kiemlua.com Open in urlscan Pro
2606:4700:3030::6815:31cc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.kiemlua.com/
Effective URL:
https://kiemlua.com/
Submission: On February 28 via api (February 28th 2021, 4:39:51 am UTC) from US

Summary HTTP 89 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 19 domains to perform 89 HTTP transactions. The main IP is 2606:4700:3030::6815:31cc, located in United States and belongs to CLOUDFLARENET, US. The main domain is kiemlua.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 21st 2020. Valid for: a year.

This is the only time kiemlua.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2606:4700:303... 2606:4700:3030::6815:31cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::ac43:a719	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:b33b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
3	103.90.220.91 103.90.220.91	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
2	103.90.223.9 103.90.223.9	135912 (VNETWORK-...) (VNETWORK-AS-VN VNETWORK Joint Stock Company)
6	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	213.19.147.151 213.19.147.151	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
89	19

22 2606:4700:3030::6815:31cc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.kiemlua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kiemlua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:a719 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kiemlua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:b33b (United States)

ASN13335 (CLOUDFLARENET, US)

ssp.adpay.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.90.220.91 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

syndication.adxoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.90.223.9 (Viet Nam)

ASN135912 (VNETWORK-AS-VN VNETWORK Joint Stock Company, VN)

service.adxoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.133.58 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.151 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	kiemlua.com 2 redirects www.kiemlua.com kiemlua.com	659 KB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	422 KB
13	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	154 KB
6	google-analytics.com www.google-analytics.com	38 KB
6	googletagmanager.com www.googletagmanager.com	232 KB
5	adxoo.com syndication.adxoo.com service.adxoo.com	22 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	googletagservices.com www.googletagservices.com	89 KB
2	google.de adservice.google.de	2 KB
2	googleadservices.com partner.googleadservices.com	664 B
2	adpay.network ssp.adpay.network	2 KB
1	2mdn.net s0.2mdn.net	396 B
1	1rx.io 1 redirects sync.1rx.io	432 B
1	travelaudience.com 1 redirects ads.travelaudience.com	611 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com	479 B
1	mathtag.com 1 redirects sync.mathtag.com	817 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	dmca.com images.dmca.com	633 B
0	netmng.com Failed google2waycm.netmng.com Failed
89	19

	Domain	Requested by
22	kiemlua.com	1 redirects kiemlua.com
13	pagead2.googlesyndication.com	syndication.adxoo.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com kiemlua.com
6	www.googletagmanager.com	syndication.adxoo.com www.googletagmanager.com
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	syndication.adxoo.com	ssp.adpay.network syndication.adxoo.com
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	service.adxoo.com	syndication.adxoo.com
2	ssp.adpay.network	kiemlua.com
2	securepubads.g.doubleclick.net	kiemlua.com securepubads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	sync.1rx.io	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	images.dmca.com	kiemlua.com
1	www.kiemlua.com	1 redirects
0	google2waycm.netmng.com Failed	googleads.g.doubleclick.net
89	26

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
sub1s.com
1shorten.com
note1s.com
hackff.com
link1s.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-21` - `2021-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2022-04-04`	2 years	crt.sh
*.adxoo.com Sectigo RSA Domain Validation Secure Server CA	`2019-08-18` - `2021-08-17`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://kiemlua.com/
Frame ID: B6745141255CFDF1CEC1495AB9CFEF1F
Requests: 40 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-145677002-2
Frame ID: B46091D140582AC580F344F21C20E5D3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 54CEFED3EA736948245468C867A0A078
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=250&slotname=MLads_300x250&adk=4234211630&adf=354614432&pi=t.ma~as.MLads_300x250&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168705&bpp=20&bdt=55&idt=107&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&correlator=7452279171982&frm=23&ife=1&pv=2&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=40049794&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=808&biw=1600&bih=1200&isw=300&ish=250&ifk=3143868688&scr_x=0&scr_y=0&eid=42530672%2C21067569&oid=3&pvsid=1541501615441382&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5ljdoimuaqde&fsb=1&dtd=124
Frame ID: 10C045696A1DBF6F0BCFB012092DE166
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-145677002-2
Frame ID: DA7F82D8B807D129D6602F5B21361418
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
Frame ID: 9B6D7EE40FA6519A3FAB65F1E2303596
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 06360DAD79B23CFEAA5C81775813D81D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 48B65E0A591E2830F357057DC9A4EAD0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2A3585D01D331A67A32D2742C846237F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js
Frame ID: 096F6F17C68292372C1390294CF6D853
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 1A56E06C31570C83A286FF0C190BDD00
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.kiemlua.com/ HTTP 302
http://kiemlua.com/ HTTP 301
https://kiemlua.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

89
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

26
Subdomains

19
IPs

5
Countries

1620 kB
Transfer

3304 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dmca.com/Protection/Status.aspx?ID=12841cd6-446d-47ad-b052-88ed479f147a&refurl=https://kiemlua.com/
Title: <img src ="https://images.dmca.com/Badges/dmca_protected_sml_120m.png?ID=12841cd6-446d-47ad-b052-88ed479f147a" alt="DMCA.com Protection Status" />

Search URL Search Domain Scan URL

URL: https://sub1s.com/
Title: Tạo nút Sub Youtube

Search URL Search Domain Scan URL

URL: https://1shorten.com/
Title: All Shortener in One

Search URL Search Domain Scan URL

URL: https://note1s.com/
Title: Ghi Chú Miễn Phí

Search URL Search Domain Scan URL

URL: https://hackff.com/
Title: Bán Hack Free Fire

Search URL Search Domain Scan URL

URL: https://link1s.com/
Title: Rút Gọn Link Kiếm Tiền

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.kiemlua.com/ HTTP 302
http://kiemlua.com/ HTTP 301
https://kiemlua.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPov2h3Rdx9vf9BHLnmvTWo&google_cver=1&google_push=AQvitUJT_A1PmwykxoIGsj-vJXGiLeQjE2MzUqiN3WSEYccBK5NgB0Q5HGEIXxD-jHdzaEz3I79AE2Fk-WSOOJMQBi1geyjpduo8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUJT_A1PmwykxoIGsj-vJXGiLeQjE2MzUqiN3WSEYccBK5NgB0Q5HGEIXxD-jHdzaEz3I79AE2Fk-WSOOJMQBi1geyjpduo8

Request Chain 84

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBD4_tl0N7hbTU7EMVfdU0g&google_cver=1&google_push=AQvitUIEOEE8IrJ-lbE6oUnesG5uF3gj07UMxVHBgXis79mCX0yqUF50XZL7YkhlPgODW01d60K-eJfRd9mH1euzC2Lp2OptTKTl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIEOEE8IrJ-lbE6oUnesG5uF3gj07UMxVHBgXis79mCX0yqUF50XZL7YkhlPgODW01d60K-eJfRd9mH1euzC2Lp2OptTKTl&google_hm=HIF3BTGbTdO9WreY0E_rrWs

Request Chain 85

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPzsW26zB6P6a3wNY551O60&google_cver=1&google_push=AQvitUJjSelKdlwXgWqm2X3f1MGqjCx6JSJfX8uztBTmbp50qswUgaf5VZ-VDlz3P1rgBU3yTBmUdAvNzuZRmzQJfEWwtoeg-VCX HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3I-XAzw3QFWK1ejoCgANeg2&google_push=AQvitUJjSelKdlwXgWqm2X3f1MGqjCx6JSJfX8uztBTmbp50qswUgaf5VZ-VDlz3P1rgBU3yTBmUdAvNzuZRmzQJfEWwtoeg-VCX

Request Chain 86

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH_oy5J_nVVHWJ3YOc_m8HM&google_cver=1&google_push=AQvitUIXhwxFSAlJg2tS50VapG3crBtPvKE6Ws5PawoTVWRzZy3iqwDcvnoWFZkJiRGOHgmZuqt_c-n0JPnGl0Vh-Ns0K5b9fwc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIXhwxFSAlJg2tS50VapG3crBtPvKE6Ws5PawoTVWRzZy3iqwDcvnoWFZkJiRGOHgmZuqt_c-n0JPnGl0Vh-Ns0K5b9fwc&google_hm=

