 200
OK jquery-ui_1-12-1.min.js Show response
horoskop.star.ovh/plugins/jquery/lib/jquery_ui/ 248 KB
67 KB 112ms
64ms Script
application/javascript 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/plugins/jquery/lib/jquery_ui/jquery-ui_1-12-1.min.js
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:20:57 GMT
Server: Apache
ETag: "3dee5-58a29047ac440-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK stylesheet.css
horoskop.star.ovh/plugins/cookielaw/css/ 2 KB
818 B 99ms
53ms Stylesheet
text/css 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/plugins/cookielaw/css/stylesheet.css
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 2486aebac21c42829c4cf61b903cf9942c3fc7dc710e49b54261087a1e0b1864

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:20:14 GMT
Server: Apache
ETag: "619-58a2901eaa380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 499

GET
H/1.1 200
OK smoothscroll.js Show response
horoskop.star.ovh/templates/wave3cols/templatefuncs/scripts/ 5 KB
2 KB 146ms
48ms Script
application/javascript 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/templates/wave3cols/templatefuncs/scripts/smoothscroll.js
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 3fd5d641a8ce8e92f4de4c414b38cb236b06f5d9b7bee3532d7db4c92d413cad

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:23:42 GMT
Server: Apache
ETag: "125e-58a290e507780-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1748

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
54 KB 195ms
120ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14e5ba2319928ebaa2b1746e528d3b635c3724d95189258bc916e1474fc84a12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54447
X-XSS-Protection: 0
Server: cafe
ETag: 12495834216330093401
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin: *
Expires: Tue, 12 Dec 2023 08:04:49 GMT

GET
H/1.1 200
OK top.gif
horoskop.star.ovh/templates/wave3cols/images/ 67 B
333 B 50ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/top.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: e75a7d551a9925bf5d57394cca15cc1584d3f24cdc1602029a8ddaadf0645789

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Last-Modified: Fri, 31 May 2019 06:22:58 GMT
Server: Apache
ETag: "43-58a290bb11480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 67

GET
H/1.1 200
OK next.gif
horoskop.star.ovh/templates/wave3cols/images/ 67 B
333 B 50ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/next.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 1e5a27172def568641fab0ef294d880a5dae5e2362b77488587148fd84b176ab

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Last-Modified: Fri, 31 May 2019 06:22:58 GMT
Server: Apache
ETag: "43-58a290bb11480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 67

GET
H/1.1 200
OK homelink.gif
horoskop.star.ovh/templates/wave3cols/templatefuncs/icons/ 1 KB
2 KB 48ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/templatefuncs/icons/homelink.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 1aa3c474d6095a7d81fa2e7c60e9b1e918a4dfd38661d8f777046fb24d3c9f6b

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Last-Modified: Fri, 31 May 2019 06:23:40 GMT
Server: Apache
ETag: "578-58a290e31f300"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1400

GET
H/1.1 200
OK printlink.gif
horoskop.star.ovh/templates/wave3cols/templatefuncs/icons/ 1 KB
1 KB 49ms
49ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/templatefuncs/icons/printlink.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 65c1f8aa08c804428a006d001b4983af1b1368f5342ba62fb37c481af17ae588

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:49 GMT
Last-Modified: Fri, 31 May 2019 06:23:41 GMT
Server: Apache
ETag: "48f-58a290e413540"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1167

GET
H/1.1 200
OK sitemaplink.gif
horoskop.star.ovh/templates/wave3cols/templatefuncs/icons/ 1 KB
1 KB 48ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/templatefuncs/icons/sitemaplink.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: a5e04b1b81bc0c8f4d3a23346f8c32a8db05c46f368568f8467827d270fcb1d0

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:23:41 GMT
Server: Apache
ETag: "44c-58a290e413540"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1100

GET
H/1.1 200
OK scrolltoTop.gif
horoskop.star.ovh/templates/wave3cols/images/ 872 B
1 KB 48ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/scrolltoTop.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 30796d59f425f1f8ff5fa0b4032b79c2250f49980079674e184ea2a9107f1c96

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:58 GMT
Server: Apache
ETag: "368-58a290bb11480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 872

GET
H/1.1 200
OK contentlink.gif
horoskop.star.ovh/templates/wave3cols/images/ 169 B
436 B 49ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/contentlink.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: fbc35df9ae212dd1c8c26da489bc308f9bdb2e63cce350d5119401a943f7a6f8

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:57 GMT
Server: Apache
ETag: "a9-58a290ba1d240"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 169

GET
H/1.1 200
OK newslink.gif
horoskop.star.ovh/templates/wave3cols/images/ 874 B
1 KB 49ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/newslink.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 030bc64c657b1b60f7503b9eb7e5737823a84e5ce0e9c32ee5d4d7ce6327d7a4

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:58 GMT
Server: Apache
ETag: "36a-58a290bb11480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 874

GET
H/1.1 200
OK menulink.gif
horoskop.star.ovh/templates/wave3cols/images/ 868 B
1 KB 49ms
48ms Image
image/gif 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/menulink.gif
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 43c54f1ea7f2015853e4d44ba5287235e1cbd3dfdf6075c3f24b3316d18b38fe

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:58 GMT
Server: Apache
ETag: "364-58a290bb11480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 868

GET
H/1.1 200
OK cookielawhint.js Show response
horoskop.star.ovh/plugins/cookielaw/source/ 7 KB
3 KB 49ms
48ms Script
application/javascript 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/plugins/cookielaw/source/cookielawhint.js
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 245535931e8cc880bf7f64beaea0978b2d6b22b8a307d5ee8e34661f7d50a934

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2019 06:20:16 GMT
Server: Apache
ETag: "1b57-58a2902092800-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3034

GET
H/1.1 200
OK bgmain.jpg
horoskop.star.ovh/templates/wave3cols/images/ 37 KB
37 KB 90ms
48ms Image
image/jpeg 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/bgmain.jpg
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 0f3d738f768dd8775ec7e6a5d6d7bbfcfb5eb53d4d00db6caf7a6c7c787f9c6f

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:57 GMT
Server: Apache
ETag: "948c-58a290ba1d240"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 38028

GET
H/1.1 200
OK AmaticSC-Bold.ttf
horoskop.star.ovh/templates/wave3cols/fonts/ 153 KB
153 KB 71ms
48ms Font
application/font-sfnt 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/templates/wave3cols/fonts/AmaticSC-Bold.ttf
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: d367beadee66efbb657d24d3d8f30f3b60633e9d5c8ded7385541cf775cabb4d

Request headers

Referer: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Origin: http://horoskop.star.ovh
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:50 GMT
Server: Apache
ETag: "26214-58a290b370280"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 156180

