URL: http://www.mop-veins.tauri-veins.com/
Submission: On January 04 via api from US — Scanned from DE

Summary

This website contacted 30 IPs in 6 countries across 19 domains to perform 206 HTTP transactions. The main IP is 185.111.89.216, located in Hungary and belongs to WEBSUPPORT-SRO-SK-AS, SK. The main domain is www.mop-veins.tauri-veins.com.
This is the only time www.mop-veins.tauri-veins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 185.111.89.216 51013 (WEBSUPPOR...)
3 2a00:1450:400... 15169 (GOOGLE)
41 2a00:1450:400... 15169 (GOOGLE)
1 79.172.215.131 29278 (DENINET-H...)
7 193.201.190.54 62214 (RACKFORES...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
4 142.250.184.198 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
11 14 142.250.186.66 15169 (GOOGLE)
4 10 104.18.36.155 13335 (CLOUDFLAR...)
4 7 37.252.171.21 29990 (ASN-APPNEX)
3 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 23.32.185.35 16625 (AKAMAI-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 213.202.235.8 24961 (MYLOC-AS ...)
2 4 52.214.64.190 16509 (AMAZON-02)
4 142.250.184.226 15169 (GOOGLE)
4 2600:9000:212... 16509 (AMAZON-02)
18 2600:1f13:800... 16509 (AMAZON-02)
206 30
Apex Domain
Subdomains
Transfer
67 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
686 KB
38 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
ad.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 677
252 KB
28 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
611 KB
26 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1241
static.adsafeprotected.com — Cisco Umbrella Rank: 988
dt.adsafeprotected.com — Cisco Umbrella Rank: 933
206 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
7 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1695
144 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
5 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
628 KB
7 mobilgo.eu
www.mobilgo.eu
m.mobilgo.eu
6 KB
6 tauri-veins.com
www.mop-veins.tauri-veins.com
358 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
322 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
30 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
4 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
326 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 930
400 B
2 amung.us
widgets.amung.us — Cisco Umbrella Rank: 19555
whos.amung.us — Cisco Umbrella Rank: 11176
4 KB
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11689
1 KB
1 tauri.hu
chris.tauri.hu
3 KB
206 19
Domain Requested by
41 pagead2.googlesyndication.com www.mop-veins.tauri-veins.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
28 s0.2mdn.net googleads.g.doubleclick.net
www.mop-veins.tauri-veins.com
s0.2mdn.net
26 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
www.mop-veins.tauri-veins.com
s0.2mdn.net
pagead2.googlesyndication.com
18 dt.adsafeprotected.com googleads.g.doubleclick.net
www.mop-veins.tauri-veins.com
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.mop-veins.tauri-veins.com
14 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 www.google-analytics.com www.mop-veins.tauri-veins.com
www.google-analytics.com
m.mobilgo.eu
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 www.googletagmanager.com www.google-analytics.com
m.mobilgo.eu
6 m.mobilgo.eu www.mobilgo.eu
6 www.mop-veins.tauri-veins.com www.mop-veins.tauri-veins.com
5 www.googletagservices.com googleads.g.doubleclick.net
www.mop-veins.tauri-veins.com
4 static.adsafeprotected.com googleads.g.doubleclick.net
4 googleads4.g.doubleclick.net www.mop-veins.tauri-veins.com
4 fw.adsafeprotected.com 2 redirects www.mop-veins.tauri-veins.com
4 ad.doubleclick.net googleads.g.doubleclick.net
www.mop-veins.tauri-veins.com
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com www.mop-veins.tauri-veins.com
googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
1 m.exactag.com googleads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 whos.amung.us widgets.amung.us
1 fonts.gstatic.com fonts.googleapis.com
1 widgets.amung.us www.mop-veins.tauri-veins.com
1 www.mobilgo.eu www.mop-veins.tauri-veins.com
1 chris.tauri.hu www.mop-veins.tauri-veins.com
206 30

This site contains no links.

Subject Issuer Validity Valid
*.mobilgo.eu
Sectigo RSA Domain Validation Secure Server CA
2023-07-22 -
2024-07-21
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA
2023-08-22 -
2024-09-15
a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02
2023-03-29 -
2024-04-27
a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 37 frames:

Primary Page: http://www.mop-veins.tauri-veins.com/
Frame ID: 826AEA4180414BA2440C3FFA2D99AC83
Requests: 22 HTTP requests in this frame

Frame: https://www.mobilgo.eu/x3.php
Frame ID: 5682533D31A4CA831468168180F229A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Frame ID: D7A0C0FB23B544E6A2B938E895CF1C23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: 2D6152DE073CD9B8710B9430DDE4DB4D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&adk=1812271804&adf=3025194257&lmt=1704331042&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1704331042395&bpp=1&bdt=179&idt=205&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5735109548015&frm=20&pv=1&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=215
Frame ID: 325D10B495C7A6D03FD27097984BE517
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCwvYTtBRjMkMKCAjAB&v=APEucNW288PIYtSmb1Sozs83pTWnS85Y0s5YiUPPKT37B7XC8yo-gaCGMK5NF9OzC0jIXf3e4jKLtHWq4SOaPsOMmfxQeUqDstAz31wGYOx-GmeMeT9MjjnLbBhz1SzHjYWUOtvOgj4kBF2vZDp8bUtahiFpxOV_iyLA0-If6dqohtwoRFQn-hU
Frame ID: 41282776E45F915EF6CBC25BE62A264E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1ACCD56B547F41330897BA9A11165803
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8EB497C22C27F3785C4436D1E7F69E3D
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1A7FE58D059BD2C3D64A6039E688D6B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AA413621396EC85C07704FAC0F520B11
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 50A9A3C755B0BDC4E755086D7EC68145
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX0TRBDVY3EHFJLZusB3IH1fg_nfPQMv0Nl-TVyIFd4o4gKzhOaYRGwl1RGLOXHe3PipyBUWWbQ_MpTv3inczBFAg00QLH6yzF3klGAfq77RtPj0IBgMjPEIwIJLVJF1c9vdUVXW5TVWWrTTifwj_K-AWbzGk8yWUmdbyIoKKJfheEmAuM
Frame ID: BCDADDD89A7C46242D66EBE478D37FC3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 824947CC0B91F5B878D14B2E7E758695
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV7q-9KySTtGq6J15E032nd7vl9VaDyWs5viRYF9Q2oZOyPouBSo6kT5c9bgFgk7GDBY8sVWnoiyM10lqd-jE0dX0m_dyJF9CNJMtly5b6g-LMTsNVuRL6-fd7X5y0TFeuJa8tluXf5fO1yz-EJDWOjPZ-bgt1KIB4ClHmtQS2KFRQB3HA
Frame ID: 440BD05A4AC6C6E9D0DCB9C2A46BC457
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EC13D8900A7C0E4048416D34335D6227
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzYLRAhisz5SBAjAB&v=APEucNXJuj45Xd6dKlmq3PHkGaClf2fdL1y_kElUY7zxzeswYzNBTAB_s9LoXI068JDspbqxR1CLUEtheuBwvLUCLV5et1S-PaQ8Rh00bO_tLVnFtaoZVEeugaXt1CZmkNb9PfdKOB4McKYgHnixbDhFAj0s-Vutz60O3RZqCOdMCyWI9sbnGRE
Frame ID: 094C7DA97708F43DAEBAE93DCE00552D
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: A9D9EDFD20974BA614350BC42A9ACBBE
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E84C05136FF8BAC93CFA38EBEB79F3C9
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6B05420159BF04C419748B83C1C69668
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C8AD15B84FAAE8CE9B866F366D176500
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
Frame ID: 3057540C1083052470B818C72B7141A7
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 361BCEEFFEDBE887B443C78FBBFC3174
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 860659D709717E0A39C7C39CAF30ACFF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Frame ID: A607AFA9B337EE04A8AB591DA97863B5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2BF3B71C4794EC93BA9EFBF7DC8A8BEF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Frame ID: 7CA03AE73BB0F8A82DCB6423B7FE997F
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DBE28D14442F25B560ABED5B85910124
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 27D98C4C18C1CA115EBA1B5F7C5A9C05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 9DC0061415787A8050AFD9B9E9B2FDF0
Requests: 1 HTTP requests in this frame

Frame: https://m.mobilgo.eu/lottozo-202-sz-lottozo&op=1
Frame ID: F724489B38397AA95DE239982AC01EC5
Requests: 3 HTTP requests in this frame

Frame: https://m.mobilgo.eu/nemzetidohanyboltok00889&op=1
Frame ID: 67ED130B01276EE8B5D14B7FC53B28F5
Requests: 3 HTTP requests in this frame

Frame: https://m.mobilgo.eu/gpsorakhu&op=1
Frame ID: 69517B4471C94A8FF2EA0CA4CCBAF2B1
Requests: 3 HTTP requests in this frame

Frame: https://m.mobilgo.eu/shell_hun_benzinkut_1314&op=1
Frame ID: 323AB4EF03BE84BFDB2EE4C8A37FF4AA
Requests: 3 HTTP requests in this frame

Frame: https://m.mobilgo.eu/bacsbokodi-romai-katolikus-plebania&op=1
Frame ID: 9DEC72413ACC3C6BC34DA3F625A730B7
Requests: 3 HTTP requests in this frame

Frame: https://m.mobilgo.eu/ruhazat_-_vecses&op=1
Frame ID: 91FE4E0391192DBDA2B0B8F96C30EA82
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E92E4DB7E3CEF473DC907F39EA5222F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B128212C7DD8B91C0578962747A66CE9
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

MoP-Veins

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

206
Requests

85 %
HTTPS

59 %
IPv6

19
Domains

30
Subdomains

30
IPs

6
Countries

3344 kB
Transfer

8712 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 32
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1AjXJDdYcZBR-1C21Aubo&google_cver=1
Request Chain 33
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZYHIhmle2X1MSptbCps8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Request Chain 34
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBOzGVRENEShIBaNyE43bq4&google_cver=1
Request Chain 35
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
Request Chain 82
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Request Chain 83
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZYHIhmle2X1MSptbCps8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Request Chain 84
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
Request Chain 85
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
Request Chain 86
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMROv6n-hQLbDVwoD5akNCE&google_cver=1
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGCT0UCNsgTHClG-4q7Nx9c&google_cver=1
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Request Chain 91
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZYHIhmle2X1MSptbCps8QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
Request Chain 93
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 147
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4105316393188386&ias_chanId=1&ias_placementId=20338656462&bidurl=http://www.mop-veins.tauri-veins.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jxTCDLMAbW4hX8Vy98hyzY&adContainerId=brand_safety_IweWZcquO5m89u8PoLyFqAQ&cbFunctionName=goog_wrapCb_IweWZcquO5m89u8PoLyFqAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-4105316393188386%26fa%3D4%26ifi%3D5%26uci%3Da!5%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:ac91af8a-9f21-0909-2519-a46fc594909d,c:i6asB,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-nb7bb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:13,oid:0421cd86-aa9f-11ee-8d89-92c23650c782,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZcquO5m89u8PoLyFqAQ&cbFunctionName=goog_wrapCb_IweWZcquO5m89u8PoLyFqAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Request Chain 149
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4105316393188386&ias_chanId=1&ias_placementId=20338656462&bidurl=http://www.mop-veins.tauri-veins.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hofEKQzUnv7WuFGHie-qAC&adContainerId=brand_safety_IweWZbmsOIXL9u8PyMOrwAg&cbFunctionName=goog_wrapCb_IweWZbmsOIXL9u8PyMOrwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240102%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-4105316393188386%26fa%3D3%26ifi%3D4%26uci%3Da!4%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:6e8a8af1-ecfe-5c8a-8070-cadfe815812e,c:i6ate,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-78b79b97dc-2lgwh,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:u0lVn9d+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:14,oid:0421f407-aa9f-11ee-b624-eefb9b1289a0,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZbmsOIXL9u8PyMOrwAg&cbFunctionName=goog_wrapCb_IweWZbmsOIXL9u8PyMOrwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

206 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.mop-veins.tauri-veins.com/
25 KB
8 KB
Document
General
Full URL
http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Server
185.111.89.216 , Hungary, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
cpanel47.tarhelypark.hu
Software
Apache /
Resource Hash
a22cf128f4a73aed4a4e3007f723488d9d76ffe30d7c310d42726c9300e1c2bb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive, Keep-Alive
Content-Encoding
gzip
Content-Length
8352
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:22 GMT
Keep-Alive
timeout=5, max=200
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent
power-cata.js
www.mop-veins.tauri-veins.com/power/
10 KB
4 KB
Script
General
Full URL
http://www.mop-veins.tauri-veins.com/power/power-cata.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Server
185.111.89.216 , Hungary, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
cpanel47.tarhelypark.hu
Software
Apache /
Resource Hash
9a6ca90cfd38a578bcd19e8a64f55346b8c39ab70e38bbb614829ccd6d980584

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2015 11:27:02 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
4152
style.css
www.mop-veins.tauri-veins.com/new/
73 KB
13 KB
Stylesheet
General
Full URL
http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Server
185.111.89.216 , Hungary, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
cpanel47.tarhelypark.hu
Software
Apache /
Resource Hash
bc86db442d52bb08d80ba6967bc1f08ed7d6d954e374291ad19b8dd1a8bed27e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Mar 2015 17:00:40 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Content-Type
text/css
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=200
Content-Length
13333
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
http://fonts.googleapis.com/css?family=Titillium+Web:400,200,300,300italic,600,600italic,700,700italic,400italic,200italic,900&subset=latin,latin-ext
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48a56b3b18390376e5d7a17a9126d573860e135a0c33cd7f0823978c5df01835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Thu, 04 Jan 2024 01:17:22 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Thu, 04 Jan 2024 01:17:22 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
54 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ea1c992374b89ae0210dae0e44c8900dc2b9b259c8b6a4a962551d58fa94ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54280
X-XSS-Protection
0
Server
cafe
ETag
9834491667526599285
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Expires
Thu, 04 Jan 2024 01:17:22 GMT
power.css
chris.tauri.hu/work/tdb/
3 KB
3 KB
Stylesheet
General
Full URL
http://chris.tauri.hu/work/tdb/power.css
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/power/power-cata.js
Protocol
HTTP/1.1
Server
79.172.215.131 , Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS
backup.mx.tauri.hu
Software
nginx/1.14.2 /
Resource Hash
9c991bd785f4ab396919fb62908a96434d7c8547845fc634488a41b588e1acc9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Last-Modified
Sat, 24 Sep 2011 13:27:00 GMT
Server
nginx/1.14.2
ETag
"4e7ddaa4-b9e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2974
x3.php
www.mobilgo.eu/ Frame 5682
657 B
685 B
Document
General
Full URL
https://www.mobilgo.eu/x3.php
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f0823d6e2c76763f6e2fbe1107e48273796eae3bc1a3eb96148e42479d2efed2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
207
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:22 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5345
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
egypixel.jpg
www.mop-veins.tauri-veins.com/new/
14 KB
14 KB
Image
General
Full URL
http://www.mop-veins.tauri-veins.com/new/egypixel.jpg
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
Protocol
HTTP/1.1
Server
185.111.89.216 , Hungary, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
cpanel47.tarhelypark.hu
Software
Apache /
Resource Hash
c3c6c07a63f714d29412e5d3065c9e9e231b2d392124f12ae9c320cf930c68ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Last-Modified
Wed, 11 Mar 2015 11:27:02 GMT
Server
Apache
Content-Type
image/jpeg
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=199
Content-Length
14191
small.js
widgets.amung.us/
8 KB
4 KB
Script
General
Full URL
http://widgets.amung.us/small.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
HTTP/1.1
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
content-encoding
gzip
CF-Cache-Status
HIT
Age
3496
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Jan 2023 17:19:17 GMT
Server
cloudflare
etag
W/"63c04115-2170"
Vary
Accept-Encoding
Content-Type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
CF-RAY
83ffa4369c7d3722-FRA
expires
Fri, 05 Jan 2024 00:19:06 GMT
teto.jpg
www.mop-veins.tauri-veins.com/new/
270 KB
270 KB
Image
General
Full URL
http://www.mop-veins.tauri-veins.com/new/teto.jpg
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
Protocol
HTTP/1.1
Server
185.111.89.216 , Hungary, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
cpanel47.tarhelypark.hu
Software
Apache /
Resource Hash
6330e7f7120aed7b1686b171f6ce73e162e91e8fa6e4787a4c11925a96d819d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Last-Modified
Sun, 15 Mar 2015 10:00:31 GMT
Server
Apache
Content-Type
image/jpeg
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
276158
footerback.jpg
www.mop-veins.tauri-veins.com/new/
47 KB
48 KB
Image
General
Full URL
http://www.mop-veins.tauri-veins.com/new/footerback.jpg
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
Protocol
HTTP/1.1
Server
185.111.89.216 , Hungary, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS
cpanel47.tarhelypark.hu
Software
Apache /
Resource Hash
0dfbca2c5c1a3e89e8ed72df35d86429221e717de4262d4492c89c0543cfd278