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

89 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kiemlua.com/
Redirect Chain

https://www.kiemlua.com/
http://kiemlua.com/
https://kiemlua.com/

136 KB
22 KB

501ms
501ms

Document
text/html

2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

53bfc34e9bc283c758b8351724add6a376d4338d678f7e22240a8aad097e4fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: kiemlua.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d58c33411b08e0c2d7a44fd99a7f996d51614487164
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 28 Feb 2021 01:33:16 GMT
x-rocket-nginx-serving-static: No
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=2592000
cf-cache-status: DYNAMIC
cf-request-id: 08888830fc00000ebb7f94f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5jlPk0vvNM6smA8t2rkerzXI5JdHvpmSb44G3ARVIIZmwvXssSmZMMtCBEm%2Blopmt01vZGX%2F2uiqc6suRIl73nrZJjzxJaST35FYCERvTE1RlEiYxGYV0w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6287762e5b750ebb-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sun, 28 Feb 2021 04:39:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 28 Feb 2021 05:39:25 GMT
Location: https://kiemlua.com/
cf-request-id: 08888830eb0000d6d1123e2000000001
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jVhMDYeoHk1DlCRrrscD9ssLLM87dB7NFbv1zHiQ9%2F%2Fu0shJxSXVBCWp7NbXuhv07GLs8hAGhFzoWsPqeMg7TeoOSMDp7B6lYCYrhLz%2B1UIDtI7uBziWbg%3D%3D"}],"max_age":604800}
NEL: {"max_age":604800,"report_to":"cf-nel"}
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 6287762e4d52d6d1-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 064f47885692c23831283bb624e43e21.css
kiemlua.com/wp-content/cache/min/1/ 113 KB
18 KB 21ms
19ms Stylesheet
text/css 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/cache/min/1/064f47885692c23831283bb624e43e21.css

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

60107c9fdc1a3079ce8cb9c3d7f8df0ae34f5962e11620ca793f1698030df47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1794041
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
cf-polished: origSize=115535
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 10 Jan 2021 11:37:08 GMT
server: cloudflare
etag: W/"5ffae6e4-4ba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: text/css
cf-bgj: minify
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I4DBR2oefnWHb0Swtahc5b14V5z%2F29nrlI8lAxIveQi7buOLKPn1CgU1x35g0%2F%2FUbGJuuL%2FriPk5HmUOTVy6qYC0HQIcsw1j%2FVynJ1J%2Fx1RonB%2Bg9jpU3A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888330300000ebb48843000000001
cf-ray: 628776319cc80ebb-FRA
expires: Tue, 09 Mar 2021 10:18:44 GMT

GET
H2 200 generatepress.woff2
kiemlua.com/wp-content/themes/generatepress/assets/fonts/ 1 KB
2 KB 14ms
13ms Font
font/woff2 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/themes/generatepress/assets/fonts/generatepress.woff2

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://kiemlua.com
Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1000533
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1264
x-xss-protection: 1; mode=block
last-modified: Wed, 07 Oct 2020 02:53:55 GMT
server: cloudflare
etag: "5f7d2dc3-4f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: font/woff2
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=76lnw0C6wociJjhXaFeaPAXjdtc07dx3JDdRljHEQDSz%2BltNh%2BlOwNfUq6LyVUlEcas7kyLqGfDw6EJhW4z9gAMx7ueXMJEXfLHtQBLfUqdYWn5qRreccg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888330400000ebb8b8b6000000001
accept-ranges: bytes
cf-ray: 628776319cca0ebb-FRA
expires: Thu, 18 Mar 2021 14:43:52 GMT

GET
H2 200 jquery.js Show response
kiemlua.com/wp-includes/js/jquery/ 95 KB
32 KB 20ms
19ms Script
application/javascript 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1022057
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
cf-polished: origSize=96873
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Sep 2020 08:42:44 GMT
server: cloudflare
etag: W/"5f686784-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
cf-bgj: minify
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3vv5rYubf5%2F%2Fzx8tpZauvJzxgSG99aHF8Kd8EkJJv8GN0J5gHxn1uRA%2B5LnwS6PAVf68Q4OQEcrKMXl8fXpMEED32g%2B4t1OAxzfrVEp0D5%2B9HKBzXQkEJw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888330400000ebba6b7d000000001
cf-ray: 62877631accb0ebb-FRA
expires: Thu, 18 Mar 2021 08:45:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 100ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

587852d6381ee2e5399e0b4d613cf8ad8de08dd091c810591a4bbddd3c64b7da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "797 / 273 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19356
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:25 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7e26cd19b0764321639c8ec60fca9d47e086642f8c5d90f2804bf63edeac99d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66d2c1247a53733f6e27998157d6a7f427885c304461ff0df9bde7dc37ccfb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2d26a537e8f05abb270dc683862c6369443e0076b9322b2fd45b53a8e61caf1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1712a7856aa0ce35c379255aea8ccc5ecad72e5d4f035b3150aa0d8dd2a5d6ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ac622e7b9b4de6f66c1ac03549a11a4444c48f9fbea86636d69993f4df1b51a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ 290 KB
102 KB 82ms
48ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:25 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acc37086d4f6916df51836daa36176bbc45e47accfe1a003f4e4bdae67e63e2f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adserve.php Show response
ssp.adpay.network/ 462 B
526 B 568ms
537ms Script
application/javascript 2606:4700:3036::ac43:b33b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.adpay.network/adserve.php?f=27

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b33b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

ccb45fbd1a09951f16e23d44a7b12d835760d28cf9728454d0e585c27c5829cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
x-powered-by: LarVPS
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4cP5%2BvHitLRK%2BL3Vu3CDqIo1Ed46app5qSukDdB%2BQWVINhkC5RoYGu%2BPpuC9UQ0Vu0WBLSnhEvVwY43Nc%2BUveHGmAZCgN4vgfAHZIO5cBMqO4Rjqr8ESJezSPzhL8A%3D%3D"}]}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08888834090000d6f1b1801000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cf-ray: 628776334df1d6f1-FRA

GET
H2 200 adserve.php Show response
ssp.adpay.network/ 462 B
1 KB 520ms
504ms Script
application/javascript 2606:4700:3036::ac43:b33b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.adpay.network/adserve.php?f=24

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b33b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

dfcc464d69527d4b66a2ea9303ea0d978e9e4a528e3d0beca498928f73610fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-xss-protection: 1; mode=block
x-powered-by: LarVPS
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=twBIkP6FRKudnyNQFVZRL%2BOqn8EgmF127Ze3VdEc%2Bd1zQjdC5WJSmm2jlfthjkVunCPELvcMMRTN7Mbw2fBNHP4nzrqZJ5qh9NBZUDA8alrPS%2F%2FvlVRvpUFXxp2xgg%3D%3D"}]}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08888834090000d6f1e201e000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cf-ray: 628776334df3d6f1-FRA

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
633 B 98ms
31ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: kiemlua.com
URL: https://kiemlua.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:26 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Tue, 30 Mar 2021 04:38:34 GMT

GET
H2 200 main.min.js Show response
kiemlua.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 12ms
11ms Script
application/javascript 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.0

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
age: 99466
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088888341b00000ebb6f013000000001
last-modified: Wed, 07 Oct 2020 02:53:55 GMT
server: cloudflare
etag: W/"5f7d2dc3-1c98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WIPJKhn5yaP0iGoDgMdtsRVH%2F6ufqRvwpPjHhUdYPbat9VJMHME74%2F%2FSuQxUP6RikMdgijk9rIQZ5IT1ymoqGgtbbmNCKx5Za6x4IBvdh36c99fo48LO8A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-ray: 628776335d8f0ebb-FRA
expires: Mon, 29 Mar 2021 01:01:39 GMT

GET
H2 200 navigation-search.min.js Show response
kiemlua.com/wp-content/themes/generatepress/assets/js/ 2 KB
1004 B 13ms
12ms Script
application/javascript 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.0.0