GET
H/1.1 200
OK RobotoCondensed-Regular.ttf
horoskop.star.ovh/templates/wave3cols/fonts/ 158 KB
158 KB 72ms
48ms Font
application/font-sfnt 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/templates/wave3cols/fonts/RobotoCondensed-Regular.ttf
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: d5cbe10cfb954e6d580525bd05536b21447ce29ab8a84e21da8a58b588190326

Request headers

Referer: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Origin: http://horoskop.star.ovh
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:56 GMT
Server: Apache
ETag: "276f4-58a290b929000"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 161524

GET
H/1.1 200
OK RobotoCondensed-Light.ttf
horoskop.star.ovh/templates/wave3cols/fonts/ 157 KB
157 KB 96ms
48ms Font
application/font-sfnt 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to

Full URL: http://horoskop.star.ovh/templates/wave3cols/fonts/RobotoCondensed-Light.ttf
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: 3c8dc0ab1183367c5628994f0896958a9f42fd58f4d4d2c3b0e63ffa3beaebe1

Request headers

Referer: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Origin: http://horoskop.star.ovh
accept-language: no-NO,no;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:53 GMT
Server: Apache
ETag: "273ec-58a290b64c940"
Content-Type: application/font-sfnt
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 160748

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame EDB8 9 KB
4 KB 236ms
73ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 31557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Mon, 25 Dec 2023 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ 399 KB
135 KB 308ms
147ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2074085971668978&plah=horoskop.star.ovh&bust=31080064

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d38b1bfa56a9f68b32e544e6be50b54c64084242b235e0a15549df6f217843bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137986
x-xss-protection: 0
server: cafe
etag: 9618094619208454675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:04:50 GMT

GET
H/1.1 200
OK lupe2.png
horoskop.star.ovh/templates/wave3cols/images/ 726 B
994 B 48ms
48ms Image
image/png 193.200.238.10
TERRAHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://horoskop.star.ovh/templates/wave3cols/images/lupe2.png
Requested by: Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
Protocol: HTTP/1.1
Server: 193.200.238.10 Sandefjord, Norway, ASN56655 (TERRAHOST, NO),
Reverse DNS
Software: Apache /
Resource Hash: fc846187b2540e202c5937b6ebc125189468acca29bbf18c898f17e5e9efd103

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/templates/wave3cols/stylesheet.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Tue, 12 Dec 2023 08:04:50 GMT
Last-Modified: Fri, 31 May 2019 06:22:57 GMT
Server: Apache
ETag: "2d6-58a290ba1d240"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 726

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71F8 148 KB
42 KB 1832ms
1831ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=280&slotname=9847469755&adk=1561338862&adf=3516689658&pi=t.ma~as.9847469755&w=550&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=550x280&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1702368290252&bpp=4&bdt=436&idt=524&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=7351502517889&frm=20&pv=2&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=525&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=536

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2074085971668978&plah=horoskop.star.ovh&bust=31080064

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cb75b591d376e294b630aa436c78dd2e3b9cb1fe33ccd978d2c2732ae4fcb62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:52 GMT
expires: Tue, 12 Dec 2023 08:04:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 612E 128 KB
41 KB 682ms
682ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=280&slotname=3351789313&adk=2316960821&adf=1441513143&pi=t.ma~as.3351789313&w=336&lmt=1702368290&format=336x280&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&wgl=1&dt=1702368290261&bpp=2&bdt=444&idt=536&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f4b914fae9958398438ec343dac52a51f32416d3ecde35a3617d8ca625b897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41575
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 528F 103 KB
38 KB 714ms
714ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

087b22efc325db917617951a6d087c3213427dc3ec2509b4c2521de8d416f96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39098
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98DF 103 KB
39 KB 745ms
745ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56a3289e69862b27afe3f8235bde3d7c5c985f266bacf4d4d5b53759c7fb1132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39252
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 895B 102 KB
38 KB 482ms
481ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=2005768432&adf=4125268766&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290272&bpp=1&bdt=455&idt=545&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=548

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b2c83a1a8dadced54e4af553499e04dc225e65a6c2d9d8b20f8f7fedf24f2d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38726
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C03F 11 KB
5 KB 760ms
760ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&adk=293675617&adf=814277786&lmt=1702368290&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&dt=1702368290282&bpp=1&bdt=465&idt=540&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600%2C250x600%2C250x600&nras=1&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&dtd=548

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

942d0920308459d8b9c0470cf999c91eee40a5d983f93c918b08fa29ac50f726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4541
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 112ms
111ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=cookielawHinttop&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4730529842308030797
tpc.googlesyndication.com/simgad/ Frame 895B 67 KB
68 KB 323ms
167ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4730529842308030797

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=2005768432&adf=4125268766&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290272&bpp=1&bdt=455&idt=545&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=548

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39336ec43f605dffbfb9b87851d190b61ffdc9d3a7a066fd86c91dcedc87a9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 10:14:18 GMT
x-content-type-options: nosniff
age: 78633
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68799
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 15:40:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 10:14:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 895B 24 KB
9 KB 233ms
86ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:13:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26CE 143 B
166 B 74ms
73ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=2005768432&adf=4125268766&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290272&bpp=1&bdt=455&idt=545&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=1027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=548
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 1587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 07:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 895B 3 KB
1 KB 245ms
101ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 895B 20 KB
9 KB 221ms
77ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 895B 203 KB
64 KB 408ms
226ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:04:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 895B 36 KB
15 KB 290ms
148ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:46:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 26CE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

82ms
82ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 612E 9 KB
4 KB 248ms
89ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=280&slotname=3351789313&adk=2316960821&adf=1441513143&pi=t.ma~as.3351789313&w=336&lmt=1702368290&format=336x280&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&wgl=1&dt=1702368290261&bpp=2&bdt=444&idt=536&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=632&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 01:04:19 GMT

GET
H2 200 f3d12415f986ed3504122551351bc1d0.js Show response
www.gstatic.com/mysidia/ Frame 612E 42 KB
16 KB 251ms
92ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16637
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 07:10:35 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 612E 2 KB
822 B 77ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:43 GMT

GET
H2 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame 612E 23 KB
10 KB 216ms
77ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 00:46:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 612E 24 KB
9 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:13:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 612E 3 KB
1 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 612E 20 KB
8 KB 237ms
236ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 612E 203 KB
65 KB 107ms
91ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:04:51 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 612E 37 KB
15 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 13:56:43 GMT