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/new/style.css?ver=0.7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
Last-Modified
Wed, 11 Mar 2015 11:27:02 GMT
Server
Apache
Content-Type
image/jpeg
Connection
keep-alive, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=198
Content-Length
48539
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v17/
12 KB
13 KB
Font
General
Full URL
http://fonts.gstatic.com/s/titilliumweb/v17/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Titillium+Web:400,200,300,300italic,600,600italic,700,700italic,400italic,200italic,900&subset=latin,latin-ext
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://www.mop-veins.tauri-veins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 30 Dec 2023 06:18:10 GMT
X-Content-Type-Options
nosniff
Age
413952
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
12372
X-XSS-Protection
0
Last-Modified
Thu, 24 Aug 2023 20:30:13 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 29 Dec 2024 06:18:10 GMT
/
whos.amung.us/pingjs/
30 B
344 B
Script
General
Full URL
http://whos.amung.us/pingjs/?k=rkzjqwzm43do&t=MoP-Veins&c=s&x=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&y=&a=0&d=0.657&v=27&r=7703
Requested by
Host: widgets.amung.us
URL: http://widgets.amung.us/small.js
Protocol
HTTP/1.1
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e0fb51ec2895de93ffa10e80f843f766aa61e25fb1f98133791f52c57ceb6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 01:17:22 GMT
content-encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
CF-RAY
83ffa436eaac35e5-FRA
alt-svc
h3=":443"; ma=86400
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1997ea4d6fbd2021c1d6b18231103f80d7069698b816b4860fa231a323c4095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137965
x-xss-protection
0
server
cafe
etag
5663552117308771409
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:22 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/ Frame D7A0
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
11867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 21:59:35 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 21:59:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
15 B
230 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=576345409&t=pageview&_s=1&dl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ul=en-us&de=UTF-8&dt=MoP-Veins&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABAAAAACAAI~&jid=184936071&gjid=621634993&cid=1885476548.1704331042&tid=UA-60611243-1&_gid=1928209719.1704331042&_slc=1&z=844087070
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c1f01c392b1780cd46d0704b1c0c3bac211d676d12855ecd078d96adf2bf9c30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.mop-veins.tauri-veins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
355 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60611243-1&cid=1885476548.1704331042&jid=184936071&gjid=621634993&_gid=1928209719.1704331042&_u=IGBAgEABAAAAAGAAI~&z=1988471984
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 04 Jan 2024 01:17:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.mop-veins.tauri-veins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
228 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K89DWMDNXG&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53cd1f181b768b5a180a1ba877a68e7b8d129e77721531678ac9565f3b07be0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83060
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:22 GMT
truncated
/
439 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
collect
region1.google-analytics.com/g/
0
263 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K89DWMDNXG&gtm=45je3bt0v9124763809&_p=1704331042430&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1885476548.1704331042&_eu=ABAI&_s=1&dl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&dt=MoP-Veins&sid=1704331042&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=892
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K89DWMDNXG&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.mop-veins.tauri-veins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2D61
86 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f459e5752265ba096eb452df5800c1c1d43eb0670149d2a7b16b0e1409c0a99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39793
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:22 GMT
expires
Thu, 04 Jan 2024 01:17:22 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 325D
437 KB
106 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&adk=1812271804&adf=3025194257&lmt=1704331042&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1704331042395&bpp=1&bdt=179&idt=205&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=5735109548015&frm=20&pv=1&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
298b49c31f9c1f715013d2853e02609824fa5d27fd6fd8b1f81c9ecf8702e613
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
108199
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
expires
Thu, 04 Jan 2024 01:17:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D61
42 B
173 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwsJqoGjqMYjgFQNkH3c1EGQkhBouS_voo_Ss7zh3-v2cO_x4hxo1fjXmIg3iSFIW3t2kjnD0ayJ5HqWIUsaImJQwBVhTDcvjizH28euxWd2iMcGE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4128
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCwvYTtBRjMkMKCAjAB&v=APEucNW288PIYtSmb1Sozs83pTWnS85Y0s5YiUPPKT37B7XC8yo-gaCGMK5NF9OzC0jIXf3e4jKLtHWq4SOaPsOMmfxQeUqDstAz31wGYOx-GmeMeT9MjjnLbBhz1SzHjYWUOtvOgj4kBF2vZDp8bUtahiFpxOV_iyLA0-If6dqohtwoRFQn-hU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:22 GMT
expires
Thu, 04 Jan 2024 01:17:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 2D61
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
85179
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 01:37:43 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 2D61
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 04:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
75935
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 04:11:47 GMT
view
ad.doubleclick.net/pcs/ Frame 2D61
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssLEkwEzbCeThkjlpz6FnMic4dIFzuCaBIE3UOkj4gGIDT6JPSfZjf1JAIN-ElhrX9kxqfKwaLaBsmtXTDGDxFNq6JVC5RpHDfL15IAyXx8gUHMEdTGarYHTz_R4VmvX9XPTN1clnpNdLoT9u1jUuXiK-3mcHr-qKKfqUUAGTEZfBihaTp1aapmqNDMZbRDibn02Fy93wfgyF0meorkO-4o1mmfJJUD1DmHpJRXESlWV1q2Z0Z_Xl-_fQLCeI6RVcxA1LZwf4-N_woncsqUODKqjdojRp0Gl8VBLcQhgBF_HwvFFTdeYm1FSUOxuLbwzJBeRkRlIuS0K73McESRNjCLMpUp4dsOdN75aDYpEfQEFVzla3oekpjreaoIVRzb1GnQH_rzQqTSNfpFvkRpL9tBINc5Pxcm0whUpufh8YI9pZKPY1ftWPrBExXbeBOqYdMBBB1otOfOeBESv1CIQST2WJEB45ckJS-V81yJeT-h3t1vxonF7Mu45N-XXiGWA1nU8rYsoyp6qlwlFr5rwADuR6dGq_flguzy62xEhBrTpZ6WJkIIi1It3URPZw6f7YCQCffnYDisvYHYCqEQXoJ-qCNsC23BOMf1jRsAp0TeWjDsZgQs02L7eXSPbXdw_0m7dS3nLFtbL_ejeL2IgqBQBrSGw1sWLpzhw122cgF2T9NuYc-bnyXcMeJM7PMMYIWOEBlrVDQRduMLzC6ZNf-bNVuWOc4L-wBhG8Y1oY_bLaL0j4pQ7VxWbBYw59qfBV3VTbrrkY_1eZXyZzNkxszsclCrvFbRhv2QRQlgQ2uUNEF280hjBkcwwE0WTb11EJCDeAwxVAYHlkoJE1ydMkT4Ts2yaxPDy42_6KccSGOed9PW-zXbx_zK3Urpe0EY6CAc0gq7-jbLl2p2voK2FfldGLpn6ct0DpJjeiPpB3wXEZ98XN2kZOYCJnSxQmaP110pbWRmNuNVzq57grV942qHeHOPuuRmTjZSKU-9kDijYD0htHBq800308SDqtS8eIc3cXDnnVZKQ3H1n07AnCQ2DDzlGIHz801n3OmRgUFtiR9t2h7BiNqNjSS7y2tOEAdIAPnc_6e46viCPqxrVLiGb3bYLMgkahPf5s92kfxohuSHVVnyh4snrl7LZP9PxcPTNPBrL8YZ8vAn6y0eNHkK7bpzccRotGRH9fGKWcppy3_lz39u8-uNxD5A6vpwnTb7iTMluaTiAvRoQ0ScBUKTPg19vVmCg6kRy9JIGcEjD4Epc2HNVd8T9JPkzd03Q-opGclVfy3PwO7-E2rgyYDdJrUja4aWXEHOVK2bA7EGeRelBeM1RKu880z6X4riVGTLGVabpkTAx2b7fHeg89Js_w&sai=AMfl-YTXqlkxspsdeqgiU61aUwp4PXQbmdM5A0G-hXMZnatCoWcIZpmNonCpi8-hq6etDl4ff2XRgSwjrnZsI-Yzz7K7xtNe7m9obbICDIQCzVftegFhI7BEDZcAc3U-Nqd0saRiF44oUU0_57D01WlKpjJzLxBReKGbInJqvQvwOnxnIl3-FBOzkU1541wsNOy3Fdojsb1G_p1EvTmR6cXTSl_BA-qEr5kcnorN0gbBUMTLy7yrNCcKBmiu7YA8X2rEOJse7yDAFhZxGrSkd6Tv5sKoKWVJ49W9vUaaV62MKyGYQRdAiEsTRzBpCATEc809ohos-Lae_j17mpJEl-sp6t2gkOy-daY5FI8zyNNjWzVzBo33M6z4wUbsW3CkDwGFXuo65JSPAD86z9ymZl1LN-P1Wj7cWBjN9BeYcnsE9q7Cua6UESgfX7d552nq4vC5IHUKj5C04due0FKb-nOT74VBAkGJmcSHwiGSYb445_sjKsrlmUr680J5lEpET1EAZhuPrYkPW9m5EQ&sig=Cg0ArKJSzF4-z1ZJ32d8EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGp1c3QuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240102.04866&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 01:17:22 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:22 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2D61
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
457934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 18:05:08 GMT
12747918477517938713
s0.2mdn.net/simgad/ Frame 2D61
75 KB
75 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/12747918477517938713
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47333801d35dc2034874e0c6ea152093349eabc0d2db403c0acc0fc46bc244dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 02 Jan 2025 22:03:29 GMT
date
Wed, 03 Jan 2024 22:03:29 GMT
x-content-type-options
nosniff
age
11633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76421
x-xss-protection
0
last-modified
Wed, 27 Dec 2023 02:39:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 2D61
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:08:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 2D61
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
21234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2D61
204 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:22 GMT
rum
dsum-sec.casalemedia.com/ Frame 4128
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1AjXJDdYcZBR-1C21Aubo&google_cver=1
43 B
774 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1AjXJDdYcZBR-1C21Aubo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCwvYTtBRjMkMKCAjAB&v=APEucNW288PIYtSmb1Sozs83pTWnS85Y0s5YiUPPKT37B7XC8yo-gaCGMK5NF9OzC0jIXf3e4jKLtHWq4SOaPsOMmfxQeUqDstAz31wGYOx-GmeMeT9MjjnLbBhz1SzHjYWUOtvOgj4kBF2vZDp8bUtahiFpxOV_iyLA0-If6dqohtwoRFQn-hU
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB1RVb%2BqvwfSHB39OZ6fPxrnpVHWPP%2BBaBDSoc12YZm4OMwurIzFF7V38vj%2B%2FUMGP87ZLQHmf5cuZqgKkR3PH2kzHvUmuJDbvkdj6stLSO%2BU0X2Ay16Ry0eECKLrt%2FdqiSDyH2wJgf4E7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ffa43b190c1da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF1AjXJDdYcZBR-1C21Aubo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4128
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZYHIhmle2X1MSptbCps8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCwvYTtBRjMkMKCAjAB&v=APEucNW288PIYtSmb1Sozs83pTWnS85Y0s5YiUPPKT37B7XC8yo-gaCGMK5NF9OzC0jIXf3e4jKLtHWq4SOaPsOMmfxQeUqDstAz31wGYOx-GmeMeT9MjjnLbBhz1SzHjYWUOtvOgj4kBF2vZDp8bUtahiFpxOV_iyLA0-If6dqohtwoRFQn-hU
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BwslijtU3dcFXTnEu3oHzB%2Fju%2BCtYyGO0t%2F5fuLPWNXSXHOL3sx3MmY8%2FrsgjUfosmX3lokRpW3BT41XQTvzR7CoUTQ6XGlY%2Fs0xUT2dpXmPcjYwsiNcYfm8ymcwzuQAFzlBd0P8CAqIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ffa43b190a1da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4128
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBOzGVRENEShIBaNyE43bq4&google_cver=1
43 B
843 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBOzGVRENEShIBaNyE43bq4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCwvYTtBRjMkMKCAjAB&v=APEucNW288PIYtSmb1Sozs83pTWnS85Y0s5YiUPPKT37B7XC8yo-gaCGMK5NF9OzC0jIXf3e4jKLtHWq4SOaPsOMmfxQeUqDstAz31wGYOx-GmeMeT9MjjnLbBhz1SzHjYWUOtvOgj4kBF2vZDp8bUtahiFpxOV_iyLA0-If6dqohtwoRFQn-hU
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
an-x-request-uuid
741151cb-33cb-42af-bcc0-7a7a4165121b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBOzGVRENEShIBaNyE43bq4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4128
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRCwvYTtBRjMkMKCAjAB&v=APEucNW288PIYtSmb1Sozs83pTWnS85Y0s5YiUPPKT37B7XC8yo-gaCGMK5NF9OzC0jIXf3e4jKLtHWq4SOaPsOMmfxQeUqDstAz31wGYOx-GmeMeT9MjjnLbBhz1SzHjYWUOtvOgj4kBF2vZDp8bUtahiFpxOV_iyLA0-If6dqohtwoRFQn-hU
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:22 GMT
an-x-request-uuid
b97cb60e-bee7-4b43-9069-8a2c57994811
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1ACC
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
142324
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:45:18 GMT
expires
Wed, 01 Jan 2025 09:45:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2D61
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a55c8361609d92bef97505daed4760e05a2ddf988b01ce3a6d68e28c094a3d86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1ACC
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
26283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 17:59:20 GMT
view
ad.doubleclick.net/pcs/ Frame 2D61
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjssLEkwEzbCeThkjlpz6FnMic4dIFzuCaBIE3UOkj4gGIDT6JPSfZjf1JAIN-ElhrX9kxqfKwaLaBsmtXTDGDxFNq6JVC5RpHDfL15IAyXx8gUHMEdTGarYHTz_R4VmvX9XPTN1clnpNdLoT9u1jUuXiK-3mcHr-qKKfqUUAGTEZfBihaTp1aapmqNDMZbRDibn02Fy93wfgyF0meorkO-4o1mmfJJUD1DmHpJRXESlWV1q2Z0Z_Xl-_fQLCeI6RVcxA1LZwf4-N_woncsqUODKqjdojRp0Gl8VBLcQhgBF_HwvFFTdeYm1FSUOxuLbwzJBeRkRlIuS0K73McESRNjCLMpUp4dsOdN75aDYpEfQEFVzla3oekpjreaoIVRzb1GnQH_rzQqTSNfpFvkRpL9tBINc5Pxcm0whUpufh8YI9pZKPY1ftWPrBExXbeBOqYdMBBB1otOfOeBESv1CIQST2WJEB45ckJS-V81yJeT-h3t1vxonF7Mu45N-XXiGWA1nU8rYsoyp6qlwlFr5rwADuR6dGq_flguzy62xEhBrTpZ6WJkIIi1It3URPZw6f7YCQCffnYDisvYHYCqEQXoJ-qCNsC23BOMf1jRsAp0TeWjDsZgQs02L7eXSPbXdw_0m7dS3nLFtbL_ejeL2IgqBQBrSGw1sWLpzhw122cgF2T9NuYc-bnyXcMeJM7PMMYIWOEBlrVDQRduMLzC6ZNf-bNVuWOc4L-wBhG8Y1oY_bLaL0j4pQ7VxWbBYw59qfBV3VTbrrkY_1eZXyZzNkxszsclCrvFbRhv2QRQlgQ2uUNEF280hjBkcwwE0WTb11EJCDeAwxVAYHlkoJE1ydMkT4Ts2yaxPDy42_6KccSGOed9PW-zXbx_zK3Urpe0EY6CAc0gq7-jbLl2p2voK2FfldGLpn6ct0DpJjeiPpB3wXEZ98XN2kZOYCJnSxQmaP110pbWRmNuNVzq57grV942qHeHOPuuRmTjZSKU-9kDijYD0htHBq800308SDqtS8eIc3cXDnnVZKQ3H1n07AnCQ2DDzlGIHz801n3OmRgUFtiR9t2h7BiNqNjSS7y2tOEAdIAPnc_6e46viCPqxrVLiGb3bYLMgkahPf5s92kfxohuSHVVnyh4snrl7LZP9PxcPTNPBrL8YZ8vAn6y0eNHkK7bpzccRotGRH9fGKWcppy3_lz39u8-uNxD5A6vpwnTb7iTMluaTiAvRoQ0ScBUKTPg19vVmCg6kRy9JIGcEjD4Epc2HNVd8T9JPkzd03Q-opGclVfy3PwO7-E2rgyYDdJrUja4aWXEHOVK2bA7EGeRelBeM1RKu880z6X4riVGTLGVabpkTAx2b7fHeg89Js_w&sai=AMfl-YTXqlkxspsdeqgiU61aUwp4PXQbmdM5A0G-hXMZnatCoWcIZpmNonCpi8-hq6etDl4ff2XRgSwjrnZsI-Yzz7K7xtNe7m9obbICDIQCzVftegFhI7BEDZcAc3U-Nqd0saRiF44oUU0_57D01WlKpjJzLxBReKGbInJqvQvwOnxnIl3-FBOzkU1541wsNOy3Fdojsb1G_p1EvTmR6cXTSl_BA-qEr5kcnorN0gbBUMTLy7yrNCcKBmiu7YA8X2rEOJse7yDAFhZxGrSkd6Tv5sKoKWVJ49W9vUaaV62MKyGYQRdAiEsTRzBpCATEc809ohos-Lae_j17mpJEl-sp6t2gkOy-daY5FI8zyNNjWzVzBo33M6z4wUbsW3CkDwGFXuo65JSPAD86z9ymZl1LN-P1Wj7cWBjN9BeYcnsE9q7Cua6UESgfX7d552nq4vC5IHUKj5C04due0FKb-nOT74VBAkGJmcSHwiGSYb445_sjKsrlmUr680J5lEpET1EAZhuPrYkPW9m5EQ&sig=Cg0ArKJSzF4-z1ZJ32d8EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hZGp1c3QuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=143&vt=11&dtpt=142&dett=2&cstd=0&cisv=r20240102.04866&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4105316393188386&output=html&h=90&slotname=4689036173&adk=749540655&adf=4276005684&pi=t.ma~as.4689036173&w=728&lmt=1704331042&format=728x90&url=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ea=0&wgl=1&dt=1704331042378&bpp=2&bdt=163&idt=204&shv=r20240102&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=5735109548015&frm=20&pv=2&ga_vid=1885476548.1704331042&ga_sid=1704331043&ga_hid=576345409&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=310&ady=402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079438%2C31079759%2C44809530&oid=2&pvsid=19135867479619&tmod=2059409328&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CaE%7C&abl=NA&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1ACC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8MeNIgeWZY_1JYb41PIPoNeg4AUAAAAAOAHgBAI&bg=!W1ilWBfNAAY3kmNgF5I7ADQBe5WfOGy0d7QMmNfYjdxjTkNGqtJmiJle2B5w5BMybIzMR6i5dc5ZlZncCyoFU9qETihKAgAAADJSAAAAAWgBB5kC9Ghogb23go5TChE3mRb50AUFhBAQ5Fv7AYURLB1lvuUzSc7Pv0THnoOEm0O16IsrVxVbg68__n3uzaLQwY0HhR0pZBZEo52KVKNo8PSotFp4hGwEmFM_lpMKtw0gKbmfom48YvxgrKSN1jEXGC8G0evvfaCY4D_Unv2jQa9Iqjo5g-l71V_5lqY_p3QzSNnJ153IxdXcKJvjSyKy2lQzjMXC-8ndS9c-OMu8YtniQaBMgDIKaKz7zJI_6czbdnual464M5cuZBbw-KZP_ImANNEahkNirjlNKv3pfIB9nd5Btvpx3UP38kaTQ4Vz70mniNZTYCg9VNfMj0RVkxpRCZ0TRAQtwLijEFUXQfsw2WJZ2sBV5ZH19lo8MHzXirsxZvD9isWm8bBZhM21gWPR74CO2bHcww03M6qfDt1S_ZsuxyCVUdNEMxOFfIl2XSisCrV08k1BONxkbiOxnoKnqFVTPXMH66fmRR4UZ8FDi3JMI_YrtlZqd-po8JLVPLIWOfKCO3ShnJ3hGw9MR1M_GcL9kO-4f6bukjesUbkvOl-LKPQwokNvg5YNqNE8ojCdwQ6DKEt-mz9CUtO1u71NhweHgpF-Xe_BifgiXxubX92h-QSSTX8Vec8e4J6KpYbKq3oWhLZGoOPbmFvhE6BvCK8PXJWTt4u7DN5XeKyABZHzPR7cDuUUmfK2yQAxT_gvrm6YRPsYHTTqkCgIIKFuDvUYykrJAyXUQxHnoOc3vfCAn8cbtuw6iqL0qdyKiljD9Zu3-haojnyqD7Zdl-lvuFE0akLv9PRDdCiKTn_F87x6g9R857FSPykZccR_sZ5wapVauIldnwWYldcCVjL1d9FP8jWdI1kx6GXUqQNh98Ib6UHy9SSzckpyh6Vn4LqXoIuJ_xT_rOl1aF8PpEfNTWI-Xn_hUOd30czTKBaW-M0uxGMSgJ_inw1E-tL775wNBkymetUavpPo1IOQ4E6AVXlJiNex5I9ULTEtTS32pwjjucRPyg
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0fa3759f94803591ff9e1afbf030c080c4ba9d53b4bd1a0f876a9ed8771ccea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56018
x-xss-protection
0
server
cafe
etag
5277349242535610833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 8EB4
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 23:00:01 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 23:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 1A7F
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 23:00:01 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 23:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame AA41
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 23:00:01 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 23:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/ Frame 50A9
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
8242
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 23:00:01 GMT
etag
9219409622527106327
expires
Wed, 17 Jan 2024 23:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 8EB4
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 01:12:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 01:17:23 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8EB4
205 B
295 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:02:02 GMT
x-content-type-options
nosniff
age
18921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Jan 2025 20:02:02 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8EB4
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:21:26 GMT
x-content-type-options
nosniff
age
21357
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 02 Jan 2025 19:21:26 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 8EB4
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:20:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
82633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 02:20:10 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 8EB4
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 02:20:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
82633
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 02:20:10 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BCDA
624 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX0TRBDVY3EHFJLZusB3IH1fg_nfPQMv0Nl-TVyIFd4o4gKzhOaYRGwl1RGLOXHe3PipyBUWWbQ_MpTv3inczBFAg00QLH6yzF3klGAfq77RtPj0IBgMjPEIwIJLVJF1c9vdUVXW5TVWWrTTifwj_K-AWbzGk8yWUmdbyIoKKJfheEmAuM
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
expires
Thu, 04 Jan 2024 01:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8249
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 8249
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:08:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 8249
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8249
204 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8249
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJFBWjvpnjPdfY3-nvag-2wo5OCmmi84HX5hrYCeslyM8-lqjjqNVet9z1SXy0fbT1rgzhfdPMAWXIk9nwPCom4l1L5BBysJBfqpc-D9Gwvv1PmyY