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

84d74d32de349a310b6d315e2e9c280bb641652fb0f40e4373282b8d63bb0131

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
age: 99466
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088888341b00000ebb54851000000001
last-modified: Wed, 07 Oct 2020 02:53:55 GMT
server: cloudflare
etag: W/"5f7d2dc3-85b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UfTDy%2B1FJjZ3MsjA1jjuyFwFObR4oxrw4GfWl3QvjNU8FzHXVMjHM28bDFcg5KkEq9Q%2FTjdNA09cPzLr2pIC%2FYm07aFiAePNc8QsPK%2BHC300hoAnZUvJlg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-ray: 628776335d900ebb-FRA
expires: Mon, 29 Mar 2021 01:01:39 GMT

GET
H2 200 infinite-scroll.pkgd.min.js Show response
kiemlua.com/wp-content/plugins/gp-premium/blog/functions/js/ 25 KB
7 KB 13ms
13ms Script
application/javascript 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/plugins/gp-premium/blog/functions/js/infinite-scroll.pkgd.min.js?ver=3.0.1

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

a3dd164cb3f89e244d280ab9066876d16ae4dc0b6c5a9759f8ca801ddb9f976e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
age: 1275438
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088888341b00000ebb99284000000001
last-modified: Mon, 05 Oct 2020 01:40:39 GMT
server: cloudflare
etag: W/"5f7a7997-62b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pINy8yyyJTTzOrDsUKDLCuMEQlrhjArhEc8b2B6aq3a7WOSuMkBWTRuMr3Ax1q0CONuxfKQthfLpO32eMyM93m%2BKm8TTEzAzAWWEv3K2LHZlWFLqAMf78A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-ray: 628776335d910ebb-FRA
expires: Mon, 15 Mar 2021 10:22:07 GMT

GET
H2 200 scripts.min.js Show response
kiemlua.com/wp-content/plugins/gp-premium/blog/functions/js/ 1 KB
936 B 12ms
12ms Script
application/javascript 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/plugins/gp-premium/blog/functions/js/scripts.min.js?ver=1.12.1

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

00bc145e070901985d9db9ae4e8f5398ade38812a28d1df534f831b53c2ecb46

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
age: 1275438
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088888341c00000ebb5c9e0000000001
last-modified: Mon, 05 Oct 2020 01:40:39 GMT
server: cloudflare
etag: W/"5f7a7997-4fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PgQCkU5nmz1y%2BWylvN6X55uw6xBWWN1WRfdp20nMmnrsM%2BtqrK7pW1p9hzodsex5YtSVvbQ7L18yFb0sWuy2cBKlK8b0n7jU9FQmx9r5VIDhwsp5gkKemg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-ray: 628776335d920ebb-FRA
expires: Mon, 15 Mar 2021 10:22:07 GMT

GET
H2 200 lazyload.min.js Show response
kiemlua.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kiemlua.com/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
age: 882208
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088888341c00000ebbca95b000000001
last-modified: Fri, 20 Nov 2020 03:07:20 GMT
server: cloudflare
etag: W/"5fb732e8-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000
x-download-options: noopen
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uh2q0aJiFeY9A03waqFdUfguk43InT0QmF8gYWWoJkHFeGvItKyntVgjXXW%2BnuHrlHVxJYCMRz4VcteHcQfpGmTK1LG4mgGeg9z5c9ZYOIwTh08DLCI3QQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-ray: 628776335d930ebb-FRA
expires: Fri, 19 Mar 2021 23:35:57 GMT

GET
H/1.1 200
OK adx-delivery.min.js Show response
syndication.adxoo.com/javascripts/ 285 B
541 B 1105ms
272ms Script
application/javascript 103.90.220.91
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.adxoo.com/javascripts/adx-delivery.min.js
Requested by: Host: ssp.adpay.network
URL: https://ssp.adpay.network/adserve.php?f=27
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.91 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0a59ad448a4fc7134f26d2aef834b268c207bb1ed627be2c497d95979365cc42

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 04:39:27 GMT
Last-Modified: Tue, 09 Jun 2020 19:35:53 GMT
Server: nginx
Age: 65874
ETag: "5edfe499-11d"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 285

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 chan-adblock-kiemlua-com.png.webp
kiemlua.com/wp-content/uploads/2021/02/ 11 KB
11 KB 530ms
528ms Image
image/webp 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/02/chan-adblock-kiemlua-com.png.webp

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

145de6b1beb94d63df78297568bf3bc1260d3da5595f310163a55c0a135d9ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11266
cf-request-id: 088888364c00000ebb8c080000000001
last-modified: Fri, 19 Feb 2021 12:10:06 GMT
server: cloudflare
etag: "602faa9e-2c02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gk35pDYCsyHUCQ0V3gYRttuT2wtPdf9cUTbDRIPk41Aqjd7Bkxd5%2Bzxb9DqH7QnuSZ6Vi%2F6b99EazuEQjFw6KK6p1OFXXFYwL1iTbl%2FmXLD5SXyJTFm6vA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 62877636eed20ebb-FRA

GET
H2 200 chen-code-len-header-blogger.png.webp
kiemlua.com/wp-content/uploads/2021/02/ 52 KB
52 KB 1077ms
1075ms Image
image/webp 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/02/chen-code-len-header-blogger.png.webp

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

41338f2523be6f747b10bb514799088f9fb8a5b44cb1258e2d3b07b105da963e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52784
cf-request-id: 088888364d00000ebb85840000000001
last-modified: Thu, 04 Feb 2021 10:40:37 GMT
server: cloudflare
etag: "601bcf25-ce30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PooiqGz%2FL5QbY%2BHw8wQ79Dm7hpOthCZPwS0LJPD8Rq2JPoXkV1yGIYRrR01x8wrwwJwjFOZ6CX%2FeD4KKe7i0k23f4yFMXUkinadhub22ZbA%2FRii8x4jYCg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 62877636eed30ebb-FRA

GET
H2 200 share-link-facebook-khong-bi-chan-spam.jpg.webp
kiemlua.com/wp-content/uploads/2021/01/ 61 KB
62 KB 1123ms
1121ms Image
image/webp 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/share-link-facebook-khong-bi-chan-spam.jpg.webp

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

cfef812a10749f427132abc6880127011b242fd4dccbe799fdd765a715bdf08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62622
cf-request-id: 088888365000000ebb7d3d7000000001
last-modified: Sat, 30 Jan 2021 14:36:53 GMT
server: cloudflare
etag: "60156f05-f49e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CS8hgBWmboTG0UWqapgHjUJSASI2kFk3TPQFs%2Brg4FO4BrOmbhKjbPrGtsOtGO88Ql0MV2r5cJQ96VncQX4ESSv6ghdASl5Xqi4JPRlwHDr5ut0PZWgegw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 62877636eed40ebb-FRA

GET
H2 200 huong-dan-su-dung-full-page-scipt.png.webp
kiemlua.com/wp-content/uploads/2021/01/ 62 KB
62 KB 1148ms
1147ms Image
image/webp 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/huong-dan-su-dung-full-page-scipt.png.webp

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

4e0da0b6857a4ee218c8f4b014f26cc9beb7326aa0413d4674bbdad895e6e03c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63054
cf-request-id: 088888364d00000ebb9eaba000000001
last-modified: Sun, 24 Jan 2021 05:36:55 GMT
server: cloudflare
etag: "600d0777-f64e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C7VgBJqteemhisTwYf1f%2BOyBYxODu6ZCnpNLsJixjtvVYCRvooCaNpuwmQap4Af33wlFB4vHlb0q8X96oqiNxbPaZPh3BoOapvOvoUf%2BgXCzUTiccxDK5Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 62877636eed70ebb-FRA

GET
H2 200 1_nxx-wtQYWO0BydKbdMEc1Q@2x.jpeg.webp
kiemlua.com/wp-content/uploads/2021/01/ 43 KB
43 KB 961ms
960ms Image
image/webp 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/1_nxx-wtQYWO0BydKbdMEc1Q@2x.jpeg.webp