GET
H2 200 6351029332044767005
tpc.googlesyndication.com/simgad/ Frame 528F 96 KB
96 KB 217ms
216ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6351029332044767005?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnw9OaeWsb8P8ib1XIRIXisA_i6xA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4048900b24773038c04b565cedd3d971dbebe92e8dff8263b97b843c1e21caa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:21:09 GMT
x-content-type-options: nosniff
age: 2622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98416
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 02:24:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 07:21:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 528F 24 KB
9 KB 284ms
284ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:13:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5845 143 B
166 B 74ms
73ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 1587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 07:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 528F 3 KB
1 KB 286ms
285ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 528F 20 KB
8 KB 277ms
276ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 528F 203 KB
64 KB 230ms
229ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:04:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 528F 36 KB
15 KB 276ms
276ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:46:44 GMT

GET
H2 200 12068603282210018446
tpc.googlesyndication.com/simgad/ Frame 98DF 96 KB
96 KB 259ms
258ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12068603282210018446?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qksJQZ0mbgt3tST1J2Ryp9DESYUMQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4048900b24773038c04b565cedd3d971dbebe92e8dff8263b97b843c1e21caa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:56:41 GMT
x-content-type-options: nosniff
age: 284890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98416
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 02:13:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 00:56:41 GMT

GET
DATA 200
OK truncated
/ Frame 895B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be773ad55386ccbd669bc43b8cef0191b789b9fe3a5f708287b522e31ac1b44e

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 98DF 24 KB
9 KB 281ms
281ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:13:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B606 143 B
166 B 73ms
73ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

age: 1587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 07:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98DF 3 KB
1 KB 286ms
285ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29763
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98DF 20 KB
8 KB 283ms
283ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 98DF 203 KB
64 KB 262ms
262ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:04:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 98DF 36 KB
15 KB 286ms
285ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:46:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5845
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

82ms
81ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B606
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

91ms
89ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
expires: Tue, 12 Dec 2023 08:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 176 KB
25 KB 78ms
78ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d37569b85c91fdcae0e5a9e61f3a68000f7f646d18ba0bbb1ce9c146a8baf6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 27996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25126
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 00:18:15 GMT
expires: Wed, 11 Dec 2024 00:18:15 GMT
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 612E 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25da022d5a69a13fac87c74e98e54486d56067591680b5002056e3c95b6ddcac

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 528F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f543cdb51fa320a05d87a2cc8dad3e7d3eb6da4ea2ea055df28c429ce93091d

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A964 16 KB
6 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:44:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 19:44:02 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A964 34 KB
13 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:43:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 895B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CLe_6IhR4ZeSeNfGI9fgPsLW36A2929usc6zzyMjhEdOpnLCrDxABILb92QNgwwSgAdDxq6MoyAEDqQJHOaabtg-yPqgDAcgDyQSqBM4BT9A54JYEHU68lEbPsbFpsaMTBtBhh7sFqAQDAyB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210366553512113967688%22,%22debug_reporting%22:true,%22destination%22:%22https://all-universe.com%22,%22event_report_window...

0
0

264ms
112ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210366553512113967688%22,%22debug_reporting%22:true,%22destination%22:%22https://all-universe.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210811537616%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211271223555732498049%22}&andc=true

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10366553512113967688","debug_reporting":true,"destination":"https://all-universe.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10811537616"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"11271223555732498049"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:04:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10366553512113967688","debug_reporting":true,"destination":"https://all-universe.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10811537616"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"11271223555732498049"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 98DF 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02eada3aaa07359e52c6ec99338464dc920ff5385a667756d177319ec7064e41

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 528F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJoDyIhR4Zbv_NPGI9fgPsLW36A3qv6q6c_bKlPmbEr_hHhABILb92QNgwwSgAYeDv_cDyAECqAMByAPJBKoEygFP0FFhhCIWpQ3QYFIYhQAPxak1TQLXJvZMRrnNL8bTVXUi0r23WzLCqrz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22499656122859946668%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%...

0
0

260ms
109ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22499656122859946668%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216499563441966046417%22}&andc=true

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"499656122859946668","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"16499563441966046417"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:04:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"499656122859946668","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"16499563441966046417"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E36 51 KB
19 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2012 51 KB
19 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9172386952&adk=3374909718&adf=81514000&pi=t.ma~as.9172386952&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1702368290266&bpp=2&bdt=450&idt=535&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1125&ady=279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=538

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 98DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CI_UPIhR4ZYb9NPyv9fgPqKWf2AGN67bfdK27oqH9Eb_hHhABILb92QNgwwSgAYeDv_cDyAECqAMByAPJBKoE0AFP0Gbjc5GRSiYcARhiSgiWae6Ubx_iahgeT38zyU1HsXD-oeoA4nChtag...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225352046482485297142%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window...

0
0

259ms
109ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225352046482485297142%22,%22debug_reporting%22:true,%22destination%22:%22https://lightinthebox.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221055900039%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225411347580211630065%22}&andc=true

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5352046482485297142","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"5411347580211630065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:04:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5352046482485297142","debug_reporting":true,"destination":"https://lightinthebox.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1055900039"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"5411347580211630065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5862 51 KB
19 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=600&slotname=9847469755&adk=3553712189&adf=3011809332&pi=t.ma~as.9847469755&w=250&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=250x600&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1702368290269&bpp=3&bdt=452&idt=544&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&prev_fmts=550x280%2C336x280%2C250x600&correlator=7351502517889&frm=20&pv=1&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 612E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFZkQIhR4ZY7-M5mZlgTgupX4BfyaqKBzq4mW_7wRhrP02o4OEAEgtv3ZA2DDBKABoZXy7QLIAQmpAkc5ppu2D7I-qAMByANIqgTUAU_QqUj0jqvM8cszEp7PQrPV0w50yDDeEMZCYMs72Cf...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214862483127777810293%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%2...

0
0

262ms
111ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214862483127777810293%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224498211738190156305%22}&andc=true

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14862483127777810293","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"4498211738190156305"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:04:52 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14862483127777810293","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"4498211738190156305"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 60B7 51 KB
19 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame A964 51 KB
19 KB 119ms
119ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3 200 foot-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 329 B
357 B 77ms
77ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/foot-green.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce802e6924c902fd8d795383e5ac836efb35bc63b0cfbd618e916fea2b202f4f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 03:44:37 GMT
x-content-type-options: nosniff
age: 15615
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 03:44:37 GMT

GET
H3 200 title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 5 KB
5 KB 84ms
81ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/title.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

019e38190a5fb2619b7dcc21e21d85f7071171fac479482c584f5ac271b12aa4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 09 Dec 2023 20:49:13 GMT
x-content-type-options: nosniff
age: 213339
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 20:49:13 GMT

GET
H3 200 hand-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 335 B
366 B 115ms
112ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/hand-green.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21856d22200ba9456f1ee6a25600e1b41d0b694a81728f50ef2ed464cc3570f1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 09:59:23 GMT
x-content-type-options: nosniff
age: 79529
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 09:59:23 GMT

GET
H3 200 body-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 2 KB
2 KB 116ms
113ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-green.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9660ef4b8c234ceebaa022518c0111d07b348fc849e1bfe158effd3bcd732b59