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 440B
640 B
265 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV7q-9KySTtGq6J15E032nd7vl9VaDyWs5viRYF9Q2oZOyPouBSo6kT5c9bgFgk7GDBY8sVWnoiyM10lqd-jE0dX0m_dyJF9CNJMtly5b6g-LMTsNVuRL6-fd7X5y0TFeuJa8tluXf5fO1yz-EJDWOjPZ-bgt1KIB4ClHmtQS2KFRQB3HA
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
expires
Thu, 04 Jan 2024 01:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EC13
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame EC13
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:08:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame EC13
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EC13
204 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC13
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bg0fcNURNgHPZ1xdJREUPN6Gs8HJZCRkABN-U3Ig-ZeMlKXKMSd4ANqx-z_SvENZC6xcIvqtb3qJl3zI9io5gxC_pJdnDx9Voh_4kXN-6U4A0aV6g
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 094C
624 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzYLRAhisz5SBAjAB&v=APEucNXJuj45Xd6dKlmq3PHkGaClf2fdL1y_kElUY7zxzeswYzNBTAB_s9LoXI068JDspbqxR1CLUEtheuBwvLUCLV5et1S-PaQ8Rh00bO_tLVnFtaoZVEeugaXt1CZmkNb9PfdKOB4McKYgHnixbDhFAj0s-Vutz60O3RZqCOdMCyWI9sbnGRE
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
expires
Thu, 04 Jan 2024 01:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame A9D9
172 KB
60 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 23:49:04 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame A9D9
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 04:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
75936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 04:11:47 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame A9D9
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 01:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
85180
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 01:37:43 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A9D9
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
457935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame A9D9
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:08:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame A9D9
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A9D9
204 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A9D9
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CqZni_7gYGAD1-FQjcqd9VBNS4A90dbfHOOKnZ7PcZBlpvqgwuFBEwoWRHl0umuYI8ZSZhAtb6WwrxpeIRPD4-5Ettw0i6BYdaB38GvHv5KgN4BX8
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame E84C
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
142325
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:45:18 GMT
expires
Wed, 01 Jan 2025 09:45:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 6B05
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Jan 2024 01:01:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Jan 2024 01:17:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 6B05
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:25:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
21130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:25:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 6B05
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C8AD
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 00:38:24 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 6B05
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:08:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:08:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/ Frame 6B05
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240102/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:23:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:23:28 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6B05
204 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 Jan 2024 01:17:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 6B05
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 31 Mar 2024 13:56:43 GMT
truncated
/ Frame A9D9
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3f803829bad79bb1e9f1216da0846b22e9cfbdda7a047f66ef0732b447fcabc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame BCDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX0TRBDVY3EHFJLZusB3IH1fg_nfPQMv0Nl-TVyIFd4o4gKzhOaYRGwl1RGLOXHe3PipyBUWWbQ_MpTv3inczBFAg00QLH6yzF3klGAfq77RtPj0IBgMjPEIwIJLVJF1c9vdUVXW5TVWWrTTifwj_K-AWbzGk8yWUmdbyIoKKJfheEmAuM
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9FPY8uWJQ8ZBsaw%2FqVTjGVSj1wdyY1vUaGecOCvVL5CEPUonFW7CB6Lw3hqrEmlXmOXKqHiGDA%2B8U%2BKArGv9hGQN0j%2BFupXSeMJMkpEAghib1Q%2FR3KksHSk3PrvQATIPMh4PH5W6O4rCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ffa4403c101da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BCDA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZYHIhmle2X1MSptbCps8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX0TRBDVY3EHFJLZusB3IH1fg_nfPQMv0Nl-TVyIFd4o4gKzhOaYRGwl1RGLOXHe3PipyBUWWbQ_MpTv3inczBFAg00QLH6yzF3klGAfq77RtPj0IBgMjPEIwIJLVJF1c9vdUVXW5TVWWrTTifwj_K-AWbzGk8yWUmdbyIoKKJfheEmAuM
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdfwwVhAah0IwCg8nobiUYlNVenwN20CnJoYmgbPZ%2FH%2BLvh8t1WOCVfV231D0%2Bf53KxblHXNXfqE4XiVNBpQ5h%2ByzD9OY5J%2FHRFo0%2BIrE852DbIQut2BP5oABIT3pMyyzhCc2s5FMXBPcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ffa4406c201da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BCDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
43 B
848 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX0TRBDVY3EHFJLZusB3IH1fg_nfPQMv0Nl-TVyIFd4o4gKzhOaYRGwl1RGLOXHe3PipyBUWWbQ_MpTv3inczBFAg00QLH6yzF3klGAfq77RtPj0IBgMjPEIwIJLVJF1c9vdUVXW5TVWWrTTifwj_K-AWbzGk8yWUmdbyIoKKJfheEmAuM
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
an-x-request-uuid
7d0d3889-56e7-4468-9c6f-15fddfaca24c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BCDA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNX0TRBDVY3EHFJLZusB3IH1fg_nfPQMv0Nl-TVyIFd4o4gKzhOaYRGwl1RGLOXHe3PipyBUWWbQ_MpTv3inczBFAg00QLH6yzF3klGAfq77RtPj0IBgMjPEIwIJLVJF1c9vdUVXW5TVWWrTTifwj_K-AWbzGk8yWUmdbyIoKKJfheEmAuM
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
an-x-request-uuid
ce5b5ddf-24a3-4bbc-9441-f1bf67f9cf96
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 440B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMROv6n-hQLbDVwoD5akNCE&google_cver=1
43 B
105 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMROv6n-hQLbDVwoD5akNCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV7q-9KySTtGq6J15E032nd7vl9VaDyWs5viRYF9Q2oZOyPouBSo6kT5c9bgFgk7GDBY8sVWnoiyM10lqd-jE0dX0m_dyJF9CNJMtly5b6g-LMTsNVuRL6-fd7X5y0TFeuJa8tluXf5fO1yz-EJDWOjPZ-bgt1KIB4ClHmtQS2KFRQB3HA
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMROv6n-hQLbDVwoD5akNCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 440B
43 B
295 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV7q-9KySTtGq6J15E032nd7vl9VaDyWs5viRYF9Q2oZOyPouBSo6kT5c9bgFgk7GDBY8sVWnoiyM10lqd-jE0dX0m_dyJF9CNJMtly5b6g-LMTsNVuRL6-fd7X5y0TFeuJa8tluXf5fO1yz-EJDWOjPZ-bgt1KIB4ClHmtQS2KFRQB3HA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 440B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGCT0UCNsgTHClG-4q7Nx9c&google_cver=1
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGCT0UCNsgTHClG-4q7Nx9c&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV7q-9KySTtGq6J15E032nd7vl9VaDyWs5viRYF9Q2oZOyPouBSo6kT5c9bgFgk7GDBY8sVWnoiyM10lqd-jE0dX0m_dyJF9CNJMtly5b6g-LMTsNVuRL6-fd7X5y0TFeuJa8tluXf5fO1yz-EJDWOjPZ-bgt1KIB4ClHmtQS2KFRQB3HA
Protocol
H2
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 01:17:23 GMT
pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEGCT0UCNsgTHClG-4q7Nx9c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 440B
23 B
163 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNV7q-9KySTtGq6J15E032nd7vl9VaDyWs5viRYF9Q2oZOyPouBSo6kT5c9bgFgk7GDBY8sVWnoiyM10lqd-jE0dX0m_dyJF9CNJMtly5b6g-LMTsNVuRL6-fd7X5y0TFeuJa8tluXf5fO1yz-EJDWOjPZ-bgt1KIB4ClHmtQS2KFRQB3HA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Thu, 04 Jan 2024 01:17:23 GMT
pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 094C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
43 B
745 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzYLRAhisz5SBAjAB&v=APEucNXJuj45Xd6dKlmq3PHkGaClf2fdL1y_kElUY7zxzeswYzNBTAB_s9LoXI068JDspbqxR1CLUEtheuBwvLUCLV5et1S-PaQ8Rh00bO_tLVnFtaoZVEeugaXt1CZmkNb9PfdKOB4McKYgHnixbDhFAj0s-Vutz60O3RZqCOdMCyWI9sbnGRE
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kxjtkEKngl%2FYZkkQH%2FPA%2BwrCdb3X7THJddC30IqHIRo5%2BsFK7BKfNCOBQODNh%2FvE%2FQj%2BtQFszJqE%2BiclvwAH%2FPcJwLUqJu%2BSo1P2MsS7IRMSq2CUWlDU7e6vZrdbZ0xMoxpsUhtYN%2FPwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ffa4404c111da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 094C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZZYHIhmle2X1MSptbCps8QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
43 B
732 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzYLRAhisz5SBAjAB&v=APEucNXJuj45Xd6dKlmq3PHkGaClf2fdL1y_kElUY7zxzeswYzNBTAB_s9LoXI068JDspbqxR1CLUEtheuBwvLUCLV5et1S-PaQ8Rh00bO_tLVnFtaoZVEeugaXt1CZmkNb9PfdKOB4McKYgHnixbDhFAj0s-Vutz60O3RZqCOdMCyWI9sbnGRE
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B61bYwAAyzUlFoMyt2Ktg4cOIoJxYy36R6uULHjB0y2l%2FrszoFTXbaVwBTtyZ9xz9s2AJQ59oHn%2BKHcgB2kjoe2nQWsipcufbh3xiEq5m57%2FFe4HRc2v2bfhtuxmS%2B1JZ8U5igN9OY0jHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83ffa4406c211da0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAwNplgO2U5t2_CuIYbMlsw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 094C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
43 B
848 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzYLRAhisz5SBAjAB&v=APEucNXJuj45Xd6dKlmq3PHkGaClf2fdL1y_kElUY7zxzeswYzNBTAB_s9LoXI068JDspbqxR1CLUEtheuBwvLUCLV5et1S-PaQ8Rh00bO_tLVnFtaoZVEeugaXt1CZmkNb9PfdKOB4McKYgHnixbDhFAj0s-Vutz60O3RZqCOdMCyWI9sbnGRE
Protocol
H2
Server
37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
an-x-request-uuid
4d06638a-9823-46fb-bc21-a52e330e519a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.142; 178.162.209.142; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEC-6s6EF-BrwQaUSpcdgoM4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 094C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzYLRAhisz5SBAjAB&v=APEucNXJuj45Xd6dKlmq3PHkGaClf2fdL1y_kElUY7zxzeswYzNBTAB_s9LoXI068JDspbqxR1CLUEtheuBwvLUCLV5et1S-PaQ8Rh00bO_tLVnFtaoZVEeugaXt1CZmkNb9PfdKOB4McKYgHnixbDhFAj0s-Vutz60O3RZqCOdMCyWI9sbnGRE
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
an-x-request-uuid
9305c552-af77-40e9-b64d-fc1be8a07b06
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDMyNzAwNjEzNzk3NzMwNzA1OQ%3D%3D
x-proxy-origin
178.162.209.142; 178.162.209.142; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E84C
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
26283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 17:59:20 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C8AD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
expires
Thu, 04 Jan 2024 01:17:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8249
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5151125375095&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8249
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5151125375095&version=m202309260101&ct=76&x=1&cor=12340449346923743000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8249
108 KB
41 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB8qIWHvX3axYUGFURVXX6fqcDo-0w2_PCKdUY6OgMUEasu9BwGrCEL14UGflorGTu0MD3zkRaLGfLDURm69WvnIxuzgPID7dUslU0qfVbuycS4PS0TTflmLMsvpjCkOorXir3v1la5vmN-ALaHy58WY8AvTyH6V-DTaJolIEQYjPy31M&dbm_d=AKAmf-B7jrF1kODOOn2KXtMisW0X_OdZZAZUM9Rm2V-CtkPGUpwyZgOP8Ccz3F4R-LP3mVXO_eZPjp2wSOU34gqY2FNNd98gITQYfbJhAd-7xpkCqoOEudPCzKn0q5uNGrfDPX8mUP5hwtY31f8Qr9FPOy2r5ueQcU5NPQjl3ScRtHaCZP4Dmoywi_frZwFqYI_0muOfbzKm1aE82LxNS3pb2I5VTns5X6H2eDuyOVuLvfFNwwUFaRJVCiR7VwJGuKee_CFuawJclGjgOdoHnXi2WZQMJVFaGzW0sfKS7Y8oxeBRShLK-za8IW5y5LY4-jnN0a8XBdWTh3Io293yZ8IY4ug_VwniNWPqzBmvRMUFL4h4HhkHNq_Ch3roF1DcbaGe8zRX5ZrSO8tWkGono4_UUiUMKbX0O1VNfTPix3CjjXr1-pTv1-nKpOp2Vgr9JmvDgTEVEUYkJ0chdLTbSYqt125ctBnfErQqBMbyLAraIPal9rtV_O_pZboZL2ue3tQNWwk-mEnxVGTY4XWhv2y_JY7UjaBky5ZJFA-R7PJ1B0NmrblAluin9fwUmf09JU1NLggMgk2OBk58S-nriw_cPgj32Bv4TRP63eE5JScd0vLvrf8wkD31HTvVPWZVsah0IwpkHbEnOD2RV44MEmyQAKRtpxHDiofE2BDvDCvT3fz3wq0yf-AUFmfzP35fEob02cv2yV3l6whrGpiuI1sgiHtqhSqDen-pJaqA3YwmhVTX_nEpraeIq3KkzPiYlXGxpk1PLIKyxwMhU6cU8QC9kzFrqNKlDq5DXMfLUFWcgnk1Y3ZnF7F1SFKkrsW9tWT3FNgY5FBKlorstd-Ag9dEuz56X19w2FMz0tfWEGr-RnRarRakTiTdbqogQPv2glHekN1O6C1WDb6mGSEi9GxE1XNchrpObd0dTgTULg-RuUUwLENhIxna_ecIL-kreQDXasaJoG3cEPHcQzl-pnkVESSdeXZm6X9Av1S8HX5GhLPIrbhNcWH7eg0Np5XuJOYwrV9DWaJcH4KF143uDU2m-93CdeBXrZa-B2TGR8hC0ezJUzhflvqSDCDxN6KbHnP2shof_OkREdMqdVpLOzfYtn7DRctF8y1hKGR5tpcDxuzOul2By0BKn6kCbTqJOYJ8b_Wqb5xpLM7pJMW8rd_tNKSQqrHGBKZkVSerw8vtkexzuYG05il3vfFhMAR0wl46u9h6FRd3ggziKrVZ1h-GmUaCgWy2edmtoqW0cOPxecJ_7ACvzcE1DS6IqVEGJacZf3UjxwBSoadyVsveSsVUS61oiSTKC1kkaisgyGMy2ll4QUHDL7bCZXgtL8mTWeIYTjYJSkYGuTnmswoahChrjjK_PMV1XwUla5cnT_e8ajVxoeF4TpRprPKpxeua_Xzldo8oAbgLTFTdm_wx2qqGz-kliBojSv0CaUVggV_rRUsclVTh61p4vLwTFsYObnX8MM5ehU3tEJYgZq36ATKaMmuFkYQ0V7Y3fKhGiip3rkYjAIZpnLsToO4QtUsJKTKbOL_e0wKBGL3rx171JhKjtUmJH488wXitf4l_vlDwGY9mfp74SEkHqMX2-MW4ocVNyXX1Wj5Mjd2cTMv7ec0u9KrSt9s5xm4RtP6MRC9scpo7wpGwlV6JACBcpWu143S-MJIYmpBCp5fAhc5f_t-JzsNIlfnsN44c1w4TtzEQm7FmE-F52icWsyBt1WhMed-N--jblgQZ5KMMZV80RgI4NRTGEdn8XOabLmu6rXvxzH_pWz7FMWHyYxrEfJ57iyYBIHKllBObkJRWxarAE3WvuSP3vb9GYQzbue3Rb4c0qOTcaTAeO6tapdQK7ctSzU-TwmX_z_NmBACbKi431feZHs5ba6BZ4m-aubBoxQhmJGGA4wTLa4rvfkkfntKqh415Do30aCIY4g60lNWPYJU1X9ITwJ7c5QFxsuN7oNh2N-AZ2WW46cKAUfeYYMhRHZL2pmdFIzefyO2Fxwiw3y_8aLJ_bT5u12_WeCBInGjnCofdRf5pdXGIufSRHrfbViSEP7RCTKRGaLqUYOJvdlIzdLj4RaMiw2-yX0ojvcbHB46KyBNcUd8yu-J7aM3GIF83CyzPkyb4CzUGRTQ_wG6AboR7SBK1qtAKr3N_MMcdBdh9tCUj5nSXyEVi_yDZmA6OD5YDMi6S6-K4eITFIQYtySjvQDolKGBtXTMii5DzfYByOGd2HSPZMbB951Trsyu3YlxLrPh7U1oqPqCsqjc0S6lDqLruIgrraSucpkrSffBhfVl9fg1aeD-vi5hp11iiuhnKCukhVVRydtn1iHHrFrHxaTNOu8flUF_ju6OI6YhWFlZiEGEqbm8qULBYrW2lYc3ebzIxLWWR9PPM5g2xlmT174DqN0s8EYHojxX04vBSe17GkH6dOh40wNFKX8nExUs95-9ZIAcmT1H9ek4SAE_6nCPUrkvf0EluVSjDEgTUgoV9kVcfbYnr2Pxz3fvKX04B_xN_bw3j8673KenkaAny_TILYnQyeBiGCZ-X4_MmGzkRK-TkWjHjxiKRkK4LS_Kq6AuxgbT5B5uRk7ONgjig6ctxeC7Dy1tGdOeF8P8NsyscmhB6KyKEyakIIrFNjJjE44Ph2fL_tZffGDJyfqk4kU9PTFOwEO0rGvf5XkV9ymhgs8FF7wMXupp6kJp4F4jts8wlmb2dbOJhchXq0ZBD_gFiEGBeFqM4FJ6Rjw3lyC_SHYLPC8InGhjsdFvmbbTIPMDRYxFsnOx-iNr3RENwISoYar5vdpub15DAOihJt5SFikfD1rN5HoBsns1GGXwlt3dT4-h3OpsjZz6uXmENfZu-1ekvCEw7ahyJAKEEoFeZGcEkAX5Q6n8uh130f6vRTRoO47juU9ULYnj6565LkQ3bi-WPhNWAjSw-r7vsJkIf3WZ32aqKfn_I_UtzIbhc1Mn_imdsLSpSIaHfEI2b8z5NnbDWIGRq8l8WoQDUzyopwKnamP7g7X7K-r92D6ko0v3Yngd4ObJqWA0xgT8aFfSboRw3Pqo2H5gz33S5owekwAqZv5oZhnA7hRDy0qAn9J3uJ8XkWdh0lFTrp4UgPMHQVbmiuv2unyKNPyhGxdNKUpnA2To5m34pxuA7wdQM1bvQ0iU1BRRtk6yxIYlQjjmzmuCk9Pa89-FDFtUpzdCIIL2hiIs614pCLzemnZKuOTt8YnTH95TmxEaQ3zCi-lMbJ1HZ2vDC7F3QuiEjd0AvayUU9DFKevZw--_Jn4vilrzfn_VbOvUiER6sxvAMvw3drsVaBSbrURw1jFPr_kecgB1HCKBHvzSxqGG-iq3G802AFuePsBqV2N98Uu8WdLWphTrEWT3pf2_9lPhnDDV3d1AUAh8kxln22ADMLsu1dRUHXUTjEvWdUfySlnA5QUB9M32QjN4FlVN0f-_OjW4luExwh-m96MQb1etHYEVyHF_sMeKxNDcbjdvrzi9qJs0sl18optQK-inF3yDZxCJAvxDK1hveUzAj2kIP4Q_CK1HniiYGWTh_hlaDLFJ_bhUrk28PftjNZIrd6O9G4RDfSVdCXWD2_nJI5c1bmZnKZM9Um2Tfv7Ke_mdTXjSmWjux_zUSgkE07FaEnoyAXLtGbvTlT3xoyokJIgs0ErBIWxd7jJ3UXaZAskyHl4swm-bqWcyqiEZ4D5i5SaMUP9tiQJ8&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ds=l&xdt=1&iif=1&cor=12340449346923743000&adk=1726166463&idt=137&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50a794e19688427b2289b4ca2870d7c91c014af986a30c39d32127337223efea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42386
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/2389743200794859373/ Frame 3057
721 B
560 B
Document
General
Full URL
https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe63caa587fc71c2846e672b1775c7a3db34840ed7ccd34ab746d270958527b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
423
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:23 GMT
expires
Fri, 03 Jan 2025 01:17:23 GMT
last-modified
Fri, 30 Jun 2023 12:23:05 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame A9D9
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvDcoV5bXEqcuFJnb2Y33DTYVD8VuxyqPXWSMJd8XZ1KymOeVJevOwPJYBt5UtnrZzbFzXSuzyLUeSaJfrJjDxZSDIkie91GecrAhmLGj5CSaacXtJzR3xDDMHLJEejU2t04HW1h07Wq0Utj_NO0tLupt36LljPIHUoI65PsUwKNQA1Ou0xlCjri8XNNNpIKcJcCuER9UQ9Wop_2lQdLzAEFvVczozFrqNOV3kZR3n6xf2wyxB4GODZjCEZ3h5bJ6vugGC83Qdlx_TS4hHkvu0YeK7zBeL-aXV_VG82MgXr0l5qDjyQtBJ2lasH2qilZZWKJBhUM3LIFh2-vvg1XSXzb5v-3jMtQnKgxWidz-sin4HGAIHpWqxWJ8Oqm2N4YJaqnkLkztsFMahfmtc6DuaKFIBJ-JVuVie1IN96_M2XWIDxql9y1m9BjATkBud9wFA6_HiLmsY6_Y0U_7clr90sMGTT6V3jYPJX9nfgdCvmTkkviSCmS-mhDmLTdLKYx-0MqOzaCJcnox0mUHtpiGM3HCK576tt7nwYsTno8O-k0ubFIwuGKPQ0kViOxaluKpdPzHLE0_g_7nghH8jRAZbftUHdDMv1GUA8BVWUv25KZxIKVJD3xxIVNrdbdz8LATb53dF4jvLUZlracOe0uVOivhiT2AoEpNzRlsg2SPUlF7HjlK6B7uqj6P969U4Vs-twjaOk1Iyhyxn-fdaMpBs09fx07l9RsFOjxfLorKOqjEXITaK3gA6cqjPdGm4N_2m7UNr6UCUvgUDYs48LsGhh0Y7muSOmGuOS9SJA4vQXQEKy_AHVQz23WbjK3VWVZzw4MV120YkifZ1f5oJNvBQzIkL3HJAGmK9RbFtZA0evsnD0Qr11-CxvBMxp1Oh45UBBGQzO5m7whCXRI3LGa7y03Nm2JR9_DCwsjdqZpzjkZOd4Z-w07Xpy_27zeqiyaByXGeCUq6spdYQoMX7QWI-k2cP2kg7mp9N5-kENHXPdMCfZTV7IZD_WwKYRZR9pYfUJ7MXUs86MYHjUdCpDcSJvMbVpO1aqQfRqRyGl09Gura9n6y_iBV48TnjSIoktKnFp27T-d0ylH4b3fFejlCERDcSMSbrp0Bg0rFtyjAhSDuOZS1fIXWPcI9PvpYmyzIygqjXvrmBb8Pd7tR6B_vSSGDfs6Uq3E8erJf9rK9rt7Qdt7FXOUDcPpb9clUqCP6nOwCW0sWZIGTMlNjX5577U9STLyVBrpUaYqdGXGpKQPKmsqQ6tVe77cY3_iuHFKk_wrqlTJqx5JYHYdsURwP0w4eb29UZbsdE5JuEUkUNGcPgRGG76ZTGqbkiIGDcTBt9DoCeXbudZpXSm0cHpKuDfZanIOaJt5hRd2EyUEFR_uGWKJMLPIbaKNB_HZyHwmVFMr-V6FObzegEs8BJCaaKLqdui69JfPWwujmOUifkLCjbC1_K3&sai=AMfl-YRtKtOBNGqyR7hlI0t5N_zUYjlC6P3GXTipiPNN_ygABcSj1OrlHt9lAOS8Q0VIIFvn_qdtFRVnUr6sGAecCDLj23cph3JDdj-uCdUU0bXn5sfZxERm3V9UybuZYgkAh0SH9eX4dpOl9ncwn1c4iU-ai8Eqwm8a-FUQ-Hy6AHdCzDJpYXZhgOut5713ijWXZkhnbhz64UgGwA1NMsJI8gQ0alTFXrlrSTd3IuxNJO5KoaIqwy4whoieo88BmPOnPJu1oz6owL_M5XHMfbsYFWuL1Js6SEKNroH2QnVICfgc3LX5NH7g2wZWKC2LeEE_9ZzswaUkzJ5UJkwnTCjUR4762fjVmb9U3IxyKDdY4nxp3k_38qNDd7yf_mk-2DfqTvH-Vbug6TC0coqeNhvihQHZCqA4z5gMlS5QBsIAbC8v5cJyVKHv0q8Qc0WhPnVz6rkR3QPVYSGTO8f1WYqUkH3GCRzqHquIIU5rmCQv5CQc_5ZYUqp0uXo8G2iaZdCAVmyLiAbeCqtt&sig=Cg0ArKJSzBIkniMlY5VDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hdXN0cmlhbi5jb20saHR0cHM6Ly9leGFjdGFnLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=178&cbvp=1&cstd=170&cisv=r20240102.12566&arae=0&ftch=1&adurl=
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame A9D9
43 B
1 KB
Image
General
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=os-mindshare&extProvApi=os_de&extLi=31063252&extCr=153128153&extPm=383389721&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Thu, 04 Jan 2024 01:17:23 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Do, 04 Jan 2024 01:17:24 GMT
X-ET-Code
11
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1841
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC13
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9892209397592&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC13
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9892209397592&version=m202309260101&ct=76&x=1&cor=7517043475684671000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EC13
108 KB