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

f041c2a64a50d78e70728de9ccc43d424b056dcb54365c2fd86d6372eff8dfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43586
cf-request-id: 088888364e00000ebb95a27000000001
last-modified: Fri, 15 Jan 2021 06:46:31 GMT
server: cloudflare
etag: "60013a47-aa42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/webp
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KRK5FeD5OgeIELv9OcC8K8oYwMEDVytEeRf77EhjOZn9xT5Q3%2FgtddnzsYqSuMPcj4s0AJUdAFqGgNkP4zHNaNBVFnqv2nkEa5sNTh8FLmYfYET8dilE%2Fg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 62877636eed80ebb-FRA

GET
H2 200 tai-xuong-e1609678283102.jpg
kiemlua.com/wp-content/uploads/2021/01/ 6 KB
6 KB 550ms
549ms Image
image/jpeg 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/tai-xuong-e1609678283102.jpg

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

951951e342b3fbfc9e7be5adcad52246768f421819d43831b1eb3b9c48fcf53b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5758
cf-request-id: 088888364e00000ebb4e958000000001
last-modified: Sun, 03 Jan 2021 12:51:23 GMT
server: cloudflare
etag: "5ff1bdcb-167e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JgN6LkhvJZgrqKRrV%2FdFU9oThx9eFzayyRwXJJwiPlYLzWnepnsk%2B2MuR5YnP%2FGesSwoU0UcxZ5axt%2BrkPf0cJ5X2gkppirMfIsmbhnL9BMWhOzJw2Mp2w%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 62877636eed90ebb-FRA
expires: Tue, 30 Mar 2021 04:39:26 GMT

GET
H2 200 1shorten-quan-ly-tat-ca-trang-rut-gon.png
kiemlua.com/wp-content/uploads/2021/01/ 316 KB
317 KB 1160ms
1160ms Image
image/png 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/1shorten-quan-ly-tat-ca-trang-rut-gon.png

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

8703e5453df43011f2536665ca108acd8ed6e473a2977d07b9a6b42bf1facb12

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 323316
cf-request-id: 088888385d00000ebba736f000000001
last-modified: Sun, 03 Jan 2021 05:24:32 GMT
server: cloudflare
etag: "5ff15510-4eef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hx6ySis3dUIEFUQPCIxToYB1lWZtaaF72rBQJZCp90QegsnJaFdJp8eGRw51GstLzrhPyU0D625RYCHRmJ31h8F48NQmbl7wFQBISl3j23gCw61tswXuYg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
accept-ranges: bytes
cf-ray: 6287763a28440ebb-FRA
expires: Tue, 30 Mar 2021 04:39:27 GMT

GET
H2 200 chan-adblock-kiemlua-com-60x60.png
kiemlua.com/wp-content/uploads/2021/02/ 3 KB
3 KB 12ms
12ms Image
image/png 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/02/chan-adblock-kiemlua-com-60x60.png

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

91cd0f5f0f2872ebd0dc270c99dcf5f3fddfe0ff5c0ae860fffd685ac830b58e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 749454
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3100
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Feb 2021 12:24:31 GMT
server: cloudflare
etag: "602fadff-c1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KMucq1SuVeICLtsS5nU5FZFN%2Bufwrn1Ea7kS6a%2BAXQHOAt4zsXRNnvqxuDyd7MVsgol0cHS0usTZ11DH7zCkZ73XRHRGMjDQG53LzkOHHgHTYegBBJbb9A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888387200000ebb57b97000000001
accept-ranges: bytes
cf-ray: 6287763a48510ebb-FRA
expires: Sun, 21 Mar 2021 12:28:33 GMT

GET
H2 200 share-link-facebook-khong-bi-chan-spam-60x60.jpg
kiemlua.com/wp-content/uploads/2021/01/ 1 KB
2 KB 11ms
11ms Image
image/jpeg 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/share-link-facebook-khong-bi-chan-spam-60x60.jpg

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

661c6cb08772341b3951206b4129eccbb2c6b00f5db414be70212bf8e19cf9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1441912
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1499
x-xss-protection: 1; mode=block
last-modified: Sat, 30 Jan 2021 14:38:27 GMT
server: cloudflare
etag: "60156f63-5db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SodZsudrGz5qOWmLCG15RTreyZzH3bdiwPtXEgqMDZAtRhlye2I%2BfYhfCniWd6x5%2BfKT4E%2FVZ00%2BwOIzjt0%2BPDd6HSdQF43d2FKEaKbGV7TpsCsYxwuojw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888387e00000ebbbd08f000000001
accept-ranges: bytes
cf-ray: 6287763a68590ebb-FRA
expires: Sat, 13 Mar 2021 12:07:35 GMT

GET
H2 200 huong-dan-su-dung-full-page-scipt-60x60.png
kiemlua.com/wp-content/uploads/2021/01/ 8 KB
8 KB 15ms
15ms Image
image/png 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/huong-dan-su-dung-full-page-scipt-60x60.png

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

b5ff479c016cae17be1a5df8e8237534cfbb9b9dbed1b6b54abfbface1a832ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1002628
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8090
x-xss-protection: 1; mode=block
last-modified: Sun, 24 Jan 2021 05:37:49 GMT
server: cloudflare
etag: "600d07ad-1f9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/png
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KeRiEsQN3VAycltmfl0BCIT%2BRDflgo4LTh5D%2FMuPf9NFRXPovD2dXO%2F0xP0gh%2F8YfK%2FFbp6uCd2ZbEisIbuHMQoGk6EVUamLR0R0JJjPt306B2i%2FLEEniA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888388a00000ebbd012e000000001
accept-ranges: bytes
cf-ray: 6287763a78600ebb-FRA
expires: Thu, 18 Mar 2021 14:08:59 GMT

GET
H2 200 1_nxx-wtQYWO0BydKbdMEc1Q@2x-60x60.jpeg
kiemlua.com/wp-content/uploads/2021/01/ 1 KB
2 KB 11ms
10ms Image
image/jpeg 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/1_nxx-wtQYWO0BydKbdMEc1Q@2x-60x60.jpeg

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

bd9817ff301f8f4a48991b7f8ef89536b169e4d3af765b31f727be69b14cfbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1441907
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1504
x-xss-protection: 1; mode=block
last-modified: Fri, 15 Jan 2021 06:47:21 GMT
server: cloudflare
etag: "60013a79-5e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q5vQBKMiuxKvAS3j1cJZR7IwydZaXRcPIWAPW0EgPni0NZZJpDBIAHCddg43ht5Mw0ZlJDVwsnkQBVsl8wTJ%2BlL7AugaNJ1aESA90DSdWZypLGddMW72oA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 088888389900000ebb4885b000000001
accept-ranges: bytes
cf-ray: 6287763a88680ebb-FRA
expires: Sat, 13 Mar 2021 12:07:40 GMT

GET
H2 200 tai-xuong-e1609678283102-60x60.jpg
kiemlua.com/wp-content/uploads/2021/01/ 2 KB
2 KB 13ms
13ms Image
image/jpeg 2606:4700:3030::6815:31cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kiemlua.com/wp-content/uploads/2021/01/tai-xuong-e1609678283102-60x60.jpg

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:31cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / LarVPS

Resource Hash

de3f9ee454ba1a25e9bdcad459dec4813d6d584804a457d3c7475784ff683d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 893808
x-powered-by: LarVPS
x-rocket-nginx-serving-static: No
strict-transport-security: max-age=2592000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1928
x-xss-protection: 1; mode=block
last-modified: Sun, 03 Jan 2021 12:52:14 GMT
server: cloudflare
etag: "5ff1bdfe-788"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: image/jpeg
cache-control: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GswvXUbhv5jAQE8OFAnqWRpULdr5TaIG5nKpZmKr9fMxBShypI%2F9lMPCRFELsOD8pfXF91FWGEkOsxLyFYPiCiyq17sjSX%2BVkbBufqmhf0UAtDNGBM%2Fumw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
cf-request-id: 08888838a400000ebba7370000000001
accept-ranges: bytes
cf-ray: 6287763aa86f0ebb-FRA
expires: Fri, 19 Mar 2021 20:22:39 GMT