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 06:23:19 GMT
x-content-type-options: nosniff
age: 6093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2027
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 06:23:19 GMT

GET
H3 200 arm-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 414 B
448 B 120ms
117ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/arm-green.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5377da9ddf989177412092159ee8831b099ac2af348e3f85ccad1d7f97a4265

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 07:33:23 GMT
x-content-type-options: nosniff
age: 1889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 07:33:23 GMT

GET
H3 200 05.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 7 KB
7 KB 102ms
100ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/05.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

709870c2291338494613bf05820b556cd9924694c7e4be9f96833714acc49993

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 00:02:28 GMT
x-content-type-options: nosniff
age: 115344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7357
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 00:02:28 GMT

GET
H3 200 body-pink.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 2 KB
2 KB 113ms
111ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-pink.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b917a06b7efdded4397602608eb59fba976a47fe2f3ca057b7556b4979df81a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 21:53:16 GMT
x-content-type-options: nosniff
age: 36696
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1968
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 21:53:16 GMT

GET
H3 200 04.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 8 KB
8 KB 91ms
88ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/04.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2d802630d73ec662fe89ce86b5b4d461076ae52fdd23b927aa0a0717f314cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 06:48:17 GMT
x-content-type-options: nosniff
age: 4595
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 06:48:17 GMT

GET
H3 200 arm-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 591 B
620 B 90ms
87ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/arm-blue.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

083bb42c3edd917e4eb0a7d5aff8e0fd5b7ff7feabeb63dddf48880315e85892

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 02:40:05 GMT
x-content-type-options: nosniff
age: 19487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 591
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 02:40:05 GMT

GET
H3 200 foot-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 794 B
822 B 87ms
85ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/foot-blue.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678ead050d67f081b56d2b8a637810f37f9a76c4d163aba1bf977d88a24392f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 18:47:46 GMT
x-content-type-options: nosniff
age: 47826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 18:47:46 GMT

GET
H3 200 leg-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 582 B
610 B 86ms
84ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/leg-blue.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e824eae494f24cfa67d3e6cce333804c785d7e0b4e791156356f6857351876

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 04:12:52 GMT
x-content-type-options: nosniff
age: 13920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 04:12:52 GMT

GET
H3 200 body-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 1 KB
1 KB 153ms
151ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-blue.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74fef464c207cc15e3262c7f2c578d2ba7e448129eec9e5d01deada2b697eb2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 00:02:28 GMT
x-content-type-options: nosniff
age: 115344
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1487
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 00:02:28 GMT

GET
H3 200 03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 9 KB
9 KB 154ms
152ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/03.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2bb9f72da06f614594a2e20c3881deb497747a734369be0670cd843a0bcd14b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 19:57:44 GMT
x-content-type-options: nosniff
age: 43628
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9465
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 19:57:44 GMT

GET
H3 200 hand-violet.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 810 B
847 B 122ms
120ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/hand-violet.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add54a188cf63b064bf700df6d4312b19ca6f6ac04896f6e32ecee0ccc3d99e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 13:57:27 GMT
x-content-type-options: nosniff
age: 65245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 810
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 13:57:27 GMT

GET
H3 200 body-violet.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 2 KB
2 KB 152ms
150ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-violet.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845a651cb5184fe9e60e4cf75e74157623a35089e860e2ea6d6b5de7fa8beb0e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 17:14:55 GMT
x-content-type-options: nosniff
age: 53397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1618
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 17:14:55 GMT

GET
H3 200 02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 10 KB
11 KB 135ms
133ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/02.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c94bbdf563857f7db063af47683b1a3bfe423558a82ebc06275e2a0d8679a18

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 19:01:53 GMT
x-content-type-options: nosniff
age: 46979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10716
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 19:01:53 GMT

GET
H3 200 foot_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 350 B
387 B 151ms
149ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/foot_1.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dce54efea49151e81fa320ee2f25100f7fdf908e138ce36b548638a8671a9d42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 08 Dec 2023 20:58:09 GMT
x-content-type-options: nosniff
age: 299203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 20:58:09 GMT

GET
H3 200 red-body_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 3 KB
3 KB 119ms
117ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/red-body_1.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbba92d544c68cb174fbad7d5e3cecda5873e984b88bfaa073c2cc311ab36f1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 16:56:59 GMT
x-content-type-options: nosniff
age: 54473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2570
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 16:56:59 GMT

GET
H3 200 01_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame A964 9 KB
9 KB 122ms
120ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/01_1.png

Requested by

Host: horoskop.star.ovh
URL: http://horoskop.star.ovh/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949c87693f33ba17ce9ce3a664569886ff0ea5ee24f7875551dce84ca470e1c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 20:06:08 GMT
x-content-type-options: nosniff
age: 43124
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8858
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 20:06:08 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 285ms
106ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:04:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 256ms
108ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:04:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 196ms
108ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:04:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 193ms
106ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:04:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 6BBC 9 KB
4 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2074085971668978&output=html&h=280&slotname=9847469755&adk=1561338862&adf=3516689658&pi=t.ma~as.9847469755&w=550&fwrn=4&fwrnh=100&lmt=1702368290&rafmt=1&format=550x280&url=http%3A%2F%2Fhoroskop.star.ovh%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1702368290252&bpp=4&bdt=436&idt=524&shv=r20231207&mjsv=m202312060101&ptt=9&saldr=aa&abxe=1&correlator=7351502517889&frm=20&pv=2&ga_vid=313513288.1702368291&ga_sid=1702368291&ga_hid=2022195727&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=525&ady=283&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44795921%2C31080064%2C95320884&oid=2&pvsid=1858481086074714&tmod=1947303817&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=536

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 01:04:19 GMT

GET
H3 200 f3d12415f986ed3504122551351bc1d0.js Show response
www.gstatic.com/mysidia/ Frame 6BBC 42 KB
16 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 07:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16637
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 07:10:35 GMT

GET
H3 200 d500f8b303efba9f5ab695bab8da4c89.js Show response
www.gstatic.com/mysidia/ Frame 6BBC 20 KB
8 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:37:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8365
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 11:37:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6BBC 2 KB
835 B 76ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 01:54:43 GMT

GET
H3 200 92da1c8e4790a69c4d76e84ba2e3001c.js Show response
www.gstatic.com/mysidia/ Frame 6BBC 6 KB
2 KB 123ms
121ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2259
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 20:31:18 GMT

GET
H3 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame 6BBC 23 KB
10 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 00:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 00:46:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6BBC 24 KB
9 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:13:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:13:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6BBC 3 KB
1 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29764
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 23:48:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6BBC 20 KB
8 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 20:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 20:42:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BBC 203 KB
64 KB 102ms
100ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65486
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702315402350014"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 08:04:52 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 6BBC 37 KB
15 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 13:56:43 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 176 KB
25 KB 77ms
76ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7d37569b85c91fdcae0e5a9e61f3a68000f7f646d18ba0bbb1ce9c146a8baf6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 27997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 25126
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 00:18:15 GMT
expires: Wed, 11 Dec 2024 00:18:15 GMT
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BBC 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 937c5780f1f433b386a9290f3d54f18aae7ede35224505bb57497e768cbe40fc

Request headers

accept-language: no-NO,no;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6BBC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C3rNyIhR4ZfTBM8S09fgPr4mB0Ar8mqigc6uJlv-8EYaz9NqODhABILb92QNgwwSgAaGV8u0CyAEJqQJHOaabtg-yPqgDAcgDSKoE0QFP0MD9ojUlRN-1ov4HlAj0Gxh3MH2_Eg3xGcry3Jp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222709529033434016554%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22...