41 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbtgtXxPUaI6Xp4C3COcMQzJltNzKTaR8R-jMqM-akTP8QLiuDA4DmtxBcenrDOAhKGvL05OkwGis39LMeHoJIp5H8PsX3uMioBdqPhgLhtJZhotx3U6vy1Bwbk5zXuheAOZ2au2FXt_1QosOgCsSr_8EPTeNhYYfinkQNXOQOhCt-2hk&dbm_d=AKAmf-AKxAkDH8vnz4HM5ISkOqhikbaN3KQeVFcVjiTkpTVQaovcmOWg92bEzsEoRz2khdkg1iLIbDFBu0Ize9o64KgB4kFuYrmw2t9sVLfUcVBuo-45Xe3I-ihapC9y-aBdsuzN5MsZL-vmTbZivMSI5a5XdaREx1qjh9n1dUt2xjvp49233X6JPYgTkYrtPFZ0mg1CgHTwUhSix1jAKVK4DNHzMgNt7HsXC1KYDqkvAA_cLAW8NI5gjuOo2Pi6NHdkWitB2D5YXsJ9xten5mhlUCGhr0yTJ4MHn-gOUQpPrb4pYKfBOk_F4lJU5ndHihUNkhyc55Uw-hPbiBPuJYdKP93GhpVlRpTGAIEXYrn8NTulMnLZYEkVTKW5-YNYJunIPPKSjb5w-DRKZfKbHIGvb7goKX2jYJitnIZWpqF2ntyFar_4RerqfC18SVpupND_NnihunS849g46XxAvx7sDW2Sohyf5T-BU5pXBJRC_nco1GtfNSiLc2T9KIb1kj8NafQb1_aziQocZnkShUhzj1L6By5ngCufFSRBoQNKDvvY4fAQPvyK_zdFkVcc55Mp80S1QSk6rVgWsiZzYAKzWWve7pzmSugfJ0oksOe8rpdBfALjL-4v7tIkzlWGougcYYo8-ysP65p4Hf7CUlfVa41FWrYCs8MQERwMlTmCYA_XuGREwJooIlsLwap0d8NtzEa95YAe97bAsOsOlY0CbqHBxVS5CxaRiY0HMmyibgXlJze3hXB7Iq3P984t6u1vzd63hddx6PO7x3rxFHF8l4M_ZMB4MFaPJFwlszYnssjAM__p11mVhXCi3R34ueHQroeLQpysZDEVZjHpB2_AUHz_TlmjsIBYrJAbsUtpI8L9bvCKsum6723spFuQdzvyKSiEzajnIPzX7xoMvVOT3tuzzbM-AgHT8ghrVy37jXCgXnzo8sTDBQVuEYXDdZhHPTLaeietPMwAPnTkgrqNyhLBPmJ6oZIUQGAqpkQZlvP24IC0IMywllZzoJfIAXHdPb-dI6bCaUDWNdNKxW3fd4_C7gu0orFpvKnolJcPOl3YAggeksyLZDQwNT_iIZGX5oM6V0Z9JjfQl_T20QTVwpNHZr9ObnJaX5x1syuVTZngvBugUrBIpqYWcCNtNPNNVScK3xIEEeI0aIKKL-3hEJyRGrwh8v1_wZTbUUo-LlsAQ7ZsGDh5dS4owo9HxRR7hRk6HJxJDQrtQSXZp0IVQxjTucGsIybLMh88R_H8gBZ6rZFTVs_JMSLRfIqi45c6hmRWDwVciOMfF704abjFv_-qizzfGa3caDYj14iez_e8UiVW06Bhiiyr_QEmADHD1n_AFkTnGrVYgQAgMyAgVA9ha91sEI6kkaNZWVJ6TGFIb4ONsX1TFcChys4jl89rthpVpj9lfdnN4bhpg6fMSbhHJnMW5v8zY__1k_yRB3oIwhVPQxUsgv8GdRmSM9dczBksTVHYA92WdBciWsPqgyK3CQawckH1GKBgYsktnpiLrRVvOyt503Kp5pNMH3iVMwB6AapPo1xWE7ZboIUqiqW2Mi2vBsQBgGCP7laaBOPqkdXG2eEHQvV8xfHZtNcyDrIia1LHBsmvbkP3Q0qdJQNZXJ2Ut8GSHZWDQy5IfDcpnMa7iZDmeDVO8vqWwUjaBgYj3B4qvTPFaQK-w197zcUn8vDxRTb98ZXQFplwffJnU8Su4Mr-QEzbCBs1tnC32zlJ8kSj0yk0RredlxEET28l26LUxL_X7iuygHGCyc3stFIWNqcaaXTwKm2mgFw6E1-VzIQOwA3lgEgoM_lu1iKrndTdp4H-uK6Kgb6ggRZVCgvnKHYnPKdxRqtBFFEWQ_y0vj2SyPhOTC_a2egVx7lPTjAHwKHQq9QmtzT4I1nL8HK3SqIZizDKiIdglKbo68eYYcvMe5r2w6aQweAgHUknRrbtIyyeIzjx6YqIycDD4Hl5MLvzk2-jLhzVZ1HLfaBngIywZJhveJZ6t9nNxuffeAUnw85LoCx-HS3aybgLBw0xn3CjXYjEeixw0AzH15Ylva27YBvj3jw6F317DZQVCbrm51kUPfihuwDoPhvXrwmisbgUibSj0YnegLfmX0C7g_4gDTuu79FHcNbXS7tNEPmj_1RYLJi4sMe253wqm6YiMo_JiXD0565UGB1Sz0qXBXUdO12GvylgVeX0KMWnJVFgFrDS83wTJZQb4g-m0kVmeT5ciWZ3aktqeZvlm6Wx8qaL-VvvESsohG9gqs_fz_xdwgmUpbh7k6CyDPmbxsZSp9Xvc1m-18t_R7J_bdFaMT4M-s6oO18da7yXsHLGgTOjQNo4zawvfGZvGz0_ZKm6wnAdPRdrPORUQehzM_YzL8Nlfl1EGtY-M5x2Wy9ltADFtwExHd4u8MkaRGmZhEEKVyvI0DNRMeVsCEVryEwC6oCr_gtJqbC-CyDTt3bMcZ18rsjVVgGQ73srb2Hx9gHO9qT7wVj_eSWj28KwpFLSh3oO6le0kb2Bepj-OBuIbM0xxAAmmOIXflsD_5SLu11NZVOLDZkGcNQ1VjU8nGCFuohw8dE-hlifEkO_Cz9uGsF6NcfGeyb2J6QoqgVAtpmT4_YJlyAZ1g2DZyCMmkt70eAuKeCS_BO-5U-XlFBkguUP_eQAJ8DF0Hta_lRs4YO0w1ER5l_1pM173C9A1kvuon-PDoyHAhN4MwERFbbkQWwe91tHNpviAUYPEFq8FeJ7Qtn4y5qSZOEBFoaLs3UVhkfaAVjb5itSb9YdDAbnYaIAmJ0VLjdxZEg7z79PPrOwTtk6Rz4REwy5qzwo2MFijZKoHxMsuqlh1u62is6EMqa0zbdVQGQ0dM4co0f9ZE_NUrr5oV4nqXXvZRHftndZf9vIrJRh3zyTn6jyKt806_G6moa8C0kEZr6CwW65I20kodluf3X9tSHgOrMJL3ZFJsHhChw876sggixL5O6Tmn9f1a0yT0yEnR8F0e6RAatQSS3wo243ONzu0CIH3ccoByNCBTcmEDnZ4SOpgZsMsOpjtNT2nNAZpeoTp-2Xj0cXvxYqyvA8eAXbej5Ud_31n9SHcwV1710eTlsJy_k-Fwmc3OZSieBiL0YM0N-d_8XeCt-AkHV20PEdHR8sS1kuwm3PJnaMNfNlOTuL-2OthJuSQrH-QOhMXCE1emadVZcrWaIgjHIkgdTVpbpn3H_Lup2BL7NhdQplpVP6BVIRvUfhQ4o4cKuaow5PpQ8yogJKLm6w6l2kDK8tcS_4yZmabxQ23_cnTOO6rpMAk2I18UCvdg_RRWlvauf3jIM_WJLUTXH29Y4huLOouSHVi8vouek1wngb9obKRBeoY49m7Bkl0WVuuYUrdbowsAu4thHr2S8kOwY-bnpvRqh09wSJK440qiA7gu89BWCXvlLJvVOjK3eTbUjjQHye2mWndeuviT69qDe5aRlRpJM3hpAZKZFjTZFZ6JF_T-vYnDAwI1nz2pcgjNWPY239qOq8FzPBxfXcRL0Y-wAq-NtzvWd-rrE15CivOCgsUbfurbbsw3jyM7xIYPB2slRYY7c-4azbHrZ5o_XePQ8MQZ0aPlJ_7Uz4O1r_p9LHSyfLqMlI21zeMge9yKUuuT0w9dMxZ6pG4sa8qbYBSeD-A-l6XfqIABaOwFBISorZLnPACirSPa6CrDU7gQFiUwrcMlJ7lLoJreU&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ds=l&xdt=1&iif=1&cor=7517043475684671000&adk=521587873&idt=173&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6126ef2cdd66774958abdfe8708579080f72cb81945d9921e8b6d33982bda4ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 3057
120 KB
41 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 12:23:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 12:23:29 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3057
63 KB
25 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:17:23 GMT
DE.js
s0.2mdn.net/creatives/assets/4401560/ Frame 3057
107 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/4401560/DE.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aab2b74d4804b8d07173520f11c28b12d655f68858a403089a57369581f89c5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39863
x-xss-protection
0
last-modified
Fri, 03 Nov 2023 07:36:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:29 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame 8249
256 KB
77 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4105316393188386&ias_chanId=1&ias_placementId=20338656462&bidurl=http://www.mop-veins.tauri-veins.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hofEKQzUnv7WuFGHie-qAC
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.64.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3cd44072c63c53f2a2ae516b3c41b9b9dff031e2f67b1f91955d2967be41b687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 8249
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 07:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64874
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 07:16:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame 8249
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB8qIWHvX3axYUGFURVXX6fqcDo-0w2_PCKdUY6OgMUEasu9BwGrCEL14UGflorGTu0MD3zkRaLGfLDURm69WvnIxuzgPID7dUslU0qfVbuycS4PS0TTflmLMsvpjCkOorXir3v1la5vmN-ALaHy58WY8AvTyH6V-DTaJolIEQYjPy31M&dbm_d=AKAmf-B7jrF1kODOOn2KXtMisW0X_OdZZAZUM9Rm2V-CtkPGUpwyZgOP8Ccz3F4R-LP3mVXO_eZPjp2wSOU34gqY2FNNd98gITQYfbJhAd-7xpkCqoOEudPCzKn0q5uNGrfDPX8mUP5hwtY31f8Qr9FPOy2r5ueQcU5NPQjl3ScRtHaCZP4Dmoywi_frZwFqYI_0muOfbzKm1aE82LxNS3pb2I5VTns5X6H2eDuyOVuLvfFNwwUFaRJVCiR7VwJGuKee_CFuawJclGjgOdoHnXi2WZQMJVFaGzW0sfKS7Y8oxeBRShLK-za8IW5y5LY4-jnN0a8XBdWTh3Io293yZ8IY4ug_VwniNWPqzBmvRMUFL4h4HhkHNq_Ch3roF1DcbaGe8zRX5ZrSO8tWkGono4_UUiUMKbX0O1VNfTPix3CjjXr1-pTv1-nKpOp2Vgr9JmvDgTEVEUYkJ0chdLTbSYqt125ctBnfErQqBMbyLAraIPal9rtV_O_pZboZL2ue3tQNWwk-mEnxVGTY4XWhv2y_JY7UjaBky5ZJFA-R7PJ1B0NmrblAluin9fwUmf09JU1NLggMgk2OBk58S-nriw_cPgj32Bv4TRP63eE5JScd0vLvrf8wkD31HTvVPWZVsah0IwpkHbEnOD2RV44MEmyQAKRtpxHDiofE2BDvDCvT3fz3wq0yf-AUFmfzP35fEob02cv2yV3l6whrGpiuI1sgiHtqhSqDen-pJaqA3YwmhVTX_nEpraeIq3KkzPiYlXGxpk1PLIKyxwMhU6cU8QC9kzFrqNKlDq5DXMfLUFWcgnk1Y3ZnF7F1SFKkrsW9tWT3FNgY5FBKlorstd-Ag9dEuz56X19w2FMz0tfWEGr-RnRarRakTiTdbqogQPv2glHekN1O6C1WDb6mGSEi9GxE1XNchrpObd0dTgTULg-RuUUwLENhIxna_ecIL-kreQDXasaJoG3cEPHcQzl-pnkVESSdeXZm6X9Av1S8HX5GhLPIrbhNcWH7eg0Np5XuJOYwrV9DWaJcH4KF143uDU2m-93CdeBXrZa-B2TGR8hC0ezJUzhflvqSDCDxN6KbHnP2shof_OkREdMqdVpLOzfYtn7DRctF8y1hKGR5tpcDxuzOul2By0BKn6kCbTqJOYJ8b_Wqb5xpLM7pJMW8rd_tNKSQqrHGBKZkVSerw8vtkexzuYG05il3vfFhMAR0wl46u9h6FRd3ggziKrVZ1h-GmUaCgWy2edmtoqW0cOPxecJ_7ACvzcE1DS6IqVEGJacZf3UjxwBSoadyVsveSsVUS61oiSTKC1kkaisgyGMy2ll4QUHDL7bCZXgtL8mTWeIYTjYJSkYGuTnmswoahChrjjK_PMV1XwUla5cnT_e8ajVxoeF4TpRprPKpxeua_Xzldo8oAbgLTFTdm_wx2qqGz-kliBojSv0CaUVggV_rRUsclVTh61p4vLwTFsYObnX8MM5ehU3tEJYgZq36ATKaMmuFkYQ0V7Y3fKhGiip3rkYjAIZpnLsToO4QtUsJKTKbOL_e0wKBGL3rx171JhKjtUmJH488wXitf4l_vlDwGY9mfp74SEkHqMX2-MW4ocVNyXX1Wj5Mjd2cTMv7ec0u9KrSt9s5xm4RtP6MRC9scpo7wpGwlV6JACBcpWu143S-MJIYmpBCp5fAhc5f_t-JzsNIlfnsN44c1w4TtzEQm7FmE-F52icWsyBt1WhMed-N--jblgQZ5KMMZV80RgI4NRTGEdn8XOabLmu6rXvxzH_pWz7FMWHyYxrEfJ57iyYBIHKllBObkJRWxarAE3WvuSP3vb9GYQzbue3Rb4c0qOTcaTAeO6tapdQK7ctSzU-TwmX_z_NmBACbKi431feZHs5ba6BZ4m-aubBoxQhmJGGA4wTLa4rvfkkfntKqh415Do30aCIY4g60lNWPYJU1X9ITwJ7c5QFxsuN7oNh2N-AZ2WW46cKAUfeYYMhRHZL2pmdFIzefyO2Fxwiw3y_8aLJ_bT5u12_WeCBInGjnCofdRf5pdXGIufSRHrfbViSEP7RCTKRGaLqUYOJvdlIzdLj4RaMiw2-yX0ojvcbHB46KyBNcUd8yu-J7aM3GIF83CyzPkyb4CzUGRTQ_wG6AboR7SBK1qtAKr3N_MMcdBdh9tCUj5nSXyEVi_yDZmA6OD5YDMi6S6-K4eITFIQYtySjvQDolKGBtXTMii5DzfYByOGd2HSPZMbB951Trsyu3YlxLrPh7U1oqPqCsqjc0S6lDqLruIgrraSucpkrSffBhfVl9fg1aeD-vi5hp11iiuhnKCukhVVRydtn1iHHrFrHxaTNOu8flUF_ju6OI6YhWFlZiEGEqbm8qULBYrW2lYc3ebzIxLWWR9PPM5g2xlmT174DqN0s8EYHojxX04vBSe17GkH6dOh40wNFKX8nExUs95-9ZIAcmT1H9ek4SAE_6nCPUrkvf0EluVSjDEgTUgoV9kVcfbYnr2Pxz3fvKX04B_xN_bw3j8673KenkaAny_TILYnQyeBiGCZ-X4_MmGzkRK-TkWjHjxiKRkK4LS_Kq6AuxgbT5B5uRk7ONgjig6ctxeC7Dy1tGdOeF8P8NsyscmhB6KyKEyakIIrFNjJjE44Ph2fL_tZffGDJyfqk4kU9PTFOwEO0rGvf5XkV9ymhgs8FF7wMXupp6kJp4F4jts8wlmb2dbOJhchXq0ZBD_gFiEGBeFqM4FJ6Rjw3lyC_SHYLPC8InGhjsdFvmbbTIPMDRYxFsnOx-iNr3RENwISoYar5vdpub15DAOihJt5SFikfD1rN5HoBsns1GGXwlt3dT4-h3OpsjZz6uXmENfZu-1ekvCEw7ahyJAKEEoFeZGcEkAX5Q6n8uh130f6vRTRoO47juU9ULYnj6565LkQ3bi-WPhNWAjSw-r7vsJkIf3WZ32aqKfn_I_UtzIbhc1Mn_imdsLSpSIaHfEI2b8z5NnbDWIGRq8l8WoQDUzyopwKnamP7g7X7K-r92D6ko0v3Yngd4ObJqWA0xgT8aFfSboRw3Pqo2H5gz33S5owekwAqZv5oZhnA7hRDy0qAn9J3uJ8XkWdh0lFTrp4UgPMHQVbmiuv2unyKNPyhGxdNKUpnA2To5m34pxuA7wdQM1bvQ0iU1BRRtk6yxIYlQjjmzmuCk9Pa89-FDFtUpzdCIIL2hiIs614pCLzemnZKuOTt8YnTH95TmxEaQ3zCi-lMbJ1HZ2vDC7F3QuiEjd0AvayUU9DFKevZw--_Jn4vilrzfn_VbOvUiER6sxvAMvw3drsVaBSbrURw1jFPr_kecgB1HCKBHvzSxqGG-iq3G802AFuePsBqV2N98Uu8WdLWphTrEWT3pf2_9lPhnDDV3d1AUAh8kxln22ADMLsu1dRUHXUTjEvWdUfySlnA5QUB9M32QjN4FlVN0f-_OjW4luExwh-m96MQb1etHYEVyHF_sMeKxNDcbjdvrzi9qJs0sl18optQK-inF3yDZxCJAvxDK1hveUzAj2kIP4Q_CK1HniiYGWTh_hlaDLFJ_bhUrk28PftjNZIrd6O9G4RDfSVdCXWD2_nJI5c1bmZnKZM9Um2Tfv7Ke_mdTXjSmWjux_zUSgkE07FaEnoyAXLtGbvTlT3xoyokJIgs0ErBIWxd7jJ3UXaZAskyHl4swm-bqWcyqiEZ4D5i5SaMUP9tiQJ8&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ds=l&xdt=1&iif=1&cor=12340449346923743000&adk=1726166463&idt=137&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
20264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:39:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame 8249
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB8qIWHvX3axYUGFURVXX6fqcDo-0w2_PCKdUY6OgMUEasu9BwGrCEL14UGflorGTu0MD3zkRaLGfLDURm69WvnIxuzgPID7dUslU0qfVbuycS4PS0TTflmLMsvpjCkOorXir3v1la5vmN-ALaHy58WY8AvTyH6V-DTaJolIEQYjPy31M&dbm_d=AKAmf-B7jrF1kODOOn2KXtMisW0X_OdZZAZUM9Rm2V-CtkPGUpwyZgOP8Ccz3F4R-LP3mVXO_eZPjp2wSOU34gqY2FNNd98gITQYfbJhAd-7xpkCqoOEudPCzKn0q5uNGrfDPX8mUP5hwtY31f8Qr9FPOy2r5ueQcU5NPQjl3ScRtHaCZP4Dmoywi_frZwFqYI_0muOfbzKm1aE82LxNS3pb2I5VTns5X6H2eDuyOVuLvfFNwwUFaRJVCiR7VwJGuKee_CFuawJclGjgOdoHnXi2WZQMJVFaGzW0sfKS7Y8oxeBRShLK-za8IW5y5LY4-jnN0a8XBdWTh3Io293yZ8IY4ug_VwniNWPqzBmvRMUFL4h4HhkHNq_Ch3roF1DcbaGe8zRX5ZrSO8tWkGono4_UUiUMKbX0O1VNfTPix3CjjXr1-pTv1-nKpOp2Vgr9JmvDgTEVEUYkJ0chdLTbSYqt125ctBnfErQqBMbyLAraIPal9rtV_O_pZboZL2ue3tQNWwk-mEnxVGTY4XWhv2y_JY7UjaBky5ZJFA-R7PJ1B0NmrblAluin9fwUmf09JU1NLggMgk2OBk58S-nriw_cPgj32Bv4TRP63eE5JScd0vLvrf8wkD31HTvVPWZVsah0IwpkHbEnOD2RV44MEmyQAKRtpxHDiofE2BDvDCvT3fz3wq0yf-AUFmfzP35fEob02cv2yV3l6whrGpiuI1sgiHtqhSqDen-pJaqA3YwmhVTX_nEpraeIq3KkzPiYlXGxpk1PLIKyxwMhU6cU8QC9kzFrqNKlDq5DXMfLUFWcgnk1Y3ZnF7F1SFKkrsW9tWT3FNgY5FBKlorstd-Ag9dEuz56X19w2FMz0tfWEGr-RnRarRakTiTdbqogQPv2glHekN1O6C1WDb6mGSEi9GxE1XNchrpObd0dTgTULg-RuUUwLENhIxna_ecIL-kreQDXasaJoG3cEPHcQzl-pnkVESSdeXZm6X9Av1S8HX5GhLPIrbhNcWH7eg0Np5XuJOYwrV9DWaJcH4KF143uDU2m-93CdeBXrZa-B2TGR8hC0ezJUzhflvqSDCDxN6KbHnP2shof_OkREdMqdVpLOzfYtn7DRctF8y1hKGR5tpcDxuzOul2By0BKn6kCbTqJOYJ8b_Wqb5xpLM7pJMW8rd_tNKSQqrHGBKZkVSerw8vtkexzuYG05il3vfFhMAR0wl46u9h6FRd3ggziKrVZ1h-GmUaCgWy2edmtoqW0cOPxecJ_7ACvzcE1DS6IqVEGJacZf3UjxwBSoadyVsveSsVUS61oiSTKC1kkaisgyGMy2ll4QUHDL7bCZXgtL8mTWeIYTjYJSkYGuTnmswoahChrjjK_PMV1XwUla5cnT_e8ajVxoeF4TpRprPKpxeua_Xzldo8oAbgLTFTdm_wx2qqGz-kliBojSv0CaUVggV_rRUsclVTh61p4vLwTFsYObnX8MM5ehU3tEJYgZq36ATKaMmuFkYQ0V7Y3fKhGiip3rkYjAIZpnLsToO4QtUsJKTKbOL_e0wKBGL3rx171JhKjtUmJH488wXitf4l_vlDwGY9mfp74SEkHqMX2-MW4ocVNyXX1Wj5Mjd2cTMv7ec0u9KrSt9s5xm4RtP6MRC9scpo7wpGwlV6JACBcpWu143S-MJIYmpBCp5fAhc5f_t-JzsNIlfnsN44c1w4TtzEQm7FmE-F52icWsyBt1WhMed-N--jblgQZ5KMMZV80RgI4NRTGEdn8XOabLmu6rXvxzH_pWz7FMWHyYxrEfJ57iyYBIHKllBObkJRWxarAE3WvuSP3vb9GYQzbue3Rb4c0qOTcaTAeO6tapdQK7ctSzU-TwmX_z_NmBACbKi431feZHs5ba6BZ4m-aubBoxQhmJGGA4wTLa4rvfkkfntKqh415Do30aCIY4g60lNWPYJU1X9ITwJ7c5QFxsuN7oNh2N-AZ2WW46cKAUfeYYMhRHZL2pmdFIzefyO2Fxwiw3y_8aLJ_bT5u12_WeCBInGjnCofdRf5pdXGIufSRHrfbViSEP7RCTKRGaLqUYOJvdlIzdLj4RaMiw2-yX0ojvcbHB46KyBNcUd8yu-J7aM3GIF83CyzPkyb4CzUGRTQ_wG6AboR7SBK1qtAKr3N_MMcdBdh9tCUj5nSXyEVi_yDZmA6OD5YDMi6S6-K4eITFIQYtySjvQDolKGBtXTMii5DzfYByOGd2HSPZMbB951Trsyu3YlxLrPh7U1oqPqCsqjc0S6lDqLruIgrraSucpkrSffBhfVl9fg1aeD-vi5hp11iiuhnKCukhVVRydtn1iHHrFrHxaTNOu8flUF_ju6OI6YhWFlZiEGEqbm8qULBYrW2lYc3ebzIxLWWR9PPM5g2xlmT174DqN0s8EYHojxX04vBSe17GkH6dOh40wNFKX8nExUs95-9ZIAcmT1H9ek4SAE_6nCPUrkvf0EluVSjDEgTUgoV9kVcfbYnr2Pxz3fvKX04B_xN_bw3j8673KenkaAny_TILYnQyeBiGCZ-X4_MmGzkRK-TkWjHjxiKRkK4LS_Kq6AuxgbT5B5uRk7ONgjig6ctxeC7Dy1tGdOeF8P8NsyscmhB6KyKEyakIIrFNjJjE44Ph2fL_tZffGDJyfqk4kU9PTFOwEO0rGvf5XkV9ymhgs8FF7wMXupp6kJp4F4jts8wlmb2dbOJhchXq0ZBD_gFiEGBeFqM4FJ6Rjw3lyC_SHYLPC8InGhjsdFvmbbTIPMDRYxFsnOx-iNr3RENwISoYar5vdpub15DAOihJt5SFikfD1rN5HoBsns1GGXwlt3dT4-h3OpsjZz6uXmENfZu-1ekvCEw7ahyJAKEEoFeZGcEkAX5Q6n8uh130f6vRTRoO47juU9ULYnj6565LkQ3bi-WPhNWAjSw-r7vsJkIf3WZ32aqKfn_I_UtzIbhc1Mn_imdsLSpSIaHfEI2b8z5NnbDWIGRq8l8WoQDUzyopwKnamP7g7X7K-r92D6ko0v3Yngd4ObJqWA0xgT8aFfSboRw3Pqo2H5gz33S5owekwAqZv5oZhnA7hRDy0qAn9J3uJ8XkWdh0lFTrp4UgPMHQVbmiuv2unyKNPyhGxdNKUpnA2To5m34pxuA7wdQM1bvQ0iU1BRRtk6yxIYlQjjmzmuCk9Pa89-FDFtUpzdCIIL2hiIs614pCLzemnZKuOTt8YnTH95TmxEaQ3zCi-lMbJ1HZ2vDC7F3QuiEjd0AvayUU9DFKevZw--_Jn4vilrzfn_VbOvUiER6sxvAMvw3drsVaBSbrURw1jFPr_kecgB1HCKBHvzSxqGG-iq3G802AFuePsBqV2N98Uu8WdLWphTrEWT3pf2_9lPhnDDV3d1AUAh8kxln22ADMLsu1dRUHXUTjEvWdUfySlnA5QUB9M32QjN4FlVN0f-_OjW4luExwh-m96MQb1etHYEVyHF_sMeKxNDcbjdvrzi9qJs0sl18optQK-inF3yDZxCJAvxDK1hveUzAj2kIP4Q_CK1HniiYGWTh_hlaDLFJ_bhUrk28PftjNZIrd6O9G4RDfSVdCXWD2_nJI5c1bmZnKZM9Um2Tfv7Ke_mdTXjSmWjux_zUSgkE07FaEnoyAXLtGbvTlT3xoyokJIgs0ErBIWxd7jJ3UXaZAskyHl4swm-bqWcyqiEZ4D5i5SaMUP9tiQJ8&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ds=l&xdt=1&iif=1&cor=12340449346923743000&adk=1726166463&idt=137&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10165
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:27:58 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8249
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
457935
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 18:05:08 GMT
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 361B
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 12:51:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
217578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19864
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 12:51:06 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 8606
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
142326
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:45:18 GMT
expires
Wed, 01 Jan 2025 09:45:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/6171197435532655443/ Frame A607
143 KB
23 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b8b4d537d6eb7f042cd3891aa30a880b50e46f162b577b4a68468cb2f496190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
38408
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23301
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 14:37:16 GMT
expires
Thu, 02 Jan 2025 14:37:16 GMT
last-modified
Tue, 29 Nov 2022 11:17:53 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8249
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuw6cnvkPwOd9J0JjKySxTjKc_pPD-qsTF-1odxiz9mI1O9sBeqinXtfBWCDLasxpIWOohJAAgWYRWjb4jYwLAAl6l-91AfCxo8WKWrcBIM92LR5V-iP9O--KXZGYZibeuIhWSHTDOAdY6--cKHkfXwbsWJQYAXryaZJY4cRoVCak6E03iv8et9LDAl6i3DERL8G51Gq0-tez9RUfLlYx0XdjEUSNWUqIsxCZMH77rIiqhfBJLbqctaHFKC2lMrrvbV06gEDCIgwsgoOOMoAtWUJbwjvxXu3CsMrWQnkx5g8pSxm1ZzD4_JFYC4DEEHHUAK8FVTxY1GsNO4rSK34XvueSx50w741dNt1zumhOkNHHkIaPUe_w_kNfI9vsbd81EYbVoC10G5z-yMiGskutGdVLfdY9b89orkzxwhLP8T1fxIA2kgeZ65g9Kx7MTKm7PsW2WqJZrMqAwF2MGIlSiR_SeIH5hDvFGeF154t8b80nXsDZZf-BF4_SsL4q0Uj9tGDEp7oEjSTJQetw5JjZSazzF5zFoxc0gNlMZxjw7NBejhvUrS4tieS8kdSQkAMNILVmP7oJiTJ_nMIAVzqYYScG90I2_PP4eT0xICXZnvP8qd2KZx3GRMylSHmhn_cwz2zEG0Qx4skKm_mlTj8cuFpTBBVebXePzoP0yX6EpUz-JRHdddNLUEEtWgtB6ZCayDL3a-1vwxSjFPgACNDllL4yovDVA8HhUhuS1nlrb40N7n-iXblLwbybm41r0lMsVRhrFyEQRBScb0ZlgX1e2qgo6FJrhT8i3sE3eK1QTwpLA6sqA5C7pTSn21B5rIK1W5v2PX9xVV0QfDGcCI6aNwRHMgeBBeDKl__SZbhrQZq0ZuRZW5OqcuvFVMV_CiVSgoDNveT3Zr4c_-TTx1QE-ytIuysM9phdvg4oMTA2Cg28-uopSAhiqbDBO-nV7Hl8LNE7U6TQ-sbmYo413znraTyXfC9us3u7aGYh39b5A8G6ohvsLK8hF2vN4z3C1w84lgTxpRBfsL_P9h0DTCmTOWeVUA1WG68jTzUrX_hH5kt9O_kD9KJLi31hsuY8aDKZ-8bENmeG2JrAy8s8wEokTqi-Ams0oHzdsHLUavL5qqnRZp2WVH8G102Sih7xbFsc18OYnLjEDV-DiT8cfaJWeHkLa4PbHgPE984EZsMhOhIOKr08_m_8tEPwfaZVj9EfyMCo1QmpXVqz1PrD-uNv3nS-xhHsH9XqFPIePIVVNZq_G9ViHvuOAhVtNwj3p6319sJ3KiOe_cqdU1hlN7LsxeC5jvg6CagTZ2oZB2G44cqFU-IONuX3Nw-UH9VewQ1SMuV56lNINQ-9GQ_osd-AfCvfAWBBGSxO1xt2gdH8w1HHBgsQyWqeidxYWvCXO1kj_D0-L0SsoaSS1x2ZOz5KFT40Jb1fk7tqDTIvYnXg-G2qim9o&sai=AMfl-YSg9J3S6MBn3eziBX2Y_Wi-8XCmr0tHdR4vw_cGhvDVNUJ95eIFX7guV53l2eOwrs5_R8IRYyWLozXp8pcikj-SI2OxM_wEtaMF-b4iDWyf9T5Zdc-Gk14MJ24ic5lLjMUrB-BY6jLaUrwt1LXB1-mnCO-S6NTYeh3S2I5ddXvUUxKTUB5Ld4OMxrDhkiBxPmewUTA-spVJWKgbKpY0hma6OOdWknyjeVdCH-qnxEah03I5nwIcy4_1CBxsIlchiAv1POuNmzRNOcHuZco2-bwcrSogofJKTeFuZCqxxKqGfW3agzBXSjaTabJebwQFKA&sig=Cg0ArKJSzG3_f2JmJRANEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=62&cbvp=1&cstd=61&cisv=r20240102.47444&arae=0&ftch=1&adurl=
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E84C
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8SscIgeWZf_WJrjM1PIPi4Gn6AYAAAAAOAHgBAI&bg=!3t2l3ZLNAAY3kmNgF5I7ADQBe5WfOG013q2fpKitPdgSEe48rZILu49sskPk9eA8XbwAlkE0QyTQeBn1_6ePvlAhE_P4AgAAAHpSAAAAAWgBB5kDDBn3UzM5Nj8AADnelsdej_IdN_4YpkLFesHhUQcZOA4sB7aIZxotH0kVZlCTH0iTzbH98pi4icOJImk4Xp6eOk-Nw0wBL9DXno8ZTaIprYg30nSWSwzWSY77GKmM0ox4V0ekxDRhaJp8b0Rdf8RReqOkGj4Z7Pf1Zp1hWShnTfzWOjTrEns1shnOT0nQK9dm30k3MFsUDliBvJTD5wu-zJiJMlIrPezg2QgnMdjAoFLGNXVLlxVxpyXSfxLCCxh0292-Zj-UKg9E0iictqj0PKb_QsUkSE_JrH6t7aYAuHSZ_Zc46fG-eWiBdHa0S_eg6Nq9gswLL6Im_VCchkhL6d16EzHhUcH4nAaO75En7K11KCjAyjehRDEBP9tuwWK7w7CB7r6jD9eUBCnJETsYbIkzXOsvq3GsHQDE8H2mm28wFzPc3gIgFdEF-WhJWOUA5W0gd9-d5N4oNfXx6-DDTsDxx6ZT_SkbeSGa0ETGKsF4HNCtTF-05DGwVBm0O13NLc0_qYlDDIEAK31ht3pvcfhervMKiRXoqiLTIbJtq21bMjkGrI7gTUjV2uO7v-spMq6VjvBTHGCSx7-2yO8jwH14Pcvcts0KLEGcQxmOpzTG2TE9CCfqSUB9bq0gROUrBj5hAQZgJXKLtt6qG1i8GSOTmVwDDrygeyaPTK095Lgm7cYu9dI5cCVn3df1kdDktOkDhB36LWZn7hJsN1P0fKLfGHglLz952Ssp4NpXqtQImybfTFrgv5K73AOestDKceiDD_y0wbnfslsjl8CH8QVrUHECF_UaQN0QRHjrBhZfTdZl2acORtpGV-I9gnN2nKVrwFTn07vvG77bZH_CI4gxVUQ_8MOma8erUTH3cIs3YolZapw13TYL3wyrE7zWxLrnued8f_t2-COeesOwRv2kpYaQvc0VzGliBMyg0l1y--c-oyzyChUgIQ6w6GOsPiFgqOYuBfZ2rj5Psg32ylJAt6867uCvYSfu8uQ5J08NQLaMAPTl1rQvodWj4ABZ3AiqhggfoAYMu9tG5w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame EC13
256 KB
77 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4105316393188386&ias_chanId=1&ias_placementId=20338656462&bidurl=http://www.mop-veins.tauri-veins.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jxTCDLMAbW4hX8Vy98hyzY
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.64.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-64-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b66375832d3ecc4973b5e0fd39f7bf7354edc56e7a0605cdb2bfea8cda1892ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame EC13
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 07:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 07:16:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/ Frame EC13