GET
H/1.1 200
OK adx-library.min.js Show response
syndication.adxoo.com/javascripts/ 30 KB
10 KB 275ms
274ms Script
application/javascript 103.90.220.91
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=2482643572
Requested by: Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-delivery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.91 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 69faecb26a71ae5711a615bad4f1055efeff6664529a364642d1bfbc4a761742

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 04:48:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Oct 2020 04:29:51 GMT
Server: nginx
ETag: W/"5f9b96bf-789b"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK adx-library.min.js Show response
syndication.adxoo.com/javascripts/ 30 KB
10 KB 601ms
274ms Script
application/javascript 103.90.220.91
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=769270388
Requested by: Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-delivery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.220.91 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 69faecb26a71ae5711a615bad4f1055efeff6664529a364642d1bfbc4a761742

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 04:48:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 30 Oct 2020 04:29:51 GMT
Server: nginx
ETag: W/"5f9b96bf-789b"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK al6abG7rDKfWmLeXd1Xn.json Show response
service.adxoo.com/ 360 B
621 B 710ms
252ms Fetch
application/json 103.90.223.9
VNETWORK-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://service.adxoo.com/al6abG7rDKfWmLeXd1Xn.json?adw=300&adh=250&rd=2044732352-936&pageurl=https://kiemlua.com/
Requested by: Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=2482643572
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.223.9 , Viet Nam, ASN135912 (VNETWORK-AS-VN VNETWORK Joint Stock Company, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: 12d19c94d64b148b562dc699f3b240a1a187931eecbef27113bbb5c2df600332

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 04:39:28 GMT
ETag: W/"168-xS9hEuMdnwys55RWMwzpLjeRgAM"
Server: nginx
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 360

GET
H/1.1 200
OK rXdqDppDXqcnqRrj0QBg.json Show response
service.adxoo.com/ 360 B
621 B 639ms
252ms Fetch
application/json 103.90.223.9
VNETWORK-AS-VN VN...

General

Check archive.org

Show headers Download Go to

Full URL: https://service.adxoo.com/rXdqDppDXqcnqRrj0QBg.json?adw=300&adh=600&rd=517809413-261&pageurl=https://kiemlua.com/
Requested by: Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=769270388
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.90.223.9 , Viet Nam, ASN135912 (VNETWORK-AS-VN VNETWORK Joint Stock Company, VN),
Reverse DNS
Software: nginx / Express
Resource Hash: ca3323e7ea809d698df7e89b3050b65d7821866017ba67a753496337f15f6c04

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 04:39:28 GMT
ETag: W/"168-41WKebo2qGRPkAb6iukHuXJedGM"
Server: nginx
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 360

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame B460 98 KB
39 KB 38ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145677002-2

Requested by

Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=2482643572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c55c098fbfdc09c0061f99af1db27daefc2ce388d4aeccf8720cbb26080555f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39450
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame B460 98 KB
39 KB 45ms
25ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145699633-4

Requested by

Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=2482643572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

164b4c4d3b5d61e09cfac5458f92cf58ce6dffe838da473fa71ca3846e71c12c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39452
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B460 95 KB
34 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=2482643572

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame B460 227 KB
86 KB 61ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5016155138623826&plah=kiemlua.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 54CE 10 KB
5 KB 24ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kiemlua.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kiemlua.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Feb 2021 00:12:56 GMT
expires: Sun, 14 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 15992
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame B460 46 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145677002-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3131
date: Sun, 28 Feb 2021 03:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 05:47:17 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame B460 98 KB
39 KB 48ms
35ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145699633-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145677002-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b7685cb27c2e5fd8a258ed667846b8b0d7ea3e4ce247f1bc273e69df3ecbfc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39482
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 04:39:28 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame B460 2 B
191 B 44ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=40049794&t=pageview&_s=1&dl=https%3A%2F%2Fkiemlua.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=IEBAAUABAAAAAC~&jid=340508792&gjid=243665457&cid=1741223893.1614487169&tid=UA-145677002-2&_gid=616150666.1614487169&_r=1&gtm=2ou2h0&z=1320413538

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kiemlua.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame B460 1 B
26 B 50ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=40049794&t=pageview&_s=1&dl=https%3A%2F%2Fkiemlua.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=IEDAAUABAAAAAC~&jid=224956655&gjid=1394757286&cid=1741223893.1614487169&tid=UA-145699633-4&_gid=616150666.1614487169&_r=1&gtm=2ou2h0&z=892496137

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kiemlua.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B460 201 B
436 B 45ms
43ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kiemlua.com&callback=_gfp_s_&client=ca-pub-5016155138623826

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5016155138623826&plah=kiemlua.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

305f3dc8f8df5e2bf143e066eaa713d8fde733d660b45de062c8ba67f52cf3f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame B460 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kiemlua.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B460 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kiemlua.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10C0 603 B
608 B 184ms
171ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=250&slotname=MLads_300x250&adk=4234211630&adf=354614432&pi=t.ma~as.MLads_300x250&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168705&bpp=20&bdt=55&idt=107&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&correlator=7452279171982&frm=23&ife=1&pv=2&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=40049794&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=808&biw=1600&bih=1200&isw=300&ish=250&ifk=3143868688&scr_x=0&scr_y=0&eid=42530672%2C21067569&oid=3&pvsid=1541501615441382&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5ljdoimuaqde&fsb=1&dtd=124

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5016155138623826&output=html&h=250&slotname=MLads_300x250&adk=4234211630&adf=354614432&pi=t.ma~as.MLads_300x250&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168705&bpp=20&bdt=55&idt=107&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&correlator=7452279171982&frm=23&ife=1&pv=2&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=40049794&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=808&biw=1600&bih=1200&isw=300&ish=250&ifk=3143868688&scr_x=0&scr_y=0&eid=42530672%2C21067569&oid=3&pvsid=1541501615441382&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5ljdoimuaqde&fsb=1&dtd=124
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kiemlua.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kiemlua.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 04:39:29 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 04:54:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 04:39:29 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B460 74 KB
28 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:28 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame B460 1 B
440 B 38ms
13ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-145677002-2&cid=1741223893.1614487169&jid=340508792&gjid=243665457&_gid=616150666.1614487169&_u=IEBAAUAAAAAAAC~&z=2012484570

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 04:39:28 GMT
content-type: text/plain
access-control-allow-origin: https://kiemlua.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame DA7F 98 KB
39 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145677002-2

Requested by

Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=769270388

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e5c0bb7d3a0581c9077bf02df79f946f8303b6da73190911ce27efbe58fbd8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39453
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame DA7F 98 KB
39 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145699633-4

Requested by

Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=769270388

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0fe070a35cfe3ef8988d6acd8c22b55085c767e96b262c58e5b1669031c80c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39451
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DA7F 95 KB
34 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: syndication.adxoo.com
URL: https://syndication.adxoo.com/javascripts/adx-library.min.js?rd=769270388

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34369
x-xss-protection: 0
server: cafe
etag: 18387054023701307728
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ Frame DA7F 227 KB
85 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5016155138623826&plah=kiemlua.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame DA7F 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145677002-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3131
date: Sun, 28 Feb 2021 03:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 05:47:17 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame DA7F 98 KB
39 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145699633-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145677002-2

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f77841e439647462f4bae9b66456b1bb98f8c3b72af56608c9558511b0c220f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39483
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 04:39:28 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame DA7F 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1126273661&t=pageview&_s=1&dl=https%3A%2F%2Fkiemlua.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x600&je=0&_u=AACAAUAB~&jid=&gjid=&cid=1741223893.1614487169&tid=UA-145677002-2&_gid=616150666.1614487169&gtm=2ou2h0&z=1503046852

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 13:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55919
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame DA7F 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1126273661&t=pageview&_s=1&dl=https%3A%2F%2Fkiemlua.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x600&je=0&_u=AACAAUAB~&jid=&gjid=&cid=1741223893.1614487169&tid=UA-145699633-4&_gid=616150666.1614487169&gtm=2ou2h0&z=1445446481

Requested by

Host: kiemlua.com
URL: https://kiemlua.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Feb 2021 13:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55919
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DA7F 12 B
228 B 35ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kiemlua.com&callback=_gfp_s_&client=ca-pub-5016155138623826&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DA7F 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kiemlua.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DA7F 107 B
531 B 42ms
27ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kiemlua.com