0
0

109ms
109ms

Fetch
text/css

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222709529033434016554%22,%22debug_reporting%22:true,%22destination%22:%22https://betterme.world%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22767330977%22],%2222%22:[%22true%22],%224%22:[%2212-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213892781950107607665%22}&andc=true

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2709529033434016554","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"13892781950107607665"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Dec 2023 08:04:53 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2709529033434016554","debug_reporting":true,"destination":"https://betterme.world","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["767330977"],"22":["true"],"4":["12-12"],"6":["true"]},"priority":"500","source_event_id":"13892781950107607665"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B09 16 KB
6 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:44:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 19:44:02 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3B09 34 KB
13 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 23:43:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 12 Dec 2023 23:43:37 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BBC 0
20 B 108ms
108ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoNCAEqCWZ1bGwtc2xvdAokGgxidW5kbGVSb3dLZXkqFDE0MTM2MDY4ODA3NTM1NDgwMjg5CgoIAioGc2VydmVyCg0QKyEAAAAAAAA0QDAECg0QAyEAAACYmWlhQDAECg0QCiEAAAAAMDPTPzAECg0QDSEAAAAAAAAAADAECg0QHioHMzM2eDI4MDAECg0QGSoHMzM2eDI4MDAECg0QDiEAAAAAmZkbQDAECg0QBCEAAADIzFxiQDAECg0QDyEAAAAAwJm5PzAECg0QKyEAAAAAAAA9QDAECg0QBSEAAAAwM2NiQDAECg0QECEAAAAAAAAAADAECg0QESEAAAAAoDf1QDAECg0QEiEAAAAAAAAgQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAAEBlQDAEEhpDUFRhZ29xNGlZTURGVVJhSFFrZHIwUUFxZyIjaHRtbDVfZGlzcGxheV91cGxvYWQvaHRtbDVfZXhpdF9hcGkoPA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 612E 42 B
64 B 255ms
107ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZtDSicZr4F8yIQqqo4uKOwFBJ-CEjGeLcmVfWgcGaNQk__blVVbU2WzgThA_rwrzSQn9k9PISqQA9mkyuVEbkiLKIzyPPKsoMnKTEgxT0PrZ8pDZRl26YYm2_zXIXsWx9RoOKGFsGoRlToSzQIuCEcruN&sai=AMfl-YQpvJTw4azdB8YZbw_qLcjC_uw7sjPBciqpW7uhu6TuQaUKH7UsaLdUJEq93cLqxuVUUc9k2vXMKtOw0o4LY8Co0lsk0cvohqMLBZEBEBgk2uud5ki-fzXKwalq-nw3DJWbz4i2rjhYnVjoG2PmfA&sig=Cg0ArKJSzLOVnzoPjTslEAE&cid=CAQSTwDICaaNCXneQ8kqjbA8sx2OlTsl8SxoFcBJgW8Tj6wa8-MMiR1TOD80ikyTxNWXtHK4s7qHSUlc7l1NCXyS2a7b86BulxwEPbH0HeQ16BEYAQ&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2316960821&rs=2&la=0&cr=0&vs=4&r=v&rst=1702368290800&rpt=1082&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 107ms
106ms Preflight
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 08:04:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 209ms
118ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95817bc0eac1487c1173bc167d7b114a77490b0fbb5633a72d68a4546c4188a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12074
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 320B 51 KB
19 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B09 51 KB
19 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 12:51:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 12:51:06 GMT

GET
H3 200 foot-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 329 B
369 B 76ms
76ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/foot-green.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce802e6924c902fd8d795383e5ac836efb35bc63b0cfbd618e916fea2b202f4f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 03:44:37 GMT
x-content-type-options: nosniff
age: 15616
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 03:44:37 GMT

GET
H3 200 title.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 5 KB
5 KB 79ms
76ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/title.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

019e38190a5fb2619b7dcc21e21d85f7071171fac479482c584f5ac271b12aa4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 09 Dec 2023 20:49:13 GMT
x-content-type-options: nosniff
age: 213340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Dec 2024 20:49:13 GMT

GET
H3 200 hand-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 335 B
372 B 80ms
77ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/hand-green.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21856d22200ba9456f1ee6a25600e1b41d0b694a81728f50ef2ed464cc3570f1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 09:59:23 GMT
x-content-type-options: nosniff
age: 79530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 09:59:23 GMT

GET
H3 200 body-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 2 KB
2 KB 81ms
78ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-green.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9660ef4b8c234ceebaa022518c0111d07b348fc849e1bfe158effd3bcd732b59

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 06:23:19 GMT
x-content-type-options: nosniff
age: 6094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2027
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 06:23:19 GMT

GET
H3 200 arm-green.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 414 B
451 B 86ms
83ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/arm-green.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5377da9ddf989177412092159ee8831b099ac2af348e3f85ccad1d7f97a4265

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 07:33:23 GMT
x-content-type-options: nosniff
age: 1890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 07:33:23 GMT

GET
H3 200 05.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 7 KB
7 KB 87ms
84ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/05.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

709870c2291338494613bf05820b556cd9924694c7e4be9f96833714acc49993

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 00:02:28 GMT
x-content-type-options: nosniff
age: 115345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7357
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 00:02:28 GMT

GET
H3 200 body-pink.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 2 KB
2 KB 89ms
87ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-pink.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b917a06b7efdded4397602608eb59fba976a47fe2f3ca057b7556b4979df81a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 21:53:16 GMT
x-content-type-options: nosniff
age: 36697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1968
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 21:53:16 GMT

GET
H3 200 04.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 8 KB
8 KB 90ms
88ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/04.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2d802630d73ec662fe89ce86b5b4d461076ae52fdd23b927aa0a0717f314cf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 06:48:17 GMT
x-content-type-options: nosniff
age: 4596
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 06:48:17 GMT