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbtgtXxPUaI6Xp4C3COcMQzJltNzKTaR8R-jMqM-akTP8QLiuDA4DmtxBcenrDOAhKGvL05OkwGis39LMeHoJIp5H8PsX3uMioBdqPhgLhtJZhotx3U6vy1Bwbk5zXuheAOZ2au2FXt_1QosOgCsSr_8EPTeNhYYfinkQNXOQOhCt-2hk&dbm_d=AKAmf-AKxAkDH8vnz4HM5ISkOqhikbaN3KQeVFcVjiTkpTVQaovcmOWg92bEzsEoRz2khdkg1iLIbDFBu0Ize9o64KgB4kFuYrmw2t9sVLfUcVBuo-45Xe3I-ihapC9y-aBdsuzN5MsZL-vmTbZivMSI5a5XdaREx1qjh9n1dUt2xjvp49233X6JPYgTkYrtPFZ0mg1CgHTwUhSix1jAKVK4DNHzMgNt7HsXC1KYDqkvAA_cLAW8NI5gjuOo2Pi6NHdkWitB2D5YXsJ9xten5mhlUCGhr0yTJ4MHn-gOUQpPrb4pYKfBOk_F4lJU5ndHihUNkhyc55Uw-hPbiBPuJYdKP93GhpVlRpTGAIEXYrn8NTulMnLZYEkVTKW5-YNYJunIPPKSjb5w-DRKZfKbHIGvb7goKX2jYJitnIZWpqF2ntyFar_4RerqfC18SVpupND_NnihunS849g46XxAvx7sDW2Sohyf5T-BU5pXBJRC_nco1GtfNSiLc2T9KIb1kj8NafQb1_aziQocZnkShUhzj1L6By5ngCufFSRBoQNKDvvY4fAQPvyK_zdFkVcc55Mp80S1QSk6rVgWsiZzYAKzWWve7pzmSugfJ0oksOe8rpdBfALjL-4v7tIkzlWGougcYYo8-ysP65p4Hf7CUlfVa41FWrYCs8MQERwMlTmCYA_XuGREwJooIlsLwap0d8NtzEa95YAe97bAsOsOlY0CbqHBxVS5CxaRiY0HMmyibgXlJze3hXB7Iq3P984t6u1vzd63hddx6PO7x3rxFHF8l4M_ZMB4MFaPJFwlszYnssjAM__p11mVhXCi3R34ueHQroeLQpysZDEVZjHpB2_AUHz_TlmjsIBYrJAbsUtpI8L9bvCKsum6723spFuQdzvyKSiEzajnIPzX7xoMvVOT3tuzzbM-AgHT8ghrVy37jXCgXnzo8sTDBQVuEYXDdZhHPTLaeietPMwAPnTkgrqNyhLBPmJ6oZIUQGAqpkQZlvP24IC0IMywllZzoJfIAXHdPb-dI6bCaUDWNdNKxW3fd4_C7gu0orFpvKnolJcPOl3YAggeksyLZDQwNT_iIZGX5oM6V0Z9JjfQl_T20QTVwpNHZr9ObnJaX5x1syuVTZngvBugUrBIpqYWcCNtNPNNVScK3xIEEeI0aIKKL-3hEJyRGrwh8v1_wZTbUUo-LlsAQ7ZsGDh5dS4owo9HxRR7hRk6HJxJDQrtQSXZp0IVQxjTucGsIybLMh88R_H8gBZ6rZFTVs_JMSLRfIqi45c6hmRWDwVciOMfF704abjFv_-qizzfGa3caDYj14iez_e8UiVW06Bhiiyr_QEmADHD1n_AFkTnGrVYgQAgMyAgVA9ha91sEI6kkaNZWVJ6TGFIb4ONsX1TFcChys4jl89rthpVpj9lfdnN4bhpg6fMSbhHJnMW5v8zY__1k_yRB3oIwhVPQxUsgv8GdRmSM9dczBksTVHYA92WdBciWsPqgyK3CQawckH1GKBgYsktnpiLrRVvOyt503Kp5pNMH3iVMwB6AapPo1xWE7ZboIUqiqW2Mi2vBsQBgGCP7laaBOPqkdXG2eEHQvV8xfHZtNcyDrIia1LHBsmvbkP3Q0qdJQNZXJ2Ut8GSHZWDQy5IfDcpnMa7iZDmeDVO8vqWwUjaBgYj3B4qvTPFaQK-w197zcUn8vDxRTb98ZXQFplwffJnU8Su4Mr-QEzbCBs1tnC32zlJ8kSj0yk0RredlxEET28l26LUxL_X7iuygHGCyc3stFIWNqcaaXTwKm2mgFw6E1-VzIQOwA3lgEgoM_lu1iKrndTdp4H-uK6Kgb6ggRZVCgvnKHYnPKdxRqtBFFEWQ_y0vj2SyPhOTC_a2egVx7lPTjAHwKHQq9QmtzT4I1nL8HK3SqIZizDKiIdglKbo68eYYcvMe5r2w6aQweAgHUknRrbtIyyeIzjx6YqIycDD4Hl5MLvzk2-jLhzVZ1HLfaBngIywZJhveJZ6t9nNxuffeAUnw85LoCx-HS3aybgLBw0xn3CjXYjEeixw0AzH15Ylva27YBvj3jw6F317DZQVCbrm51kUPfihuwDoPhvXrwmisbgUibSj0YnegLfmX0C7g_4gDTuu79FHcNbXS7tNEPmj_1RYLJi4sMe253wqm6YiMo_JiXD0565UGB1Sz0qXBXUdO12GvylgVeX0KMWnJVFgFrDS83wTJZQb4g-m0kVmeT5ciWZ3aktqeZvlm6Wx8qaL-VvvESsohG9gqs_fz_xdwgmUpbh7k6CyDPmbxsZSp9Xvc1m-18t_R7J_bdFaMT4M-s6oO18da7yXsHLGgTOjQNo4zawvfGZvGz0_ZKm6wnAdPRdrPORUQehzM_YzL8Nlfl1EGtY-M5x2Wy9ltADFtwExHd4u8MkaRGmZhEEKVyvI0DNRMeVsCEVryEwC6oCr_gtJqbC-CyDTt3bMcZ18rsjVVgGQ73srb2Hx9gHO9qT7wVj_eSWj28KwpFLSh3oO6le0kb2Bepj-OBuIbM0xxAAmmOIXflsD_5SLu11NZVOLDZkGcNQ1VjU8nGCFuohw8dE-hlifEkO_Cz9uGsF6NcfGeyb2J6QoqgVAtpmT4_YJlyAZ1g2DZyCMmkt70eAuKeCS_BO-5U-XlFBkguUP_eQAJ8DF0Hta_lRs4YO0w1ER5l_1pM173C9A1kvuon-PDoyHAhN4MwERFbbkQWwe91tHNpviAUYPEFq8FeJ7Qtn4y5qSZOEBFoaLs3UVhkfaAVjb5itSb9YdDAbnYaIAmJ0VLjdxZEg7z79PPrOwTtk6Rz4REwy5qzwo2MFijZKoHxMsuqlh1u62is6EMqa0zbdVQGQ0dM4co0f9ZE_NUrr5oV4nqXXvZRHftndZf9vIrJRh3zyTn6jyKt806_G6moa8C0kEZr6CwW65I20kodluf3X9tSHgOrMJL3ZFJsHhChw876sggixL5O6Tmn9f1a0yT0yEnR8F0e6RAatQSS3wo243ONzu0CIH3ccoByNCBTcmEDnZ4SOpgZsMsOpjtNT2nNAZpeoTp-2Xj0cXvxYqyvA8eAXbej5Ud_31n9SHcwV1710eTlsJy_k-Fwmc3OZSieBiL0YM0N-d_8XeCt-AkHV20PEdHR8sS1kuwm3PJnaMNfNlOTuL-2OthJuSQrH-QOhMXCE1emadVZcrWaIgjHIkgdTVpbpn3H_Lup2BL7NhdQplpVP6BVIRvUfhQ4o4cKuaow5PpQ8yogJKLm6w6l2kDK8tcS_4yZmabxQ23_cnTOO6rpMAk2I18UCvdg_RRWlvauf3jIM_WJLUTXH29Y4huLOouSHVi8vouek1wngb9obKRBeoY49m7Bkl0WVuuYUrdbowsAu4thHr2S8kOwY-bnpvRqh09wSJK440qiA7gu89BWCXvlLJvVOjK3eTbUjjQHye2mWndeuviT69qDe5aRlRpJM3hpAZKZFjTZFZ6JF_T-vYnDAwI1nz2pcgjNWPY239qOq8FzPBxfXcRL0Y-wAq-NtzvWd-rrE15CivOCgsUbfurbbsw3jyM7xIYPB2slRYY7c-4azbHrZ5o_XePQ8MQZ0aPlJ_7Uz4O1r_p9LHSyfLqMlI21zeMge9yKUuuT0w9dMxZ6pG4sa8qbYBSeD-A-l6XfqIABaOwFBISorZLnPACirSPa6CrDU7gQFiUwrcMlJ7lLoJreU&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ds=l&xdt=1&iif=1&cor=7517043475684671000&adk=521587873&idt=173&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 19:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
20265
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 19:39:39 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/ Frame EC13
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240102/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbtgtXxPUaI6Xp4C3COcMQzJltNzKTaR8R-jMqM-akTP8QLiuDA4DmtxBcenrDOAhKGvL05OkwGis39LMeHoJIp5H8PsX3uMioBdqPhgLhtJZhotx3U6vy1Bwbk5zXuheAOZ2au2FXt_1QosOgCsSr_8EPTeNhYYfinkQNXOQOhCt-2hk&dbm_d=AKAmf-AKxAkDH8vnz4HM5ISkOqhikbaN3KQeVFcVjiTkpTVQaovcmOWg92bEzsEoRz2khdkg1iLIbDFBu0Ize9o64KgB4kFuYrmw2t9sVLfUcVBuo-45Xe3I-ihapC9y-aBdsuzN5MsZL-vmTbZivMSI5a5XdaREx1qjh9n1dUt2xjvp49233X6JPYgTkYrtPFZ0mg1CgHTwUhSix1jAKVK4DNHzMgNt7HsXC1KYDqkvAA_cLAW8NI5gjuOo2Pi6NHdkWitB2D5YXsJ9xten5mhlUCGhr0yTJ4MHn-gOUQpPrb4pYKfBOk_F4lJU5ndHihUNkhyc55Uw-hPbiBPuJYdKP93GhpVlRpTGAIEXYrn8NTulMnLZYEkVTKW5-YNYJunIPPKSjb5w-DRKZfKbHIGvb7goKX2jYJitnIZWpqF2ntyFar_4RerqfC18SVpupND_NnihunS849g46XxAvx7sDW2Sohyf5T-BU5pXBJRC_nco1GtfNSiLc2T9KIb1kj8NafQb1_aziQocZnkShUhzj1L6By5ngCufFSRBoQNKDvvY4fAQPvyK_zdFkVcc55Mp80S1QSk6rVgWsiZzYAKzWWve7pzmSugfJ0oksOe8rpdBfALjL-4v7tIkzlWGougcYYo8-ysP65p4Hf7CUlfVa41FWrYCs8MQERwMlTmCYA_XuGREwJooIlsLwap0d8NtzEa95YAe97bAsOsOlY0CbqHBxVS5CxaRiY0HMmyibgXlJze3hXB7Iq3P984t6u1vzd63hddx6PO7x3rxFHF8l4M_ZMB4MFaPJFwlszYnssjAM__p11mVhXCi3R34ueHQroeLQpysZDEVZjHpB2_AUHz_TlmjsIBYrJAbsUtpI8L9bvCKsum6723spFuQdzvyKSiEzajnIPzX7xoMvVOT3tuzzbM-AgHT8ghrVy37jXCgXnzo8sTDBQVuEYXDdZhHPTLaeietPMwAPnTkgrqNyhLBPmJ6oZIUQGAqpkQZlvP24IC0IMywllZzoJfIAXHdPb-dI6bCaUDWNdNKxW3fd4_C7gu0orFpvKnolJcPOl3YAggeksyLZDQwNT_iIZGX5oM6V0Z9JjfQl_T20QTVwpNHZr9ObnJaX5x1syuVTZngvBugUrBIpqYWcCNtNPNNVScK3xIEEeI0aIKKL-3hEJyRGrwh8v1_wZTbUUo-LlsAQ7ZsGDh5dS4owo9HxRR7hRk6HJxJDQrtQSXZp0IVQxjTucGsIybLMh88R_H8gBZ6rZFTVs_JMSLRfIqi45c6hmRWDwVciOMfF704abjFv_-qizzfGa3caDYj14iez_e8UiVW06Bhiiyr_QEmADHD1n_AFkTnGrVYgQAgMyAgVA9ha91sEI6kkaNZWVJ6TGFIb4ONsX1TFcChys4jl89rthpVpj9lfdnN4bhpg6fMSbhHJnMW5v8zY__1k_yRB3oIwhVPQxUsgv8GdRmSM9dczBksTVHYA92WdBciWsPqgyK3CQawckH1GKBgYsktnpiLrRVvOyt503Kp5pNMH3iVMwB6AapPo1xWE7ZboIUqiqW2Mi2vBsQBgGCP7laaBOPqkdXG2eEHQvV8xfHZtNcyDrIia1LHBsmvbkP3Q0qdJQNZXJ2Ut8GSHZWDQy5IfDcpnMa7iZDmeDVO8vqWwUjaBgYj3B4qvTPFaQK-w197zcUn8vDxRTb98ZXQFplwffJnU8Su4Mr-QEzbCBs1tnC32zlJ8kSj0yk0RredlxEET28l26LUxL_X7iuygHGCyc3stFIWNqcaaXTwKm2mgFw6E1-VzIQOwA3lgEgoM_lu1iKrndTdp4H-uK6Kgb6ggRZVCgvnKHYnPKdxRqtBFFEWQ_y0vj2SyPhOTC_a2egVx7lPTjAHwKHQq9QmtzT4I1nL8HK3SqIZizDKiIdglKbo68eYYcvMe5r2w6aQweAgHUknRrbtIyyeIzjx6YqIycDD4Hl5MLvzk2-jLhzVZ1HLfaBngIywZJhveJZ6t9nNxuffeAUnw85LoCx-HS3aybgLBw0xn3CjXYjEeixw0AzH15Ylva27YBvj3jw6F317DZQVCbrm51kUPfihuwDoPhvXrwmisbgUibSj0YnegLfmX0C7g_4gDTuu79FHcNbXS7tNEPmj_1RYLJi4sMe253wqm6YiMo_JiXD0565UGB1Sz0qXBXUdO12GvylgVeX0KMWnJVFgFrDS83wTJZQb4g-m0kVmeT5ciWZ3aktqeZvlm6Wx8qaL-VvvESsohG9gqs_fz_xdwgmUpbh7k6CyDPmbxsZSp9Xvc1m-18t_R7J_bdFaMT4M-s6oO18da7yXsHLGgTOjQNo4zawvfGZvGz0_ZKm6wnAdPRdrPORUQehzM_YzL8Nlfl1EGtY-M5x2Wy9ltADFtwExHd4u8MkaRGmZhEEKVyvI0DNRMeVsCEVryEwC6oCr_gtJqbC-CyDTt3bMcZ18rsjVVgGQ73srb2Hx9gHO9qT7wVj_eSWj28KwpFLSh3oO6le0kb2Bepj-OBuIbM0xxAAmmOIXflsD_5SLu11NZVOLDZkGcNQ1VjU8nGCFuohw8dE-hlifEkO_Cz9uGsF6NcfGeyb2J6QoqgVAtpmT4_YJlyAZ1g2DZyCMmkt70eAuKeCS_BO-5U-XlFBkguUP_eQAJ8DF0Hta_lRs4YO0w1ER5l_1pM173C9A1kvuon-PDoyHAhN4MwERFbbkQWwe91tHNpviAUYPEFq8FeJ7Qtn4y5qSZOEBFoaLs3UVhkfaAVjb5itSb9YdDAbnYaIAmJ0VLjdxZEg7z79PPrOwTtk6Rz4REwy5qzwo2MFijZKoHxMsuqlh1u62is6EMqa0zbdVQGQ0dM4co0f9ZE_NUrr5oV4nqXXvZRHftndZf9vIrJRh3zyTn6jyKt806_G6moa8C0kEZr6CwW65I20kodluf3X9tSHgOrMJL3ZFJsHhChw876sggixL5O6Tmn9f1a0yT0yEnR8F0e6RAatQSS3wo243ONzu0CIH3ccoByNCBTcmEDnZ4SOpgZsMsOpjtNT2nNAZpeoTp-2Xj0cXvxYqyvA8eAXbej5Ud_31n9SHcwV1710eTlsJy_k-Fwmc3OZSieBiL0YM0N-d_8XeCt-AkHV20PEdHR8sS1kuwm3PJnaMNfNlOTuL-2OthJuSQrH-QOhMXCE1emadVZcrWaIgjHIkgdTVpbpn3H_Lup2BL7NhdQplpVP6BVIRvUfhQ4o4cKuaow5PpQ8yogJKLm6w6l2kDK8tcS_4yZmabxQ23_cnTOO6rpMAk2I18UCvdg_RRWlvauf3jIM_WJLUTXH29Y4huLOouSHVi8vouek1wngb9obKRBeoY49m7Bkl0WVuuYUrdbowsAu4thHr2S8kOwY-bnpvRqh09wSJK440qiA7gu89BWCXvlLJvVOjK3eTbUjjQHye2mWndeuviT69qDe5aRlRpJM3hpAZKZFjTZFZ6JF_T-vYnDAwI1nz2pcgjNWPY239qOq8FzPBxfXcRL0Y-wAq-NtzvWd-rrE15CivOCgsUbfurbbsw3jyM7xIYPB2slRYY7c-4azbHrZ5o_XePQ8MQZ0aPlJ_7Uz4O1r_p9LHSyfLqMlI21zeMge9yKUuuT0w9dMxZ6pG4sa8qbYBSeD-A-l6XfqIABaOwFBISorZLnPACirSPa6CrDU7gQFiUwrcMlJ7lLoJreU&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.mop-veins.tauri-veins.com%2F&ds=l&xdt=1&iif=1&cor=7517043475684671000&adk=521587873&idt=173&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 22:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:27:58 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame EC13
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
457936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Dec 2024 18:05:08 GMT
view
ad.doubleclick.net/pcs/ Frame A9D9
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvDcoV5bXEqcuFJnb2Y33DTYVD8VuxyqPXWSMJd8XZ1KymOeVJevOwPJYBt5UtnrZzbFzXSuzyLUeSaJfrJjDxZSDIkie91GecrAhmLGj5CSaacXtJzR3xDDMHLJEejU2t04HW1h07Wq0Utj_NO0tLupt36LljPIHUoI65PsUwKNQA1Ou0xlCjri8XNNNpIKcJcCuER9UQ9Wop_2lQdLzAEFvVczozFrqNOV3kZR3n6xf2wyxB4GODZjCEZ3h5bJ6vugGC83Qdlx_TS4hHkvu0YeK7zBeL-aXV_VG82MgXr0l5qDjyQtBJ2lasH2qilZZWKJBhUM3LIFh2-vvg1XSXzb5v-3jMtQnKgxWidz-sin4HGAIHpWqxWJ8Oqm2N4YJaqnkLkztsFMahfmtc6DuaKFIBJ-JVuVie1IN96_M2XWIDxql9y1m9BjATkBud9wFA6_HiLmsY6_Y0U_7clr90sMGTT6V3jYPJX9nfgdCvmTkkviSCmS-mhDmLTdLKYx-0MqOzaCJcnox0mUHtpiGM3HCK576tt7nwYsTno8O-k0ubFIwuGKPQ0kViOxaluKpdPzHLE0_g_7nghH8jRAZbftUHdDMv1GUA8BVWUv25KZxIKVJD3xxIVNrdbdz8LATb53dF4jvLUZlracOe0uVOivhiT2AoEpNzRlsg2SPUlF7HjlK6B7uqj6P969U4Vs-twjaOk1Iyhyxn-fdaMpBs09fx07l9RsFOjxfLorKOqjEXITaK3gA6cqjPdGm4N_2m7UNr6UCUvgUDYs48LsGhh0Y7muSOmGuOS9SJA4vQXQEKy_AHVQz23WbjK3VWVZzw4MV120YkifZ1f5oJNvBQzIkL3HJAGmK9RbFtZA0evsnD0Qr11-CxvBMxp1Oh45UBBGQzO5m7whCXRI3LGa7y03Nm2JR9_DCwsjdqZpzjkZOd4Z-w07Xpy_27zeqiyaByXGeCUq6spdYQoMX7QWI-k2cP2kg7mp9N5-kENHXPdMCfZTV7IZD_WwKYRZR9pYfUJ7MXUs86MYHjUdCpDcSJvMbVpO1aqQfRqRyGl09Gura9n6y_iBV48TnjSIoktKnFp27T-d0ylH4b3fFejlCERDcSMSbrp0Bg0rFtyjAhSDuOZS1fIXWPcI9PvpYmyzIygqjXvrmBb8Pd7tR6B_vSSGDfs6Uq3E8erJf9rK9rt7Qdt7FXOUDcPpb9clUqCP6nOwCW0sWZIGTMlNjX5577U9STLyVBrpUaYqdGXGpKQPKmsqQ6tVe77cY3_iuHFKk_wrqlTJqx5JYHYdsURwP0w4eb29UZbsdE5JuEUkUNGcPgRGG76ZTGqbkiIGDcTBt9DoCeXbudZpXSm0cHpKuDfZanIOaJt5hRd2EyUEFR_uGWKJMLPIbaKNB_HZyHwmVFMr-V6FObzegEs8BJCaaKLqdui69JfPWwujmOUifkLCjbC1_K3&sai=AMfl-YRtKtOBNGqyR7hlI0t5N_zUYjlC6P3GXTipiPNN_ygABcSj1OrlHt9lAOS8Q0VIIFvn_qdtFRVnUr6sGAecCDLj23cph3JDdj-uCdUU0bXn5sfZxERm3V9UybuZYgkAh0SH9eX4dpOl9ncwn1c4iU-ai8Eqwm8a-FUQ-Hy6AHdCzDJpYXZhgOut5713ijWXZkhnbhz64UgGwA1NMsJI8gQ0alTFXrlrSTd3IuxNJO5KoaIqwy4whoieo88BmPOnPJu1oz6owL_M5XHMfbsYFWuL1Js6SEKNroH2QnVICfgc3LX5NH7g2wZWKC2LeEE_9ZzswaUkzJ5UJkwnTCjUR4762fjVmb9U3IxyKDdY4nxp3k_38qNDd7yf_mk-2DfqTvH-Vbug6TC0coqeNhvihQHZCqA4z5gMlS5QBsIAbC8v5cJyVKHv0q8Qc0WhPnVz6rkR3QPVYSGTO8f1WYqUkH3GCRzqHquIIU5rmCQv5CQc_5ZYUqp0uXo8G2iaZdCAVmyLiAbeCqtt&sig=Cg0ArKJSzBIkniMlY5VDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9hdXN0cmlhbi5jb20saHR0cHM6Ly9leGFjdGFnLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=307&vt=11&dtpt=129&dett=3&cstd=170&cisv=r20240102.12566&arae=0&ftch=1&adurl=
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame A607
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 20:42:24 GMT
DE_performance-leaderboard.js
s0.2mdn.net/creatives/assets/4629137/ Frame 3057
208 KB
115 KB
Script
General
Full URL
https://s0.2mdn.net/creatives/assets/4629137/DE_performance-leaderboard.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4401560/DE.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a6a36c32b2714a28aec1903147fda650d9407e55b9b4b0e77ca5e125de2271f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117905
x-xss-protection
0
last-modified
Thu, 30 Nov 2023 16:19:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:51 GMT
USA_728x90.jpg
s0.2mdn.net/creatives/assets/4630247/ Frame 3057
14 KB
14 KB
XHR
General
Full URL
https://s0.2mdn.net/creatives/assets/4630247/USA_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4401560/DE.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efc02c68015c7eda949d4eea23a329f54ce6be309e000fcf92e8cc9be6043257
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2389743200794859373/index.html?e=69&leftOffset=0&topOffset=0&c=HVWr4SHLHd&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:11:51 GMT
x-content-type-options
nosniff
age
333
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14466
x-xss-protection
0
last-modified
Fri, 22 Sep 2023 11:10:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:26:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3057
8 KB
6 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22b6d41073d2205cae5f88ee253bbc09050901ce0f1acf832a30a13da0c1c888
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5872
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D61
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgB9WR03OqnZ6utUjmNE-cAfd3pJfBwpwrXOzxIQnoyP9FoshN6SsN8nDRxvyf4goXCIN50INOCt-X7ofE9wxIpJME1c_-tLs7EbWmjSV_-6u4t47B9HRjmSIfpvnYqI5R-kob3BOOiBU&sai=AMfl-YTe5TijCsGFcNskqmHqO4Qgs_ZSl55rlaTS26Jja-TrH53KdTvI9bsWEIv5F4lAaXWFqlp1ZimqWfzRErDFfsWnD_r1As3jYesvi40M_W80PRB5FT0o0Shl9REbTODdwYq14lxMsQSCIviKHLRhHA&sig=Cg0ArKJSzFhwUr-iKTx3EAE&cid=CAQSTwAvHhf_pHs0uNpoAVV258OLFxkNBJ9xDxNAd4GIBycL6kcmDpjxn5kv2zjRDh3-TahQ2MU9MgNvnJiUKzdPsjMfH39yj1zszjQtwCD_GGwYAQ&id=lidar2&mcvt=1022&p=0,0,90,728&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=749540655&rs=2&la=0&cr=0&vs=4&r=v&rst=1704331042594&rpt=477&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 2BF3
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
142326
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 09:45:18 GMT
expires
Wed, 01 Jan 2025 09:45:18 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 8606
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
26284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 17:59:20 GMT
index.html
s0.2mdn.net/sadbundle/6171197435532655443/ Frame 7CA0
143 KB
23 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b8b4d537d6eb7f042cd3891aa30a880b50e46f162b577b4a68468cb2f496190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
38408
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23301
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 14:37:16 GMT
expires
Thu, 02 Jan 2025 14:37:16 GMT
last-modified
Tue, 29 Nov 2022 11:17:53 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EC13
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6W4_uHmbQ8ZzzolPgGYGfuQjqh1qaPkotCIToBl4qcaDX_B-12MDuClz_jE6QkbmcyB1j0jxdj3DS5DHmpr_sO0nYX_R8QoXEA4b8H-4vBek7l34OzZAOYQPliul8uQnWqknONAt8p7YJyCL6OZjPcosFjFo568H0PxS90GVMmheVd7JkW038S299IDlmwNmoNTIOTV2WWGi278CqKUiV5NH12VTq5xcXqj7CgMuQaU_LUZB-X0cdpd04AoQmgNRpgY_eGuddVyme00TUlygcaVh42tBZUMxZcCIJfiQ1f2lDqJjN3Gt0yDdgHPK_3p7CDigjBx4YI8_V--DXLGleCws37P4KkthjkNsUD9xiy61tMM-ydTrSs2GuPl9WoJidDkIwrnEa835fqJnTurj6ZgVv4Jb3jpJ4OVbNJJwLBe43Ejnd7JuF8bOgxcNMMMd7EuMPWMSbBj8Lfhg7vDQH9nL6htH6B7OMseDVeLThy84KhdTgIuVJWLYCa3cjtyRXvfxPOKZNBHxK1e_W51JMu2m9YlufQr5K6CUWEcXBU7K_qVjPQ4FGNfSRTGii1FbIynPeKYLFRr5XOQFgUa-AHI0seWPMehTPlXxo0BD8JRE1L-vCeBkD3SUoG3prWtoMrHtrcqHnK4K45XWzj9FjbYw0OkHr_PcztbYEAZRDx7HFHr4CKGEwdLSX_RAw7B_ttDr6ebxIlc2eCY_MhCRdAmUCvYr063ddN02bsz6mnqdqBAGcuaFoCFfz69T4MDNuNPYZ9dVzQE2vAzMDLFdGo4N6zDHAFuzoxFaeV12Gj5qJARoLWMR5CZ7fL2IWSVZ4svoQMwN72uSmIKmPl4Kn_HWH3r0RnfxbpfIXjSbaoMEE5c6xAADM2zD1FXqi9Br3HB1aJEQPKhgB5_9SNqO2O-YuqaFTEbSq8ZBc0NKXWkKs6kPrLuEqoZEvqXCDr84lKQqepxIYOoJBDMJk5k19jH1nugD6zD9yLmQcIyFiyCtL4hMh7fOkabixYyWeQfXP659mt3aTj5u9BlyqiGG2Q65dKI0B4FiJocFAZVCQyXpFEJiZorf9UbQzSnROTXfs9JKlSFcHtq-s4xM3jOLqJTytfyvwsz8U-vGwfp4JJtuU0608HWnAwTUb2esZiCC1g1LhWtfAAy5dhO7K4tDvXWssMGY5tmtiupsoyw_B0P3j7j_H3LkWYCn4_P_1zXKFw4XTSJVDSfEG-PHyK5Mq9ZVoXhFIT-B9Ie8NPf0MmOedEO7TEQbPVe7pXN01qNkgMB1ciMjlu1t6-yyndqrWeTuAqF34MSZPYCHd60tqgLXRUminGAhanYMzH0fu7iE0zGVO4tPthwpeyCVlc89l_pK4UksgObYiJRBP0YrF8hTj6Qt6ZzcKrETuRbeGfWQUrWDFY2w8yegCoROpiAB1jNv3XrzU4NFJX97_oNkCoFRxTCU&sai=AMfl-YQFwqg-9Lvu64CIGjoqKi_UNOxDnoltFFiQmbORSHaFZ5ZShXCruFaF3fMkmf69GaJVkJ4q_v1hMNhyFIyNrQBy6q_g6jN4M3gqfym2OVJg2zkTlohIpLmlJ_3XomikkEDWgNyijXz6tnwpnKbivhQ7GNea2kV9OboaBkVb0qYSmznNnRIHBEVZJzsFEmTPfAWUaQxZ3_1piako24XRyFL3htrJn455w3bz_p1kwErQuqkD2J0jIZTwHfHqPVNEcuBvnWZ-jxAam95d3DRoZFeH-pyWNJGH3Cs40we3qLFZR6AdQcynpYzD1bsRJt72Vg&sig=Cg0ArKJSzJeAJvVZAGMlEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=73&cbvp=1&cstd=72&cisv=r20240102.55697&arae=0&ftch=1&adurl=
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8249
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuw6cnvkPwOd9J0JjKySxTjKc_pPD-qsTF-1odxiz9mI1O9sBeqinXtfBWCDLasxpIWOohJAAgWYRWjb4jYwLAAl6l-91AfCxo8WKWrcBIM92LR5V-iP9O--KXZGYZibeuIhWSHTDOAdY6--cKHkfXwbsWJQYAXryaZJY4cRoVCak6E03iv8et9LDAl6i3DERL8G51Gq0-tez9RUfLlYx0XdjEUSNWUqIsxCZMH77rIiqhfBJLbqctaHFKC2lMrrvbV06gEDCIgwsgoOOMoAtWUJbwjvxXu3CsMrWQnkx5g8pSxm1ZzD4_JFYC4DEEHHUAK8FVTxY1GsNO4rSK34XvueSx50w741dNt1zumhOkNHHkIaPUe_w_kNfI9vsbd81EYbVoC10G5z-yMiGskutGdVLfdY9b89orkzxwhLP8T1fxIA2kgeZ65g9Kx7MTKm7PsW2WqJZrMqAwF2MGIlSiR_SeIH5hDvFGeF154t8b80nXsDZZf-BF4_SsL4q0Uj9tGDEp7oEjSTJQetw5JjZSazzF5zFoxc0gNlMZxjw7NBejhvUrS4tieS8kdSQkAMNILVmP7oJiTJ_nMIAVzqYYScG90I2_PP4eT0xICXZnvP8qd2KZx3GRMylSHmhn_cwz2zEG0Qx4skKm_mlTj8cuFpTBBVebXePzoP0yX6EpUz-JRHdddNLUEEtWgtB6ZCayDL3a-1vwxSjFPgACNDllL4yovDVA8HhUhuS1nlrb40N7n-iXblLwbybm41r0lMsVRhrFyEQRBScb0ZlgX1e2qgo6FJrhT8i3sE3eK1QTwpLA6sqA5C7pTSn21B5rIK1W5v2PX9xVV0QfDGcCI6aNwRHMgeBBeDKl__SZbhrQZq0ZuRZW5OqcuvFVMV_CiVSgoDNveT3Zr4c_-TTx1QE-ytIuysM9phdvg4oMTA2Cg28-uopSAhiqbDBO-nV7Hl8LNE7U6TQ-sbmYo413znraTyXfC9us3u7aGYh39b5A8G6ohvsLK8hF2vN4z3C1w84lgTxpRBfsL_P9h0DTCmTOWeVUA1WG68jTzUrX_hH5kt9O_kD9KJLi31hsuY8aDKZ-8bENmeG2JrAy8s8wEokTqi-Ams0oHzdsHLUavL5qqnRZp2WVH8G102Sih7xbFsc18OYnLjEDV-DiT8cfaJWeHkLa4PbHgPE984EZsMhOhIOKr08_m_8tEPwfaZVj9EfyMCo1QmpXVqz1PrD-uNv3nS-xhHsH9XqFPIePIVVNZq_G9ViHvuOAhVtNwj3p6319sJ3KiOe_cqdU1hlN7LsxeC5jvg6CagTZ2oZB2G44cqFU-IONuX3Nw-UH9VewQ1SMuV56lNINQ-9GQ_osd-AfCvfAWBBGSxO1xt2gdH8w1HHBgsQyWqeidxYWvCXO1kj_D0-L0SsoaSS1x2ZOz5KFT40Jb1fk7tqDTIvYnXg-G2qim9o&sai=AMfl-YSg9J3S6MBn3eziBX2Y_Wi-8XCmr0tHdR4vw_cGhvDVNUJ95eIFX7guV53l2eOwrs5_R8IRYyWLozXp8pcikj-SI2OxM_wEtaMF-b4iDWyf9T5Zdc-Gk14MJ24ic5lLjMUrB-BY6jLaUrwt1LXB1-mnCO-S6NTYeh3S2I5ddXvUUxKTUB5Ld4OMxrDhkiBxPmewUTA-spVJWKgbKpY0hma6OOdWknyjeVdCH-qnxEah03I5nwIcy4_1CBxsIlchiAv1POuNmzRNOcHuZco2-bwcrSogofJKTeFuZCqxxKqGfW3agzBXSjaTabJebwQFKA&sig=Cg0ArKJSzG3_f2JmJRANEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=143&vt=11&dtpt=81&dett=3&cstd=61&cisv=r20240102.47444&arae=0&ftch=1&adurl=
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame A607
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1864
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:54 GMT
flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame A607
4 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1328
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:56 GMT
160x600_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame A607
10 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/160x600_40_prozent.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ddddd2b784c484f45756dc8bba5419400a497369695802aa1a5c01e4a3aa7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
160x600_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame A607
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/160x600_head_2.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e70feec33ee57fdeed636ab89a20156515e29b96cc56d8e20fd1315dd05c46f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1353
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
160x600_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame A607
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/160x600_head_1.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91300e289e33ce13ec40e4599a15ee0f1c7f6596cf9ab87e9b59b74449304678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2127
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame A607
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:49 GMT
160x600_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame A607
37 KB
37 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4691997/160x600_kv_fb.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f00ff1a6909daa2d7f8141c285ceb23b76edcc1da40f0f2e717ad2b6c81a803a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37787
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 10:22:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 7CA0
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 20:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16500
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 20:42:24 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 2BF3
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
26284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 17:59:20 GMT
truncated
/ Frame 3057
39 KB
39 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1f2b2338b1659185c9dd70ce5944bd6a8f34997d601b0966003c49a35249948