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B6D 70 KB
25 KB 230ms
230ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53d2e2799cfb09e6d15dc1e54dbf75fffebc2699f92402b530b47d57f3b01662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kiemlua.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kiemlua.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 04:39:29 GMT
server: cafe
content-length: 25050
x-xss-protection: 0
set-cookie: IDE=AHWqTUkqDM_RljzOsu3Nf_5C_ziByVdjz03Iwkv6yoT31H77AfIx9ZJBqocknqlkBf8; expires=Fri, 25-Mar-2022 04:39:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 04:39:29 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA7F 74 KB
28 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:29 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B460 8 KB
7 KB 45ms
31ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ca316e6a08bc7dd66a09adff4d37b35075097afae9506bf1de69b083082d985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6447
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B460 17 KB
7 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:29 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0636 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kiemlua.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kiemlua.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 02:52:46 GMT
expires: Mon, 28 Feb 2022 02:52:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6403
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 0636 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 21:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 112759
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Sat, 26 Feb 2022 21:20:10 GMT

GET
H3-Q050 200 6054037246232662329
tpc.googlesyndication.com/simgad/ Frame 9B6D 102 KB
102 KB 7ms
7ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6054037246232662329

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

926a498a227263ac8c1bab0581fa89ea672fbb5ed21af75a7beb59dee341e397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 13:43:44 GMT
x-content-type-options: nosniff
age: 140145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104000
x-xss-protection: 0
last-modified: Fri, 26 Feb 2021 10:08:06 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 13:43:44 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame 9B6D 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 02:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 02:28:37 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9B6D 3 KB
2 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1301
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 04:17:48 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B6D 107 KB
33 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342950420569"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33470
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:29 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9B6D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:05:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2025
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Mar 2021 04:05:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9B6D 0
0 33ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpWo1nULsJTMjjKORc5gjbzCz5qOJdyG1qyLj960gFjXF_Thr25W9bdEaicecAw_WjLOdiLYBuJBenVx9hzBP5xf-IUA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame 9B6D 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 23:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18036
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10821
x-xss-protection: 0
server: cafe
etag: 17492731367415995335
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Mar 2021 23:38:53 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 48B6 143 B
220 B 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkqDM_RljzOsu3Nf_5C_ziByVdjz03Iwkv6yoT31H77AfIx9ZJBqocknqlkBf8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 28 Feb 2021 03:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3485
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2A35 1 KB
853 B 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Feb 2021 03:14:09 GMT
expires: Mon, 01 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 5120
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9B6D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 513dd0af31a1d97237dddbf6aaaf5172fb992cc944f2abb74f7e1a36a10e6415

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET /
google2waycm.netmng.com/cm/ Frame 2A35 0
0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2A35 0
104 B 99ms
63ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEN26nPQBdvVTful4aWCfrB8&google_cver=1&google_push=AQvitUKp_wy7BzUhncdRgzwvEhXLKIpFF0V5RrXQQGtKjAn3Ff8xeE1uDwh3660XTMowBBxPLMP1kMe5_hDR3-Prc4TNlnzE40H8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2A35
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPov2h3Rdx9vf9BHLnmvTWo&google_cver=1&google_push=AQvitUJT_A1PmwykxoIGsj-vJXGiLeQjE2MzUqiN3WSEYccBK5NgB0Q5HGEIXxD-jHdzaEz3I79AE2Fk-WSOOJMQ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUJT_A1PmwykxoIGsj-vJXGiLeQjE2MzUqiN3WSEYccBK5NgB0Q5HGEIXxD-jHdzaEz3I79AE2Fk-WSOOJMQBi1geyjpduo8

170 B
190 B

84ms
50ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUJT_A1PmwykxoIGsj-vJXGiLeQjE2MzUqiN3WSEYccBK5NgB0Q5HGEIXxD-jHdzaEz3I79AE2Fk-WSOOJMQBi1geyjpduo8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 28 Feb 2021 04:39:25 GMT
Server: MT3 3518 2f03077 master zrh-pixel-x25
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUJT_A1PmwykxoIGsj-vJXGiLeQjE2MzUqiN3WSEYccBK5NgB0Q5HGEIXxD-jHdzaEz3I79AE2Fk-WSOOJMQBi1geyjpduo8
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 28 Feb 2021 04:39:24 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2A35
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBD4_tl0N7hbTU7EMVfdU0g&google_cver=1&google_push=AQvitUIEOEE8IrJ-lbE6oUnesG5uF3gj07UMxVHBgXis79mCX0yqUF50XZL7YkhlPgODW01d60K-eJfRd9m...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIEOEE8IrJ-lbE6oUnesG5uF3gj07UMxVHBgXis79mCX0yqUF50XZL7YkhlPgODW01d60K-eJfRd9mH1euzC2Lp2OptTKTl&google_hm=HIF3BTGbTdO9WreY0E_rrWs

170 B
190 B

84ms
50ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIEOEE8IrJ-lbE6oUnesG5uF3gj07UMxVHBgXis79mCX0yqUF50XZL7YkhlPgODW01d60K-eJfRd9mH1euzC2Lp2OptTKTl&google_hm=HIF3BTGbTdO9WreY0E_rrWs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUIEOEE8IrJ-lbE6oUnesG5uF3gj07UMxVHBgXis79mCX0yqUF50XZL7YkhlPgODW01d60K-eJfRd9mH1euzC2Lp2OptTKTl&google_hm=HIF3BTGbTdO9WreY0E_rrWs
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2A35
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEPzsW26zB6P6a3wNY551O60&google_cver=1&google_push=AQvitUJjSelKdlwXgWqm2X3f1MGqjCx6JSJfX8uztBTmbp50qswUgaf5VZ-VDlz3P1rgBU3yTBmUdAvNzuZRmzQJ...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3I-XAzw3QFWK1ejoCgANeg2&google_push=AQvitUJjSelKdlwXgWqm2X3f1MGqjCx6JSJfX8uztBTmbp50qswUgaf5VZ-VDlz3P1rgBU3yTBmUdAvNzuZRmzQJfEWwtoeg-VCX

170 B
484 B

83ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3I-XAzw3QFWK1ejoCgANeg2&google_push=AQvitUJjSelKdlwXgWqm2X3f1MGqjCx6JSJfX8uztBTmbp50qswUgaf5VZ-VDlz3P1rgBU3yTBmUdAvNzuZRmzQJfEWwtoeg-VCX

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 28 Feb 2021 04:39:29 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=3I-XAzw3QFWK1ejoCgANeg2&google_push=AQvitUJjSelKdlwXgWqm2X3f1MGqjCx6JSJfX8uztBTmbp50qswUgaf5VZ-VDlz3P1rgBU3yTBmUdAvNzuZRmzQJfEWwtoeg-VCX
x-host: tde-deliveryengine-production-85f9bdccff-9rgvd
alt-svc: clear
content-length: 0

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame 2A35
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIXhwxFSAlJg2tS50VapG3crBtPvKE6Ws5PawoTVWRzZy3iqwDcvnoWFZkJiRGOHgmZuqt_c-n0JPnGl0Vh-Ns0K5b9fwc&google_hm=

170 B
190 B

50ms
49ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIXhwxFSAlJg2tS50VapG3crBtPvKE6Ws5PawoTVWRzZy3iqwDcvnoWFZkJiRGOHgmZuqt_c-n0JPnGl0Vh-Ns0K5b9fwc&google_hm=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 04:39:29 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AQvitUIXhwxFSAlJg2tS50VapG3crBtPvKE6Ws5PawoTVWRzZy3iqwDcvnoWFZkJiRGOHgmZuqt_c-n0JPnGl0Vh-Ns0K5b9fwc&google_hm=
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 2A35 43 B
396 B 37ms
14ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELA9PmokYs8aMfsVSoJLGcg&google_cver=1&google_push=AQvitUJ8_vdev5abxdM36gah-s7cnVhfbceEaliiNXicx8n_QTqj5rXNcJgqgVoGDUGQ3BGWi98y2UnXqw1sWaVWBs4cGK1RasBm0w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Mon, 01 Mar 2021 04:39:29 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2A35 0
236 B 100ms
34ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JYtKwux1zBUsnnoJA2xpbefaRallzGd18KTW9hnByxiZrrfHPdxmwxhMkr1YuW23J0kf1Qlg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DA7F 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d75df1bd1ce1c1ef73b6a7a1e286d7180beaca24efb110346be2744c68ee094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6433
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 48B6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
112 B