GET
H3 200 arm-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 591 B
631 B 94ms
91ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/arm-blue.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

083bb42c3edd917e4eb0a7d5aff8e0fd5b7ff7feabeb63dddf48880315e85892

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 02:40:05 GMT
x-content-type-options: nosniff
age: 19488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 591
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 02:40:05 GMT

GET
H3 200 foot-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 794 B
834 B 94ms
92ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/foot-blue.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678ead050d67f081b56d2b8a637810f37f9a76c4d163aba1bf977d88a24392f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 18:47:46 GMT
x-content-type-options: nosniff
age: 47827
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 18:47:46 GMT

GET
H3 200 leg-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 582 B
622 B 95ms
93ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/leg-blue.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e824eae494f24cfa67d3e6cce333804c785d7e0b4e791156356f6857351876

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 12 Dec 2023 04:12:52 GMT
x-content-type-options: nosniff
age: 13921
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 582
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 04:12:52 GMT

GET
H3 200 body-blue.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 1 KB
1 KB 95ms
93ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-blue.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c74fef464c207cc15e3262c7f2c578d2ba7e448129eec9e5d01deada2b697eb2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 00:02:28 GMT
x-content-type-options: nosniff
age: 115345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1487
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 00:02:28 GMT

GET
H3 200 03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 9 KB
9 KB 95ms
94ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/03.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2bb9f72da06f614594a2e20c3881deb497747a734369be0670cd843a0bcd14b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 19:57:44 GMT
x-content-type-options: nosniff
age: 43629
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9465
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 19:57:44 GMT

GET
H3 200 hand-violet.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 810 B
847 B 99ms
97ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/hand-violet.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add54a188cf63b064bf700df6d4312b19ca6f6ac04896f6e32ecee0ccc3d99e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 13:57:27 GMT
x-content-type-options: nosniff
age: 65246
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 810
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 13:57:27 GMT

GET
H3 200 body-violet.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 2 KB
2 KB 99ms
98ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/body-violet.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845a651cb5184fe9e60e4cf75e74157623a35089e860e2ea6d6b5de7fa8beb0e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 17:14:55 GMT
x-content-type-options: nosniff
age: 53398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1618
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 17:14:55 GMT

GET
H3 200 02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 10 KB
11 KB 100ms
99ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/02.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c94bbdf563857f7db063af47683b1a3bfe423558a82ebc06275e2a0d8679a18

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 19:01:53 GMT
x-content-type-options: nosniff
age: 46980
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10716
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 19:01:53 GMT

GET
H3 200 foot_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 350 B
387 B 103ms
102ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/foot_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dce54efea49151e81fa320ee2f25100f7fdf908e138ce36b548638a8671a9d42

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 08 Dec 2023 20:58:09 GMT
x-content-type-options: nosniff
age: 299204
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Dec 2024 20:58:09 GMT

GET
H3 200 red-body_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 3 KB
3 KB 104ms
103ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/red-body_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbba92d544c68cb174fbad7d5e3cecda5873e984b88bfaa073c2cc311ab36f1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 16:56:59 GMT
x-content-type-options: nosniff
age: 54474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2570
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 16:56:59 GMT

GET
H3 200 01_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/ Frame 3B09 9 KB
9 KB 105ms
104ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/01_1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949c87693f33ba17ce9ce3a664569886ff0ea5ee24f7875551dce84ca470e1c9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14136068807535480289/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 11 Dec 2023 20:06:08 GMT
x-content-type-options: nosniff
age: 43125
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8858
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 12:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Dec 2024 20:06:08 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 528F 42 B
64 B 165ms
108ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwSjJl1KownTXrKDnzyUmaPSup20TJ9ZSmmEW1bLzMIHG6RNzp169YGkTgIqfU5Agwd9DpjCY0Fzz45Vpr6TWMdoVa6Byt9hO53GcViNTdTK0t419T3HYIfkuTuFtrZdHlCvjfTZmwil32p_VgBaBjKzvb&sai=AMfl-YT-4z8c-Vsm2C2gvjyzomhkwjBzYriJCEowwbW2mTcyUCpJpLf0IdYlTeIHdqS7IpIiz70EOB43r6Isl4sOHQLud4s_g_5BnRl0jVZ8QR5XgI4livJh6guJkSF03NJYHKh1f0puI4nJcVjGCwlw_w&sig=Cg0ArKJSzPuFdW0rKKh8EAE&cid=CAQSTwDICaaNWcRH7v5I3rQ5dTPo5MO7cij4Na7t98Gq3-JjUqmAev-fe8fD75Zl1OQtqTCSuIvsRsUro0LWSCNd63EZkIiEVmbmBVBKsrBpyokYAQ&id=lidar2&mcvt=1000&p=0,0,500,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3374909718&rs=2&la=0&cr=0&vs=4&r=v&rst=1702368290810&rpt=1180&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BBC 0
20 B 109ms
109ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoNCAEqCWZ1bGwtc2xvdAokGgxidW5kbGVSb3dLZXkqFDE0MTM2MDY4ODA3NTM1NDgwMjg5CgoIAioGc2VydmVyCg0QFCEAAAAAwGz7QDAECg0QFSEAAAAAAAAoQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAABkZlZ0QDAECg0QMiEAAAAAAAAAADAECg0QMyEAAAAAAAAAADAECg0QNCEAAAAAAAAAADAECg0QNSEAAAAAAAAAADAECg0QNiEAAAAAAAAAADAECg0QNyEAAAAAAAAAADAECg0QOCEAAAAAAAAAADAECg0QOSEAAAAAAAAAADAECg0QOiEAAAAAYGbmPzAECg0QOyEAAAAAYGbmPzAECg0QPCEAAAAAYGbmPzAECg0QPSEAAAAAYGbmPzAECg0QPiEAAAAAyMzsPzAECg0QPyEAAAAAyMzsPzAECg0QQCEAAAAAyMzsPzAEEhpDUFRhZ29xNGlZTURGVVJhSFFrZHIwUUFxZyIjaHRtbDVfZGlzcGxheV91cGxvYWQvaHRtbDVfZXhpdF9hcGkoPA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98DF 42 B
64 B 110ms
109ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz-YS_qANP5nAOcywXGzihi3I_1ITDuHJmKdj8WYFcfaygjdbZAOLGr2wH5NjwknF6JWMrAG9KNd313bvlcoNSBlNEfRbpXzwvS0zf9LrzZjfsAYIWJ9BXZUKu-1SBBgSyLVxVbGT_rLID81pSO33YPLff&sai=AMfl-YSIx-pobWftEmxSOvipqBeK6jOL3hM-l-jYHD4caU2vU4Fo6T4Q5tZ6rp7ZWRmzni8nI5GM9nmD_B8O8Lo9VVVP_IJm5VVZfnWRWIoiSZnmyZJuj8lmTfBlDTElRj83H16QXyEMY38gfTsd8vu09w&sig=Cg0ArKJSzNVspeYlJwFUEAE&cid=CAQSTwDICaaNB1kEIA2AyaFfaTWz69mTqps39-uMmxa-1gMt8KNj_S88XcabwYOkIF3919jt1YtZ09OoELKUW7pesFkUwlN2-pMXdvK2yjHMS-cYAQ&id=lidar2&mcvt=1109&p=0,0,500,250&mtos=1109,1109,1109,1109,1109&tos=1109,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3553712189&rs=2&la=0&cr=0&vs=4&r=v&rst=1702368290816&rpt=1233&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 178ms
178ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:04:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F83 13 KB
5 KB 78ms
76ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