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/octet-stream
truncated
/ Frame 3057
43 KB
43 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f606ff16a9161e06ad0bcb7488be14e217ef394cc852db94e43e9e8506e159

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/octet-stream
db2ac8be-b6db-4de9-8511-6ee7df64bea7
https://s0.2mdn.net/ Frame 3057
14 KB
0
Image
General
Full URL
blob:https://s0.2mdn.net/db2ac8be-b6db-4de9-8511-6ee7df64bea7
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efc02c68015c7eda949d4eea23a329f54ce6be309e000fcf92e8cc9be6043257

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Length
14466
Content-Type
image/jpeg
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3057
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 01:17:24 GMT
4.js
static.adsafeprotected.com/ Frame EC13
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4105316393188386&ias_chanId=1&ias_placementId=20338656462&bidurl=http://www.mop-veins.taur...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZcquO5m89u8PoLyFqAQ&cbFunctionName=goog_wrapCb_IweWZcquO5m89u8PoLyFqAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB
Script
General
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZcquO5m89u8PoLyFqAQ&cbFunctionName=goog_wrapCb_IweWZcquO5m89u8PoLyFqAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:2127:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 16:15:18 GMT
x-amz-version-id
ujfduPTjOb.i40qd9b74_2hLV16lvsGK
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
32527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 03 Jan 2024 16:15:16 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
KD_dTwdzGRjxjl1Du70BTWsTCTkHMrmtpQ-QQ3p46_zF6GcDJLdMPQ==