14ms
14ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkqDM_RljzOsu3Nf_5C_ziByVdjz03Iwkv6yoT31H77AfIx9ZJBqocknqlkBf8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 04:39:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 28-Feb-2021 05:39:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 04:39:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 28 Feb 2021 04:39:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DA7F 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 04:39:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 04:39:29 GMT

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 096F 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 21:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 112759
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Sat, 26 Feb 2022 21:20:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B460 0
111 B 41ms
40ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=1541501615441382&bg=!DwylDE_NAAXB_3NtwTsAKQB2-DxawvOhBMEtd1woTKMxqaM6qCSKKW2W63JYphAvUqCZhba1gi2RAgAAALRSAAAALmgBBwoBc2ll5HRV1pUAOifzhWsfT55Zu7kjbC5S0Q84WqJedTwqAKN9su8kcsaThihb2jISuzSJ77iXRCgJX_fjt0tPkaD6-lE2aTXVrl0gzDAXZiWZ99Vkg7Wl0wH4Gz4-9fMCEAm7nfAdoY2siR5iROb11RSFYgZu5Klm59q6cIdS0Tavy61-u5E5vpPgiLhXQ6TNf08StHZ85KyOA1WBgmIG6sMWzxAUQYS3ovyBEewMtYBTrTRd1JbXTySqDUwdjEpXvgbWBK-3wXDsEHRtGCFpj0AC3am5w-fPrLzMavyRC0cuCBsgRn1AvGEfzwAUqVqrg_o17BLrgvvTqGCPzx8x4v0pAyVs7xdYG74U1trPPi4z5KeN6bB19RwrfqW59ySnilQLPhIk-rM6myrH04jhmJwcVrdNE5e3WId-wyBvxb1-ttbpVYEnc6it8ywyjNmq87lfJ50Qpa0S6F7ZeHtVmEE2EZAAGsOxG7PUtVmbmdI_oAE2mQHZs46yEa1DVZlCUXh1teKYL4gLaIQOXFR9nX4EWX8twyTCUwUtwGvkdjRYuhbpeA8VyS-lAIq4bWuwoUp-0WJ74f5KPJvzxpnzBURvZGiuYhNDpXGemV-wzOfpUlA9On4qTz9z7zz2ZJqrpROlp1_1A7s-ZunbyzbYDozJA-5voCGel7vzhLo1M5eKljASct4kyPw37XKven0i8AL9x9Ud-7AKFDCY32JeqBuJTULmEOYulqn5is73iWHdkp9ENo1CBvs8hsL3Sj0LshxBrq11I9IIAX6LsZ0BSoFpjEOPHHN6m_VlOVZdtVPtB6TZdOiLIs8Acj2pVq4DbjC2FT5eEmezMBxsm4N51M6GxBzLM7BJyp2rfjZcuN1OgNMwIPrZ93VHKOCfk256gzHK7ZANfbhZIw8jr5WJ8R6AREiF7ShqNAxrZe5GFip6iGc2o3KQQQh_lctO4E9JO-tX3ECydszOp-0l6ggXMzVY4xjR19IbMBJrK7gxA15syekT8vPApFms6bor-CSdh1y8I_4PfkBpvPEzenaUyLC3DgKOaLsyxzgDixIwZm9nRXLsbNIIyBN34QKIfbvBxKakYqGYlanshwbHShd4JRk3Uf7uNQj_0fQ5WcS9zHI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 1A56 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://kiemlua.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kiemlua.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 02:52:46 GMT
expires: Mon, 28 Feb 2022 02:52:46 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6403
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A56 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T-Hew4zKFoEuSiaqIGgqIslCHcmG-ErS7x6AqoEqFIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 21:20:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 112759
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6212
x-xss-protection: 0
expires: Sat, 26 Feb 2022 21:20:10 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA7F 0
23 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=4311802903735485&bg=!DQ6lDk3NAAXB_3NtwTsAKQB2-DxaRSuhe5amqzxKjdjrc1eihpZp9MAsWCogFOjZlDh6dC1LygH6AgAAAGJSAAAAC2gBBwoAR-OZ6FDvgrcGDB1yZKg3gQglH7fUUFjiO2UzURYL2zrq71-2WAxDMUgFEAvDBTX7ZCdsvOpw1eS69YhST2KoBBCAUvW-ECREmQHn7QCxhVVVY0zrUYZv5XoRMsPt0hJXaTj75xiQIOVtD1o143adcm0sq3qsWsfgo33aKONlotevc3bvtmef7IBj_LQalX2u213UjGFP3QxGhiO4yDCQlEDqzA-eFoSPct0CwH52uHEpcy5ucWCu05gES0jvqpEsFKLBAVGngsb1BtB3ImTnbdInkeSYAeOxIWJhjjrbP5DX6UwhDwd9nGwXMOggnPtxfCY-qdI9rnFroJhe4xrtHKLazVsEadg-_d0BblOL-OCu5Og0i2woKyb2vySZYlysgDchoUiwftJDm3vROwfBvlMOxA4nZdKDcX3Xb72t1xfjIrVOuNUyV53hmfTFVhAZdUx2qNw1ZH38t4tuKyQWjb9KxcLCbMRRWJ78vySDpCvISQLU5J6yg_2GkNhH1r0_wxxRhkQ80cDpDaeyc1LpRc2rpsqLQDTYliKWlAvl-f0NEeBLoPYKiuPok5chaMDlDR3zi9zWFcf_dhtaIKR3bRjOMieg5HOWuNUxtxR3LBmhMERJhPK7l-_hQs3yFVKtvO33GpDA53tuDs4l6SHPfYYjrf8-2YnRcFdbl6RG0Mc9rE_7oKU5E9wHeNj18Mxd_xXaW3MOqWTrmWkc7nDGnoJ9NIq8b2akrUZpjGh3eNC7aQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kiemlua.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B6D 42 B
155 B 47ms
46ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8ycEvjL4mk0rFNPt2s7D1HSWvexiuO_XGfqJm2hBLTygCtzqKk1k3yhBDb8dVaVDaNCuYzYRoWGDLs15vpBry3S-y9nZbQH1QBayG8eI0siD-L2WVDjfK-PIRgw&sai=AMfl-YRGaNozopFepFIFVekV479Wip5NDwYBZjlhWG9Z61Vhn-BAXNqw-F_ChPLgw5MtPftcPqyH5pQ9aHOAqJOG-x8EKlm11Lmz0EvfYG8j8kjqN-sG67f000e1zqM&sig=Cg0ArKJSzBJ0azF3I_NmEAE&cid=CAASF-RoGZikHPAvxtpPTy7yn3EdgHFkVPln&id=osdim&mcvt=1007&p=0,0,600,300&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20210226&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3249388512&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614487169043&dlt=234&rpt=49&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5016155138623826&output=html&h=600&slotname=MLads_300x600&adk=3249388512&adf=354614435&pi=t.ma~as.MLads_300x600&w=300&url=https%3A%2F%2Fkiemlua.com%2F&ea=0&flash=0&wgl=1&dt=1614487168935&bpp=5&bdt=31&idt=98&shv=r20210224&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5765f75deabdfe9c-2205d185e7a600e8%3AT%3D1614487168%3ART%3D1614487168%3AS%3DALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g&correlator=7452279171982&frm=23&ife=1&pv=1&ga_vid=1741223893.1614487169&ga_sid=1614487169&ga_hid=1126273661&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1049&ady=192&biw=1600&bih=1200&isw=300&ish=600&ifk=3143864754&scr_x=0&scr_y=0&eid=44736525%2C21068495%2C21068945&oid=3&pvsid=4311802903735485&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C600&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.q0zk5m35skxi&fsb=1&dtd=107
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 04:39:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google2waycm.netmng.com
URL: https://google2waycm.netmng.com/cm/?google_gid=CAESEMoDqokkKq8QFLCSb5OEWww&google_cver=1&google_push=AQvitUIi1JyRMzhEBRvFLfk_nszV2sMO__KdAgMMSjRpl7ZDjB76hf-pOudLT0RlTTJ5QFNLED4S0OjbDgti8xr4UuBRlWuP5PZR