accept-ranges: bytes
age: 55695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 16:36:38 GMT
expires: Tue, 10 Dec 2024 16:36:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 23E3 829 B
998 B 87ms
86ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad144ed8431e24fed306d48efba3bee544cdc57f1963b8f06d6962980b8e3a01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PTRvIN2uxsu7W9iNKUPeBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://horoskop.star.ovh/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: no-NO,no;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PTRvIN2uxsu7W9iNKUPeBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 08:04:53 GMT
expires: Tue, 12 Dec 2023 08:04:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F83 39 KB
15 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 11:45:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 11:45:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 23E3 0
0 108ms
108ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1858481086074714&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9F83 0
12 B 76ms
76ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?R-TSig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:04:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BBC 42 B
64 B 108ms
108ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLUh2_uqghjN28e7IBjmemDeTHyzU47uhvJK7UYvg1d66elO79xKd8XRL8QqkZUKe3VMuy_ckV58g59sjqH_Tmh6gV604M7EAHTaszFIjoMF41Tepm51gq4dkX2KDsGJUayPiDB05CAz1eN0UMexLoVLQJ&sai=AMfl-YTAu-Fs6XlvY31mGoxdHzMN7iHE8m_98AOJVYM9lrSbbDubWWkLQNoy5I9W7eSOib99dmh3ANQadJczsKqDB5QVlHyY20-FP-JrsSTvuBFnj5f9RCFOOpTKYfJxjsNV6DNE00iuXIGGg-SoU-FW&sig=Cg0ArKJSzJWq2dhx5rUYEAE&cid=CAQSTgDICaaNTEsaA3yvhZv0aR6NZNWvlhcVJnAUJQbddJmM9BhuyBE7AteF8dkd-iYxBcDg6B4du6l3TBJzzffyYzjzFk1GCc0iDSENl_dQxBgB&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231211&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1561338862&rs=2&la=0&cr=0&vs=4&r=v&rst=1702368292637&rpt=165&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: no-NO,no;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Dec 2023 08:04:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
109ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1858481086074714&bg=!_v2l_bLNAAY3kmNgF5I7ADQBe5WfOK9ESDjHuvnL61hCFqmP6mJ7BYhDK7aVYkks4iGzsxyecvCly765Dta0hhYwJKJ2AgAAAHxSAAAAAmgBB5kC50QnOLAVeRMOiS7sLO65uVJDa1oKowxigc2kaN0DuPfQ-P7F2FUAL6A9Wd4v4KTlNQ83Q8sYku-lDRCGNaE23VeclJHF5AslZ6u29qSovqcDdLxwbD_orYoxSR8J6xH0IA1xSUo7BNmpZO7k3igYF5NFEbNWHTuyFPlTJAg5K8kQy_PEiVO4ajZpBtKb6JhHGScWGqDK4M3rOzB_i5Y6TFYxYp0K1S1Q6fxuwl9MWicHzvNnLEa8e0gxPhlYIgb2bXDp7iS6I2gG0tc6iAbCCCGVHR_LPiRCgTlND8XHvfxFkBfgaSFftEch8b2DXkXxrpuHEVBTkf45Uh4l2BHUKLIM7dBqbVQE3hTUrARGyyHI50V3M7ahpyA-6Jfv938NeaZAJazhrOVXz9CH5mCjLGDM0ZnCC5__Zx_YrYpGhqN0eqr1ulHubCH_dDHH9ttdYwpznBFFtGkXBRRBwJKU4bXCEAsTrYNQDtEcyrPaJAsVB9aPPK7JB2poTj_6zgTDZNOjIUTNJ8qV5zjr2t-mZSAp3rWl1ZbdJxEEkuct81_ywBFSvzxMv-mqUBLgKg49qznhhafB_WNjzDxjmOuB6gzlh4HMT450wMg1zEp3edCzr2pZDUEQTBoKPQoB2VCkV3EfVsIFq_6Qy0veNmsC__QGIgGO7fH77ewTZhbXEBPCQJiVIqzsdC2RQVzqQPlL3qJQ7JjRD4By2ieRIlLt0IAl7XIwpTZjH4DFZ-MpYxwQKzkSaP3YuLWWTvayGfe59nEnwxcNQ7COS93vQR00I4N0ZBfP5sHDXO35PA_RNOTjfTFcfWRtz4LGgGqzZ7NTGOJw1EKmdUSbFsbigoyRW5TyQ676paGbBQaO9vlDKNSOvxGvEgYX5n8Q3ygfcWJTkxUdedAkdA6dld4iotGM1SzNCLI8wFWxbR5yC6N-4lbqB5fflho2XUVE2rvtGTV6IkW7IGKTOtBh1qiXtDg00Xt_988h0WO3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: no-NO,no;q=0.9
Referer: http://horoskop.star.ovh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.star.ovh/	1970-01-21 02:14:24	Name: __gads Value: ID=14a1b667e89369b8:T=1702368290:RT=1702368290:S=ALNI_MaWK4mS8rTsyazy5F8VrrZXD8vBHw
.star.ovh/	1970-01-21 02:14:24	Name: __gpi Value: UID=00000d13cea42e3a:T=1702368290:RT=1702368290:S=ALNI_MYfVMWY-0k9MDU1DtQFMNYn6EQ0LA
.doubleclick.net/	1970-01-20 16:52:51	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:28:48	Name: IDE Value: AHWqTUlRvnxMsXWWJPr99FZqsdbX48CGVfTJmNEUJyEcMBBHpL6zLQbD664mw7Vi7iE
.doubleclick.net/	1970-01-20 16:52:49	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 19:02:24	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
horoskop.star.ovh
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
193.200.238.10
216.58.212.162
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2004
019e38190a5fb2619b7dcc21e21d85f7071171fac479482c584f5ac271b12aa4
02eada3aaa07359e52c6ec99338464dc920ff5385a667756d177319ec7064e41
030bc64c657b1b60f7503b9eb7e5737823a84e5ce0e9c32ee5d4d7ce6327d7a4
083bb42c3edd917e4eb0a7d5aff8e0fd5b7ff7feabeb63dddf48880315e85892
087b22efc325db917617951a6d087c3213427dc3ec2509b4c2521de8d416f96e
08f4b914fae9958398438ec343dac52a51f32416d3ecde35a3617d8ca625b897
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f3d738f768dd8775ec7e6a5d6d7bbfcfb5eb53d4d00db6caf7a6c7c787f9c6f
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