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZcquO5m89u8PoLyFqAQ&cbFunctionName=goog_wrapCb_IweWZcquO5m89u8PoLyFqAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame DBE2
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
9076094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ZjcxunHCJHNc0EDlZ841BHtiw9MDzyW2_cjIUmAlrons0lrQkDhUMQ==
4.js
static.adsafeprotected.com/ Frame 8249
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4105316393188386&ias_chanId=1&ias_placementId=20338656462&bidurl=http://www.mop-veins.taur...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZbmsOIXL9u8PyMOrwAg&cbFunctionName=goog_wrapCb_IweWZbmsOIXL9u8PyMOrwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB
Script
General
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZbmsOIXL9u8PyMOrwAg&cbFunctionName=goog_wrapCb_IweWZbmsOIXL9u8PyMOrwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:2127:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 16:15:18 GMT
x-amz-version-id
ujfduPTjOb.i40qd9b74_2hLV16lvsGK
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
32527
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 03 Jan 2024 16:15:16 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
ki61BtulQT_9jA83TdsFnmGF05gek0weUzLj8mwrnFdX9sKl9ySBcw==

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_IweWZbmsOIXL9u8PyMOrwAg&cbFunctionName=goog_wrapCb_IweWZbmsOIXL9u8PyMOrwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 27D9
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:ee00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
9076094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
ew4so-fQMjR4uvQyPNXLe4c4mPwMeZh7ovyDyYZl2nud6INYw1c4XQ==
view
googleads4.g.doubleclick.net/pcs/ Frame EC13
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6W4_uHmbQ8ZzzolPgGYGfuQjqh1qaPkotCIToBl4qcaDX_B-12MDuClz_jE6QkbmcyB1j0jxdj3DS5DHmpr_sO0nYX_R8QoXEA4b8H-4vBek7l34OzZAOYQPliul8uQnWqknONAt8p7YJyCL6OZjPcosFjFo568H0PxS90GVMmheVd7JkW038S299IDlmwNmoNTIOTV2WWGi278CqKUiV5NH12VTq5xcXqj7CgMuQaU_LUZB-X0cdpd04AoQmgNRpgY_eGuddVyme00TUlygcaVh42tBZUMxZcCIJfiQ1f2lDqJjN3Gt0yDdgHPK_3p7CDigjBx4YI8_V--DXLGleCws37P4KkthjkNsUD9xiy61tMM-ydTrSs2GuPl9WoJidDkIwrnEa835fqJnTurj6ZgVv4Jb3jpJ4OVbNJJwLBe43Ejnd7JuF8bOgxcNMMMd7EuMPWMSbBj8Lfhg7vDQH9nL6htH6B7OMseDVeLThy84KhdTgIuVJWLYCa3cjtyRXvfxPOKZNBHxK1e_W51JMu2m9YlufQr5K6CUWEcXBU7K_qVjPQ4FGNfSRTGii1FbIynPeKYLFRr5XOQFgUa-AHI0seWPMehTPlXxo0BD8JRE1L-vCeBkD3SUoG3prWtoMrHtrcqHnK4K45XWzj9FjbYw0OkHr_PcztbYEAZRDx7HFHr4CKGEwdLSX_RAw7B_ttDr6ebxIlc2eCY_MhCRdAmUCvYr063ddN02bsz6mnqdqBAGcuaFoCFfz69T4MDNuNPYZ9dVzQE2vAzMDLFdGo4N6zDHAFuzoxFaeV12Gj5qJARoLWMR5CZ7fL2IWSVZ4svoQMwN72uSmIKmPl4Kn_HWH3r0RnfxbpfIXjSbaoMEE5c6xAADM2zD1FXqi9Br3HB1aJEQPKhgB5_9SNqO2O-YuqaFTEbSq8ZBc0NKXWkKs6kPrLuEqoZEvqXCDr84lKQqepxIYOoJBDMJk5k19jH1nugD6zD9yLmQcIyFiyCtL4hMh7fOkabixYyWeQfXP659mt3aTj5u9BlyqiGG2Q65dKI0B4FiJocFAZVCQyXpFEJiZorf9UbQzSnROTXfs9JKlSFcHtq-s4xM3jOLqJTytfyvwsz8U-vGwfp4JJtuU0608HWnAwTUb2esZiCC1g1LhWtfAAy5dhO7K4tDvXWssMGY5tmtiupsoyw_B0P3j7j_H3LkWYCn4_P_1zXKFw4XTSJVDSfEG-PHyK5Mq9ZVoXhFIT-B9Ie8NPf0MmOedEO7TEQbPVe7pXN01qNkgMB1ciMjlu1t6-yyndqrWeTuAqF34MSZPYCHd60tqgLXRUminGAhanYMzH0fu7iE0zGVO4tPthwpeyCVlc89l_pK4UksgObYiJRBP0YrF8hTj6Qt6ZzcKrETuRbeGfWQUrWDFY2w8yegCoROpiAB1jNv3XrzU4NFJX97_oNkCoFRxTCU&sai=AMfl-YQFwqg-9Lvu64CIGjoqKi_UNOxDnoltFFiQmbORSHaFZ5ZShXCruFaF3fMkmf69GaJVkJ4q_v1hMNhyFIyNrQBy6q_g6jN4M3gqfym2OVJg2zkTlohIpLmlJ_3XomikkEDWgNyijXz6tnwpnKbivhQ7GNea2kV9OboaBkVb0qYSmznNnRIHBEVZJzsFEmTPfAWUaQxZ3_1piako24XRyFL3htrJn455w3bz_p1kwErQuqkD2J0jIZTwHfHqPVNEcuBvnWZ-jxAam95d3DRoZFeH-pyWNJGH3Cs40we3qLFZR6AdQcynpYzD1bsRJt72Vg&sig=Cg0ArKJSzJeAJvVZAGMlEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=236&vt=11&dtpt=163&dett=3&cstd=72&cisv=r20240102.55697&arae=0&ftch=1&adurl=
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame EC13
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6atw,pingTime:-3,time:69,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6atw,pingTime:-6,time:69,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B65~0%5D,as:%5B65~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&tpiLookup=ao:www.mop-veins.tauri-veins.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6atF,pingTime:-3,time:40,type:v,im:%7BpBlk:26%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:14%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6atF,pingTime:-6,time:40,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:14%7D&tpiLookup=ao:www.mop-veins.tauri-veins.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6atJ,pingTime:-2,time:82,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:479,beZ:480,mfA:482,cmA:483,inA:483,inZ:485,prA:485,prZ:488,si:492,poA:493,poZ:505,cmZ:505,mfZ:505,loA:549,loZ:550,ltA:561,ltZ:561%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B78~0%5D,as:%5B78~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161.990511-61634098%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:13,sinceFw:69,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6atR,pingTime:-2,time:52,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:526,beZ:527,mfA:528,cmA:529,inA:529,inZ:532,prA:533,prZ:536,si:539,poA:540,bl:552,poZ:552,cmZ:552,mfZ:552,loA:566,loZ:567,ltA:578,ltZ:578%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:52,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:14,sinceFw:38,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9DC0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
26284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 17:59:20 GMT
cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 7CA0
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1864
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:54 GMT
flextarif.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 7CA0
4 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/flextarif.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1328
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:56 GMT
160x600_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 7CA0
10 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/160x600_40_prozent.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ddddd2b784c484f45756dc8bba5419400a497369695802aa1a5c01e4a3aa7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3020
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
160x600_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 7CA0
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/160x600_head_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e70feec33ee57fdeed636ab89a20156515e29b96cc56d8e20fd1315dd05c46f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1353
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
160x600_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 7CA0
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4722971/160x600_head_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91300e289e33ce13ec40e4599a15ee0f1c7f6596cf9ab87e9b59b74449304678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2127
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 7CA0
6 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:09:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:24:49 GMT
160x600_kv_fb.jpg
s0.2mdn.net/creatives/assets/4691997/ Frame 7CA0
37 KB
37 KB
Image
General
Full URL
https://s0.2mdn.net/creatives/assets/4691997/160x600_kv_fb.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f00ff1a6909daa2d7f8141c285ceb23b76edcc1da40f0f2e717ad2b6c81a803a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6171197435532655443/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:07:50 GMT
x-content-type-options
nosniff
age
574
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37787
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 10:22:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 04 Jan 2024 01:22:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8606
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDKoCIweWZbmsOIXL9u8PyMOrwAgAAAAAOAHgBAI&bg=!Xl2lXRLNAAY3kmNgF5I7ADQBe5WfOKSJPItstAjv7ir8wyCDf_MvGN1_Yvyjdb5HKrtBozEoGq3fzwe0u7qKon5QJU-5AgAAAKZSAAAAAWgBBwoABNBEyoiZAwtKoqtkGkeIrrWIfLOY2jINObwIZr3CDIBvjbT5czYk1Wx00P3st_sGHhXCRpoGsDxqDTZdjvMsCa4X9lv0k2lyfZjGpjqto6Q24Skr5tFpQ5epVU2rPzNcpzWB5n2ihHDSBpRTLHmf10XModItp1SQFHbViwxjv-WcIMsYzWkPCNt_2Awn0NEuQc5rwHmUdrhjoZo7_ou1UkF_D2z3DQo6d5Ki-D6UIQL5rYjLiO4a9GV6CPZoOZgXA8ebilZyTFF4tRt8g7nyOCDaG1Im08vl_RNq8yhrDaBQOwsaB8IWhzFU2cQE8jCPONQrSSbskGoLfPMA6WNzOaY7OrG0VwaTX9TlByQ4BaN_FxR8ESaUzu_vlD-B3evbgB6ojx5CjNICJ1ddAoQYcyVfR1kkT2f2ib3mCXgHbTA8wPEvMqOTDIKnC9PHmd9yVn2IzcIU7vYvPy29zx3Y0gsZ_342goPC5UE9Nho6oXXlftLMz9sO3JZW-v6D97T1cvn0iN318fnPOCmPl5a8cYCZsUij-BXWy6UmWjc4wkt0MzpykoAM7L9N6YM02kfgdkM2-SkkDKGbVlPJpdqswjn15YDaZTYNM_a93FfZ-Y0f6wrQFAZMG_COpri0kQAUgTJjoE8xZPkZ5WJgYJPk6Mo50fQD3DqHXg2hkEnHawFrUIi95Ccbtp1QtwJJtENWWo_d5E_2R3hE4dB6owMsI6N2_rJRKLLi7HH4PUiSTEs2h8vPLdsHjMAQefeS9b4qjeLqj8Quc43WAIZ0dmDCKBfw_Crx_KlEw7dzQLvDtcLwcep9UXYIwFXXOWTdlEpNuMByEmGpnCP1BMaL49NPrt7elf35u6eNjZlXguz_3ha3IC_pHDw_4yeKc0JZu8tr2S22XBaOvNd8ysxxMXCMFstl-Ky1gpbYWZY2JmfEbMAyWqYN-uJbvM1ZYwvEWtEGhkjZ4Q-ULRE8Yh23uHCU4a0YgEeEgfzYEw1EPsj4GQAsRloFS9Ky-a7hCx4z-yME5OW741GLGAaSVgO16VjeY3VNrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BF3
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bv9W3IweWZcquO5m89u8PoLyFqAQAAAAAOAHgBAI&bg=!U1ClUB_NAAY3kmNgF5I7ADQBe5WfOHV21rVsAUSYLvefxhOThYb51iAPGVs1BZvuM_zwGbEZ1zV1mUXbefhUurpsaQsUAgAAAG9SAAAAAWgBB5kDBfrfXoa3gzvrLKedYQG9xv7howOUhWGHZXxJeNJIJ2hALTGRoCJvbQR-qIPOF4Er-xdAKYbOMJVlMLPoj-RjFLPMP9aPuBLAECTXqC4bYCzxaQdJY5UjX5izku3rSLkI_0JxzlSFcXmEuBj2Qatrn96XfMTKktpX62ydCrkSnALlevFzIN1gkWPo8PE9wsuwXOgnXWFaiDeL359aDG42aQh6BFOt9oUNCLE2dlbu9SfQ5pPWzr9EWv_-wckWYyQa02B6wZIjtLhBzSxVFOpILwiBhVNiTHrKBwkFbBAF0Bw8f8i67bK_FmFKHRP1IGC-j-2ISEjc3OKOcN1xuLTeSvxB7PAomwHS8xgYQ5kx2E3lh0JMX4xVXDtazaBQeTWmAv0NgB0TtkJNoxsdgDv9S3PiWRuGwnGjVGdTBAI8-wQTtGczT1EiGwu_ZHHxuH-bx7nrKPV6T8TIq9Pixg_f7anVl3FjMG2F3hR-2AaA0LClkFgEy1Pmu1sOBeTNKawe72OezKC440Qb-Z6zuA85a0s7fZ1UUJYzkpDyN5ZNG_XXHmRKfFdAiUsBiENTD8UK7x5CzGCRRDY_bgr-33-ypybI91KajLholdE9nzbdhQ2gqtAcutmQslGftGUFmftOstss6jHjU2MBREw5Dre3uyNAEH0EZdMFfyzjqI4NRb6nhMAty8WsO81tStW2W17u4oEuPpFXBmjc4R8FofUNwL1mrg_9uMT7158Mhs7njAk1lnHZWuvVJilYdsDiJHkB-PyuDWqg-_c6OoomQEQdkxj6skSWSBfTlQDWYuLzoRk8PAX4ZIOarlhW3unFRyyF_PLCSKFkgGDOaBHzLlLd1XsTUQLmy0JrYqsjtCPtOVtWrNuDrLjZM2xbJSBf54Lxq0TDCFLKny9TVzJgqn66SLSQj9AJDCXf9bk1gaFMlAFh6zMCHg4sEOM9a5oM4YCcCp6c8BM6r53_9doZKaTEhY0Ih_X4QQrgJD09GoQnBbKvCc-4zJ4se3JYiVop-uxCI-fwhANn
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6avd,time:136,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:136,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B132~0%5D,as:%5B132~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:14,sis:107%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6aza,pingTime:-10,time:419,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1704331044635%7C%7Cfe155318af6e20832a3f795c2d4e5660%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7Cc2272f1a27b7d05b8e3048974375f104%7C%7Cbd6f325ff214d3a85f91f557c0623883%7C%7Cf8343c82b35c6e2da69469bdb2ff1d0e%7C%7C1ede4e35f7b388263852439453b3ffd0%7C%7C38733c2eb4ca9a4cad3157a54b27d813%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6azt,pingTime:-10,time:400,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1704331044655%7C%7Cafaabfdc577d8ee92a076dc0e5cbf81b%7C%7C746ded226cc656dc46dc973a01bf1b48%7C%7C38614199d5babe54424b3c0983649526%7C%7Cf985a76499cef3d448b9a99e5108dad3%7C%7C16c88461c4b1beee33eacd0ae3562203%7C%7C0f8577a5373e6c1353e52125465950e7%7C%7C27f7097a45cc251c3b4e556a336bdddd%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240102/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:24 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6aFA,time:779,type:e,im:%7BpLoad:753%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:779,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B775~0%5D,as:%5B775~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:353,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:0,renddet:svg.us,siq:14,sis:107%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:25 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 8249
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
174e05121c25fc5fdc7d313524eb49e4ec97e1348e3d973daee2d68f30e6bb87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EC13
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
483cfcdf062a54f29352987afb06042cef41330e17ab43a34e7dc52576984899