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 01:49:43	Name: IDE Value: AHWqTUkqDM_RljzOsu3Nf_5C_ziByVdjz03Iwkv6yoT31H77AfIx9ZJBqocknqlkBf8
.kiemlua.com/	1970-01-20 01:49:43	Name: __gads Value: ID=5765f75deabdfe9c-2205d185e7a600e8:T=1614487168:RT=1614487168:S=ALNI_MaqxpNeQuO3aDC9680n0ZNLrX4_-g
.kiemlua.com/	1970-01-19 16:29:33	Name: _gid Value: GA1.2.616150666.1614487169
.kiemlua.com/	1970-01-20 09:59:19	Name: _ga Value: GA1.2.1741223893.1614487169
.kiemlua.com/	1970-01-19 17:11:19	Name: __cfduid Value: d58c33411b08e0c2d7a44fd99a7f996d51614487164
.kiemlua.com/	1970-01-19 16:28:07	Name: _gat_gtag_UA_145677002_2 Value: 1
.kiemlua.com/	1970-01-19 16:28:07	Name: _gat_gtag_UA_145699633_4 Value: 1
kiemlua.com/	1970-01-20 01:13:43	Name: client-id Value: c40bd199-2b3e-4d63-8e75-4d9ad1a0a635

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
dclk-match.dotomi.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
images.dmca.com
kiemlua.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
service.adxoo.com
ssp.adpay.network
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
syndication.adxoo.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kiemlua.com
google2waycm.netmng.com
103.90.220.91
103.90.223.9
142.250.185.98
142.250.186.162
151.139.242.29
185.29.133.58
213.19.147.151
2606:4700:3030::6815:31cc
2606:4700:3035::ac43:a719
2606:4700:3036::ac43:b33b
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2001
2a00:1450:400c:c1b::9a
2a02:fa8:8806:20::2040
35.186.193.173
35.190.0.66
00bc145e070901985d9db9ae4e8f5398ade38812a28d1df534f831b53c2ecb46
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0a59ad448a4fc7134f26d2aef834b268c207bb1ed627be2c497d95979365cc42
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
12d19c94d64b148b562dc699f3b240a1a187931eecbef27113bbb5c2df600332
145de6b1beb94d63df78297568bf3bc1260d3da5595f310163a55c0a135d9ff9
164b4c4d3b5d61e09cfac5458f92cf58ce6dffe838da473fa71ca3846e71c12c
1712a7856aa0ce35c379255aea8ccc5ecad72e5d4f035b3150aa0d8dd2a5d6ed
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b7685cb27c2e5fd8a258ed667846b8b0d7ea3e4ce247f1bc273e69df3ecbfc0
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
305f3dc8f8df5e2bf143e066eaa713d8fde733d660b45de062c8ba67f52cf3f7
41338f2523be6f747b10bb514799088f9fb8a5b44cb1258e2d3b07b105da963e
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ac622e7b9b4de6f66c1ac03549a11a4444c48f9fbea86636d69993f4df1b51a
4ca316e6a08bc7dd66a09adff4d37b35075097afae9506bf1de69b083082d985
4e0da0b6857a4ee218c8f4b014f26cc9beb7326aa0413d4674bbdad895e6e03c
4fe1dec38cca16812e4a26aa20682a22c9421dc986f84ad2ef1e80aa812a1487
513dd0af31a1d97237dddbf6aaaf5172fb992cc944f2abb74f7e1a36a10e6415
53bfc34e9bc283c758b8351724add6a376d4338d678f7e22240a8aad097e4fb0
53d2e2799cfb09e6d15dc1e54dbf75fffebc2699f92402b530b47d57f3b01662
587852d6381ee2e5399e0b4d613cf8ad8de08dd091c810591a4bbddd3c64b7da
5d75df1bd1ce1c1ef73b6a7a1e286d7180beaca24efb110346be2744c68ee094
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
60107c9fdc1a3079ce8cb9c3d7f8df0ae34f5962e11620ca793f1698030df47b
661c6cb08772341b3951206b4129eccbb2c6b00f5db414be70212bf8e19cf9d3
66d2c1247a53733f6e27998157d6a7f427885c304461ff0df9bde7dc37ccfb5c
69faecb26a71ae5711a615bad4f1055efeff6664529a364642d1bfbc4a761742
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c55c098fbfdc09c0061f99af1db27daefc2ce388d4aeccf8720cbb26080555f
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d74d32de349a310b6d315e2e9c280bb641652fb0f40e4373282b8d63bb0131
8703e5453df43011f2536665ca108acd8ed6e473a2977d07b9a6b42bf1facb12
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
91cd0f5f0f2872ebd0dc270c99dcf5f3fddfe0ff5c0ae860fffd685ac830b58e
926a498a227263ac8c1bab0581fa89ea672fbb5ed21af75a7beb59dee341e397
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
951951e342b3fbfc9e7be5adcad52246768f421819d43831b1eb3b9c48fcf53b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a3dd164cb3f89e244d280ab9066876d16ae4dc0b6c5a9759f8ca801ddb9f976e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ac990171fc2a8993d659ce8f10bc0a7815c43835ba1dc00c2246f3556c6eeecd
acc37086d4f6916df51836daa36176bbc45e47accfe1a003f4e4bdae67e63e2f
acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118
b5ff479c016cae17be1a5df8e8237534cfbb9b9dbed1b6b54abfbface1a832ab
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bd9817ff301f8f4a48991b7f8ef89536b169e4d3af765b31f727be69b14cfbd9
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
ca3323e7ea809d698df7e89b3050b65d7821866017ba67a753496337f15f6c04
ccb45fbd1a09951f16e23d44a7b12d835760d28cf9728454d0e585c27c5829cf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfef812a10749f427132abc6880127011b242fd4dccbe799fdd765a715bdf08c
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3f9ee454ba1a25e9bdcad459dec4813d6d584804a457d3c7475784ff683d7d
dfcc464d69527d4b66a2ea9303ea0d978e9e4a528e3d0beca498928f73610fc9
e0fe070a35cfe3ef8988d6acd8c22b55085c767e96b262c58e5b1669031c80c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c0bb7d3a0581c9077bf02df79f946f8303b6da73190911ce27efbe58fbd8f5
e7e26cd19b0764321639c8ec60fca9d47e086642f8c5d90f2804bf63edeac99d
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f041c2a64a50d78e70728de9ccc43d424b056dcb54365c2fd86d6372eff8dfaa
f2d26a537e8f05abb270dc683862c6369443e0076b9322b2fd45b53a8e61caf1
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f77841e439647462f4bae9b66456b1bb98f8c3b72af56608c9558511b0c220f4
f8d2aaf7646d6a9b92552246e0b4059d1bdd8823f94e232e8c9a48da9be334e7
faa63e9b1e3fe828645fa68635cc11c96178c8b182465c3fa305abf0f2edfc59
feefcd59e61a51094fa7ae4c08b8852a459a9be079bdc12a7b40ed600a33d79e

kiemlua.com Open in urlscan Pro 2606:4700:3030::6815:31cc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

99 %HTTPS

61 %IPv6

19 Domains

26 Subdomains

19 IPs

5 Countries

1620 kBTransfer

3304 kBSize

8 Cookies

6 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kiemlua.com Open in urlscan Pro
2606:4700:3030::6815:31cc Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

99 %
HTTPS

61 %
IPv6

19
Domains

26
Subdomains

19
IPs

5
Countries

1620 kB
Transfer

3304 kB
Size

8
Cookies

89 HTTP transactions
10 data transactions