14e5ba2319928ebaa2b1746e528d3b635c3724d95189258bc916e1474fc84a12
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa3c474d6095a7d81fa2e7c60e9b1e918a4dfd38661d8f777046fb24d3c9f6b
1e5a27172def568641fab0ef294d880a5dae5e2362b77488587148fd84b176ab
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21856d22200ba9456f1ee6a25600e1b41d0b694a81728f50ef2ed464cc3570f1
245535931e8cc880bf7f64beaea0978b2d6b22b8a307d5ee8e34661f7d50a934
2486aebac21c42829c4cf61b903cf9942c3fc7dc710e49b54261087a1e0b1864
25da022d5a69a13fac87c74e98e54486d56067591680b5002056e3c95b6ddcac
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
30796d59f425f1f8ff5fa0b4032b79c2250f49980079674e184ea2a9107f1c96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
39336ec43f605dffbfb9b87851d190b61ffdc9d3a7a066fd86c91dcedc87a9b6
3c8dc0ab1183367c5628994f0896958a9f42fd58f4d4d2c3b0e63ffa3beaebe1
3fd5d641a8ce8e92f4de4c414b38cb236b06f5d9b7bee3532d7db4c92d413cad
4048900b24773038c04b565cedd3d971dbebe92e8dff8263b97b843c1e21caa0
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43c54f1ea7f2015853e4d44ba5287235e1cbd3dfdf6075c3f24b3316d18b38fe
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3289e69862b27afe3f8235bde3d7c5c985f266bacf4d4d5b53759c7fb1132
57e824eae494f24cfa67d3e6cce333804c785d7e0b4e791156356f6857351876
581300624230364831f6ed085b746d6d658f788a1e41a3a7df984e06ed626b8b
5cb75b591d376e294b630aa436c78dd2e3b9cb1fe33ccd978d2c2732ae4fcb62
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6069398299730203aa434d1520ccf88ee8bf0aeee241aca18edbd85c78943432
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
65c1f8aa08c804428a006d001b4983af1b1368f5342ba62fb37c481af17ae588
678ead050d67f081b56d2b8a637810f37f9a76c4d163aba1bf977d88a24392f4
681b5bc99c4d4781d194ec558562caf08908b0c5fb2ac02e2723ea085400880d
6b2c83a1a8dadced54e4af553499e04dc225e65a6c2d9d8b20f8f7fedf24f2d9
6c94bbdf563857f7db063af47683b1a3bfe423558a82ebc06275e2a0d8679a18
6f543cdb51fa320a05d87a2cc8dad3e7d3eb6da4ea2ea055df28c429ce93091d
709870c2291338494613bf05820b556cd9924694c7e4be9f96833714acc49993
7c2d802630d73ec662fe89ce86b5b4d461076ae52fdd23b927aa0a0717f314cf
845a651cb5184fe9e60e4cf75e74157623a35089e860e2ea6d6b5de7fa8beb0e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9129c3cb5b3b6d486d719614ef0e64508258a9d15de6c8bfab167e3da9dd87f3
937c5780f1f433b386a9290f3d54f18aae7ede35224505bb57497e768cbe40fc
942d0920308459d8b9c0470cf999c91eee40a5d983f93c918b08fa29ac50f726
949c87693f33ba17ce9ce3a664569886ff0ea5ee24f7875551dce84ca470e1c9
95817bc0eac1487c1173bc167d7b114a77490b0fbb5633a72d68a4546c4188a4
9660ef4b8c234ceebaa022518c0111d07b348fc849e1bfe158effd3bcd732b59
9baf1f446eccb1da25838ac9094da97b19d76ffa552495fa65a41f10240a8f0c
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
a5e04b1b81bc0c8f4d3a23346f8c32a8db05c46f368568f8467827d270fcb1d0
a7ac54f58ba507b13621ceb6fcf5fe879f5ac9bdcf049d16153110c6ad048c7c
ad144ed8431e24fed306d48efba3bee544cdc57f1963b8f06d6962980b8e3a01
add54a188cf63b064bf700df6d4312b19ca6f6ac04896f6e32ecee0ccc3d99e1
b917a06b7efdded4397602608eb59fba976a47fe2f3ca057b7556b4979df81a6
be773ad55386ccbd669bc43b8cef0191b789b9fe3a5f708287b522e31ac1b44e
c49139b2f3dca84fb5081d37ab232c1bc2ce27191f41c6fd5b0c8dfc80a863fd
c5377da9ddf989177412092159ee8831b099ac2af348e3f85ccad1d7f97a4265
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c74fef464c207cc15e3262c7f2c578d2ba7e448129eec9e5d01deada2b697eb2
c7d37569b85c91fdcae0e5a9e61f3a68000f7f646d18ba0bbb1ce9c146a8baf6
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cbba92d544c68cb174fbad7d5e3cecda5873e984b88bfaa073c2cc311ab36f1b
ce802e6924c902fd8d795383e5ac836efb35bc63b0cfbd618e916fea2b202f4f
d367beadee66efbb657d24d3d8f30f3b60633e9d5c8ded7385541cf775cabb4d
d38b1bfa56a9f68b32e544e6be50b54c64084242b235e0a15549df6f217843bd
d5cbe10cfb954e6d580525bd05536b21447ce29ab8a84e21da8a58b588190326
dce54efea49151e81fa320ee2f25100f7fdf908e138ce36b548638a8671a9d42
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e2bb9f72da06f614594a2e20c3881deb497747a734369be0670cd843a0bcd14b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75a7d551a9925bf5d57394cca15cc1584d3f24cdc1602029a8ddaadf0645789
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbc35df9ae212dd1c8c26da489bc308f9bdb2e63cce350d5119401a943f7a6f8
fc846187b2540e202c5937b6ebc125189468acca29bbf18c898f17e5e9efd103
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

horoskop.star.ovh Open in urlscan Pro 193.200.238.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

80 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

9 IPs

3 Countries

2242 kBTransfer

4970 kBSize

6 Cookies

6 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

horoskop.star.ovh Open in urlscan Pro
193.200.238.10 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

80 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2242 kB
Transfer

4970 kB
Size

6
Cookies

153 HTTP transactions
5 data transactions