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame A9D9
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxK7nXe1NRMn4oExsQKRMMm9IpqPzpJROMojNnO12KPArSugRU1SVmmHs5pBDhIyJbML893euK17TmqIfJKDcZHwGPDWYigTOT-2u-ubV2xTXtU6AlWmQeld0PeQJKwtJG93TzwOqfcvkZhWmpSCYIyaXd&sai=AMfl-YQuS88rI4u7HHcSWqOLL4FcQ9nhN1cf0pX2x3Rx8-_p6oK6AJyLTb4AU-kLDOdivqwIrnjaAiiNnb8zDw26Dg_gdKFKkXeVh62ySXPZbq5j3ThsfhsamrOetJTYR5VN7B2hYyjw33Nny5Muhev5wg&sig=Cg0ArKJSzFhoMEqRl7r1EAE&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=341,828,1002,1092,1092&tos=341,487,174,90,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1704331043745&rpt=197&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6aJg,time:1045,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1045,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1041~0%5D,as:%5B822~0.0,219~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:719,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161.990511-61634098%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:145%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:25 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6aJT,time:1046,type:e,im:%7Bpci:%7Btdr:1003%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1046,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1042~0%5D,as:%5B784~0.0,258~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:178,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:14,sis:107%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:25 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
lottozo-202-sz-lottozo&op=1
m.mobilgo.eu/ Frame F724
842 B
991 B
Document
General
Full URL
https://m.mobilgo.eu/lottozo-202-sz-lottozo&op=1
Requested by
Host: www.mobilgo.eu
URL: https://www.mobilgo.eu/x3.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mobilgo.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
524
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:26 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
nemzetidohanyboltok00889&op=1
m.mobilgo.eu/ Frame 67ED
842 B
991 B
Document
General
Full URL
https://m.mobilgo.eu/nemzetidohanyboltok00889&op=1
Requested by
Host: www.mobilgo.eu
URL: https://www.mobilgo.eu/x3.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mobilgo.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
524
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:26 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
gpsorakhu&op=1
m.mobilgo.eu/ Frame 6951
842 B
991 B
Document
General
Full URL
https://m.mobilgo.eu/gpsorakhu&op=1
Requested by
Host: www.mobilgo.eu
URL: https://www.mobilgo.eu/x3.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mobilgo.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
524
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:26 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
shell_hun_benzinkut_1314&op=1
m.mobilgo.eu/ Frame 323A
842 B
991 B
Document
General
Full URL
https://m.mobilgo.eu/shell_hun_benzinkut_1314&op=1
Requested by
Host: www.mobilgo.eu
URL: https://www.mobilgo.eu/x3.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mobilgo.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
524
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:26 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
bacsbokodi-romai-katolikus-plebania&op=1
m.mobilgo.eu/ Frame 9DEC
842 B
991 B
Document
General
Full URL
https://m.mobilgo.eu/bacsbokodi-romai-katolikus-plebania&op=1
Requested by
Host: www.mobilgo.eu
URL: https://www.mobilgo.eu/x3.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mobilgo.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
524
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:26 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
ruhazat_-_vecses&op=1
m.mobilgo.eu/ Frame 91FE
842 B
991 B
Document
General
Full URL
https://m.mobilgo.eu/ruhazat_-_vecses&op=1
Requested by
Host: www.mobilgo.eu
URL: https://www.mobilgo.eu/x3.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.201.190.54 , Hungary, ASN62214 (RACKFOREST-AS, HU),
Reverse DNS
s01.okosvarosok.eu
Software
Apache /
Resource Hash
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mobilgo.eu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
524
Content-Type
text/html; charset=UTF-8
Date
Thu, 04 Jan 2024 01:17:26 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=0; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC13
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9892209397592&version=m202309260101&ct=76&x=1&cor=7517043475684671000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8249
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5151125375095&version=m202309260101&ct=76&x=1&cor=12340449346923743000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6aVR,pingTime:0,time:1788,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D,%7Br:r,w:160,h:600,t:788%7D,%7Bpiv:100,vs:i,r:,t:1788%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1788,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1784~0,0~100%5D,as:%5B784~0.0,1000~160.600%5D%7D%7D,%7Bsl:i,t:1788,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1784~0,0~100%5D,as:%5B784~0.0,1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:14,sis:107%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:26 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6aVS,pingTime:0,time:1827,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:12%7D,%7Br:r,w:160,h:600,t:826%7D,%7Bpiv:100,vs:i,r:,t:1827%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1827,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,0~100%5D,as:%5B822~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1827,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1823~0,0~100%5D,as:%5B822~0.0,1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:179,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161.990511-61634098%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:145%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:26 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame EC13
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_kISLeUAc8xvDLYQNbhlG3GQd2pDbF-LUd9pNUgSEXR-gEyPCxAX0qIhTFNuxJ4q-eN-dG4mcBNyvSDNy-uu2jloj84cYborSQ5A721wRHfb85Qq2MM23FF7PI7wu1cl-i_4bXkl2TYgUOxZn4kVAM8CR&sai=AMfl-YRyDJ1kQRQlL8ikZ0jI8-_wEr2TRLtDOAq24D51XHeuPTNQ8pQZWM6jjC3izQSMsHJDjrxOQONkl6wm62EMlGvqOm1xHuBcrE7TnmS1rDOKNc1jMrFDZPP0iqumxaBDip9DCymICyFbcD2OAC1PHg&sig=Cg0ArKJSzMklLzHumxpBEAE&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1704331043738&rpt=323&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8249
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzBx-wBBdoUV5QE4vex-MbtdnLIDemalvL_K-buRQnTZVg5zGveFV14agvfy7JkAtVwv1krFMDpNdFwgwzRaVHuzpAHjvLtG6qEaBM78jKvN7ksC93MOUAotj3DzLIntn6Q-DxyapEg5B0LFi-8IYLfJ1m&sai=AMfl-YSYKbEUju3Y4-MccWPecIGojWuCEQo-qJP1Hs4WjUnoETpVYTp8cnbMG9DeJT_euau0KE-sjDvsM3HmPe1Ckc1cq0f2wVV10UDqDZrldJPnwEo9Q9exqylJu8Cpb3lNYRpqkeva_HOfLv4oKpuh0w&sig=Cg0ArKJSzI_8JRByP1CVEAE&cid=CAQSTwAvHhf_i8jqisHcl4KO5A4St0_ZZYpcfuNdlWudwGICXn0K_gqDH3SEk1wCYRs36w4x0mu9DF5FnCRwBO6yTfdDJFNxwgeo5PeClXQalKYYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1704331043730&rpt=259&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 9DEC
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5812QZHH14
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/bacsbokodi-romai-katolikus-plebania&op=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
579712213c25fdb79c77d3859b5149afd1e551b2569dc35a57d43ea802829a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:26 GMT
js
www.googletagmanager.com/gtag/ Frame 6951
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5812QZHH14
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/gpsorakhu&op=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
579712213c25fdb79c77d3859b5149afd1e551b2569dc35a57d43ea802829a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:26 GMT
js
www.googletagmanager.com/gtag/ Frame F724
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5812QZHH14
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/lottozo-202-sz-lottozo&op=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
579712213c25fdb79c77d3859b5149afd1e551b2569dc35a57d43ea802829a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:26 GMT
analytics.js
www.google-analytics.com/ Frame 9DEC
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/bacsbokodi-romai-katolikus-plebania&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT
analytics.js
www.google-analytics.com/ Frame 6951
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/gpsorakhu&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT
analytics.js
www.google-analytics.com/ Frame F724
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/lottozo-202-sz-lottozo&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT
js
www.googletagmanager.com/gtag/ Frame 91FE
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5812QZHH14
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/ruhazat_-_vecses&op=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7d4a19dd7471be302d79aaf53bbba8caa14b5c319c44e5b67557e7dae0bb5bbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92974
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:26 GMT
js
www.googletagmanager.com/gtag/ Frame 323A
274 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5812QZHH14
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/shell_hun_benzinkut_1314&op=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
090c3934d781c614c84c5de24b8abbad910e006b0dee74929674169432f60178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92969
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:26 GMT
analytics.js
www.google-analytics.com/ Frame 91FE
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/ruhazat_-_vecses&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT
analytics.js
www.google-analytics.com/ Frame 323A
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/shell_hun_benzinkut_1314&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6bc0,pingTime:1,time:2789,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D,%7Br:r,w:160,h:600,t:788%7D,%7Bpiv:100,vs:i,r:,t:1788%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1788,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1784~0,1~100%5D,as:%5B784~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1788,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:189,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:14,sis:107%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:27 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8249
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6e8a8af1-ecfe-5c8a-8070-cadfe815812e&tv=%7Bc:i6bc0,pingTime:1,time:2789,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:13%7D,%7Br:r,w:160,h:600,t:788%7D,%7Bpiv:100,vs:i,r:,t:1788%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1788,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1784~0,1~100%5D,as:%5B784~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1788,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:189,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161*.990511-61634098%7C1611%7C16121%7C1613%7C171.990511-61634098%7C1711%7C17121%7C1713%7C1714%7C1811%7C1812%7C1813,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:14,sis:107,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:27 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6bc1,pingTime:1,time:2828,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:12%7D,%7Br:r,w:160,h:600,t:826%7D,%7Bpiv:100,vs:i,r:,t:1827%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:1827,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,0~100%5D,as:%5B822~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1827,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161.990511-61634098%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:145%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:27 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame EC13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=ac91af8a-9f21-0909-2519-a46fc594909d&tv=%7Bc:i6bc2,pingTime:1,time:2829,type:c,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:12%7D,%7Br:r,w:160,h:600,t:826%7D,%7Bpiv:100,vs:i,r:,t:1827%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1827,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1823~0,0~100%5D,as:%5B822~0.0,1001~160.600%5D%7D%7D,%7Bsl:i,t:1827,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:u0lVn8B+11%7C12%7C131%7C132%7C14%7C1511%7C1512%7C161.990511-61634098%7C1611%7C16121%7C1613%7C171*.990511-61634098%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:13,sis:145,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.mop-veins.tauri-veins.com
URL: http://www.mop-veins.tauri-veins.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:8881:61af:1952:b03f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 01:17:27 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
js
www.googletagmanager.com/gtag/ Frame 67ED
277 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5812QZHH14
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/nemzetidohanyboltok00889&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5ebc2c941985111387232e1b335db3859769bcb7b55a51bcec40740b5d35317e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93899
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 01:17:27 GMT
analytics.js
www.google-analytics.com/ Frame 67ED
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: m.mobilgo.eu
URL: https://m.mobilgo.eu/nemzetidohanyboltok00889&op=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.mobilgo.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 Jan 2024 23:48:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5350
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 04 Jan 2024 01:48:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240102&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d0b5acc61d1f8a12ad8891a49ee54db3e9b1f42e78a03d40fe4206e18f5c358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12334
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4105316393188386&plah=www.mop-veins.tauri-veins.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mop-veins.tauri-veins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 04 Jan 2024 01:17:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E92E
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
20804
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jan 2024 19:30:43 GMT
expires
Thu, 02 Jan 2025 19:30:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B128
829 B
997 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
509f56ebe4047514654f2f6274a01bd814148cbcebec584485f4d5a950366d87
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yCPAfHMC6XmAKofxnptT1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.mop-veins.tauri-veins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-yCPAfHMC6XmAKofxnptT1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jan 2024 01:17:27 GMT
expires
Thu, 04 Jan 2024 01:17:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame E92E
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 03 Jan 2024 17:59:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
26287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 02 Jan 2025 17:59:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B128
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240102&jk=19135867479619&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame E92E
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ROSNlA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 01:17:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| $TauriPower string| GoogleAnalyticsObject function| ga string| xsPCwcgZTBis string| lFTGTOnsMs number| MEhDHtQNNd number| fcpgFCPBEk number| lLtCtTqIkd number| XjfVkIGUro function| pJcALIgXWw object| girIANpqNo number| c2 number| c1 object| 6SY0tgVG6wkj function| vJbCmIWcvJ object| adsbygoogle object| _wau object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| x string| x1 string| x2 object| google_tag_manager function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp

14 Cookies

Domain/Path Name / Value
.tauri-veins.com/ Name: _ga
Value: GA1.2.1885476548.1704331042
.tauri-veins.com/ Name: _gid
Value: GA1.2.1928209719.1704331042
.tauri-veins.com/ Name: _gat
Value: 1
.tauri-veins.com/ Name: _ga_K89DWMDNXG
Value: GS1.2.1704331042.1.0.1704331042.0.0.0
.tauri-veins.com/ Name: __gads
Value: ID=c99a5121240f79c7:T=1704331042:RT=1704331042:S=ALNI_Map7seqWxK2eKSfIgfPAwOaF0s4fQ
.tauri-veins.com/ Name: __gpi
Value: UID=00000d37e8b841da:T=1704331042:RT=1704331042:S=ALNI_MZ7DFEZNwCP282JAfXx9Enxu2Rr9g
.adnxs.com/ Name: uuid2
Value: 4327006137977307059
.casalemedia.com/ Name: CMID
Value: ZZYHIhmle2X1MSptbCps8QAA
.casalemedia.com/ Name: CMPS
Value: 2139
.casalemedia.com/ Name: CMPRO
Value: 2139
.doubleclick.net/ Name: IDE
Value: AHWqTUknAFB3RGtrB62XU2Kpp_oi8rTdHLRA39e_burFWUQU1LuI1PwiTt7u5Dlz-WM
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>=hE'kR!]tbPl1M>e)ZlrFUfJ+tGXxpK^%($y]10:o?3hT^FU0:]<ua7XQ<</g+k.*S*bpRz*qF1`*b_0a)zP#S
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi4q2dDFXnYNmz3pJgH4w90--ys4AOV_Wp2w0IoXP9A0msFy4Q

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
chris.tauri.hu
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
m.exactag.com
m.mobilgo.eu
pagead2.googlesyndication.com
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
whos.amung.us
widgets.amung.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mobilgo.eu
www.mop-veins.tauri-veins.com
104.18.36.155
142.250.184.198
142.250.184.226
142.250.186.66
185.111.89.216
193.201.190.54
2001:4860:4802:34::36
213.202.235.8
23.32.185.35
2600:1f13:800:7780:8881:61af:1952:b03f
2600:9000:2127:ee00:8:48e:53c0:93a1
2606:4700:10::6816:4bab
2606:4700:10::ac43:88d
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9c
34.98.64.218
37.252.171.21
52.214.64.190
79.172.215.131
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
090c3934d781c614c84c5de24b8abbad910e006b0dee74929674169432f60178
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfbca2c5c1a3e89e8ed72df35d86429221e717de4262d4492c89c0543cfd278
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fa3759f94803591ff9e1afbf030c080c4ba9d53b4bd1a0f876a9ed8771ccea0
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
174e05121c25fc5fdc7d313524eb49e4ec97e1348e3d973daee2d68f30e6bb87
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d0b5acc61d1f8a12ad8891a49ee54db3e9b1f42e78a03d40fe4206e18f5c358
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
22b6d41073d2205cae5f88ee253bbc09050901ce0f1acf832a30a13da0c1c888
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
298b49c31f9c1f715013d2853e02609824fa5d27fd6fd8b1f81c9ecf8702e613
2b8b4d537d6eb7f042cd3891aa30a880b50e46f162b577b4a68468cb2f496190
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31f606ff16a9161e06ad0bcb7488be14e217ef394cc852db94e43e9e8506e159
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3cd44072c63c53f2a2ae516b3c41b9b9dff031e2f67b1f91955d2967be41b687
3ddddd2b784c484f45756dc8bba5419400a497369695802aa1a5c01e4a3aa7bc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47333801d35dc2034874e0c6ea152093349eabc0d2db403c0acc0fc46bc244dd
483cfcdf062a54f29352987afb06042cef41330e17ab43a34e7dc52576984899
48a56b3b18390376e5d7a17a9126d573860e135a0c33cd7f0823978c5df01835
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
509f56ebe4047514654f2f6274a01bd814148cbcebec584485f4d5a950366d87
50a794e19688427b2289b4ca2870d7c91c014af986a30c39d32127337223efea
53cd1f181b768b5a180a1ba877a68e7b8d129e77721531678ac9565f3b07be0f
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579712213c25fdb79c77d3859b5149afd1e551b2569dc35a57d43ea802829a90
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ebc2c941985111387232e1b335db3859769bcb7b55a51bcec40740b5d35317e
6126ef2cdd66774958abdfe8708579080f72cb81945d9921e8b6d33982bda4ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330e7f7120aed7b1686b171f6ce73e162e91e8fa6e4787a4c11925a96d819d5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7d4a19dd7471be302d79aaf53bbba8caa14b5c319c44e5b67557e7dae0bb5bbd
84e0fb51ec2895de93ffa10e80f843f766aa61e25fb1f98133791f52c57ceb6a
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8a6a36c32b2714a28aec1903147fda650d9407e55b9b4b0e77ca5e125de2271f
8ea1c992374b89ae0210dae0e44c8900dc2b9b259c8b6a4a962551d58fa94ce0
8f459e5752265ba096eb452df5800c1c1d43eb0670149d2a7b16b0e1409c0a99
91300e289e33ce13ec40e4599a15ee0f1c7f6596cf9ab87e9b59b74449304678
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
9a6ca90cfd38a578bcd19e8a64f55346b8c39ab70e38bbb614829ccd6d980584
9c991bd785f4ab396919fb62908a96434d7c8547845fc634488a41b588e1acc9
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1997ea4d6fbd2021c1d6b18231103f80d7069698b816b4860fa231a323c4095
a22cf128f4a73aed4a4e3007f723488d9d76ffe30d7c310d42726c9300e1c2bb
a55c8361609d92bef97505daed4760e05a2ddf988b01ce3a6d68e28c094a3d86
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aab2b74d4804b8d07173520f11c28b12d655f68858a403089a57369581f89c5f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b66375832d3ecc4973b5e0fd39f7bf7354edc56e7a0605cdb2bfea8cda1892ee
bc86db442d52bb08d80ba6967bc1f08ed7d6d954e374291ad19b8dd1a8bed27e
c1f01c392b1780cd46d0704b1c0c3bac211d676d12855ecd078d96adf2bf9c30
c3c6c07a63f714d29412e5d3065c9e9e231b2d392124f12ae9c320cf930c68ac
c3f803829bad79bb1e9f1216da0846b22e9cfbdda7a047f66ef0732b447fcabc
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1f2b2338b1659185c9dd70ce5944bd6a8f34997d601b0966003c49a35249948
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
dc694511bff51871e9dc5ece4e9504015ad4810b9c78ab8b686a0f774d00eb7a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70feec33ee57fdeed636ab89a20156515e29b96cc56d8e20fd1315dd05c46f5
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc02c68015c7eda949d4eea23a329f54ce6be309e000fcf92e8cc9be6043257
f00ff1a6909daa2d7f8141c285ceb23b76edcc1da40f0f2e717ad2b6c81a803a
f0823d6e2c76763f6e2fbe1107e48273796eae3bc1a3eb96148e42479d2efed2
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f8daf24eebca0055cddbe70db00a77f4efe746a38af5f88e0d90c8d6a3fc3a4b
fe63caa587fc71c2846e672b1775c7a3db34840ed7ccd34ab746d270958527b3