raovat49.com Open in urlscan Pro
207.244.243.69  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFshYQVKKL4zDYpARKhe2mg&google_cver=1

Request Chain 117

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbe70BRKGlEes-ujOU03tQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1

Request Chain 119

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdTyjyivdHnqJzYegPpGv0&google_cver=1

Request Chain 120

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbe70OI.k93-toEkLpaheAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1&google_hm=2

Request Chain 122

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-P3GCUjd8cDJReLyoiuBc&google_cver=1

Request Chain 123

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbe70A5aT8cKavuHRGN6VgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1

Request Chain 142

• https://hal900020.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2I5L0Lu3ZYLoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QJ8SInbGhb2tP26GQMTdbdJo2Q4ecNkbpg3qOaQYl6qxCmccVb1CAcfqSFUE1nST9vYrZbTxPnorP_OIQPoDAG-8t9pFQczA3IEJvyyubdXygI8vsu2tSHUld6mI7ebZDB10qcOT9IabLOnu8RPBPXezNK7lgane-8FqrpMskXA3WjlHiDGeXQixVniVVE6LTsfrjnT-OmvorlniY12Am33Ci6P9Do-_FH-GEa9ETZZ27hOm8eSXiYo0fdhxdEreM9c808uuBNn64D3eWN88LO6tJBFoNOlUSuUTJ6E5r9vU0FKRJZtit_5GtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_2eMpbC8EpIBX1f4OrlQnjWyH9BQw%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BYdrLPOUVoaW0DpwdZJVf5CFlgHbrl15wj30LuvhsN93f59gCB33rGc92TGjnQkhBe5TBCSNhew1rwmTwn4RiqQXKWBl1lqFtaPVWy8aUpurVqdFohrV4Gry9hCwkMa-LAlhcB8LwPSkvIszKiPUvgfajr1Qvk_lCeD8QWWFWyl0gzwkc%26cry%3D1%26dbm_d%3DAKAmf-Aa74zHEWMqu0hpNsy6X5dyNHAnvEBV1cudGHJOXJzuZ-kWUvOsVargh1CYITWrQHPpXOBUH6mpr5I3GEwgx1ivGil0c0W4OqLW9kuk02LbWFg5hikwl_p1RYmuPWKxxob7dKeX6omTyy6tfhb7LZ6tvWufRdhVRnaS9NfYlUSYrUt5gU2aF7CjqNmzyDGSL836SohnCLuP7hf_9FBUY1eix27UFOja3-RYSariiMDLGHxundDK_vUbUXIoqspCvoPPdhtp-9cqQzoOXGXfBMvOaBJJS8m66UWEB64Mtwv7F8eH2xKOrEyt0OYo3DOcGKip8CUiDQcn01vyemCcMmnh1We4LExOOkvSQDCvBV5Ed-LO7SRalpLkfKWZO7Ro8CgaPpGpOZs8QC0OyoKw2YW47hfnnnTSF3ucD70VVWrAaPZKSWXuQbvPyGoACCsTq84IqPkVa5SS8QueLzTLgXBObHdqCUqm1vJyN821u_2ypJrxdkEnIc9GLMdIpF2PqZXOYk8iH0bYfM1mALK5lj3ywepb1drd9M9hq3mGQwc5W-cDVyAZlWb3XA5YSeM2oELIjnsq2RyWHUlw2CJM7yt2_hVoQPSY326a1mlAInYkoLXKo8M%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-9837065932233532%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=8235424317486&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
• https://hal900020.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2I5L0Lu3ZYLoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QJ8SInbGhb2tP26GQMTdbdJo2Q4ecNkbpg3qOaQYl6qxCmccVb1CAcfqSFUE1nST9vYrZbTxPnorP_OIQPoDAG-8t9pFQczA3IEJvyyubdXygI8vsu2tSHUld6mI7ebZDB10qcOT9IabLOnu8RPBPXezNK7lgane-8FqrpMskXA3WjlHiDGeXQixVniVVE6LTsfrjnT-OmvorlniY12Am33Ci6P9Do-_FH-GEa9ETZZ27hOm8eSXiYo0fdhxdEreM9c808uuBNn64D3eWN88LO6tJBFoNOlUSuUTJ6E5r9vU0FKRJZtit_5GtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_2eMpbC8EpIBX1f4OrlQnjWyH9BQw%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BYdrLPOUVoaW0DpwdZJVf5CFlgHbrl15wj30LuvhsN93f59gCB33rGc92TGjnQkhBe5TBCSNhew1rwmTwn4RiqQXKWBl1lqFtaPVWy8aUpurVqdFohrV4Gry9hCwkMa-LAlhcB8LwPSkvIszKiPUvgfajr1Qvk_lCeD8QWWFWyl0gzwkc%26cry%3D1%26dbm_d%3DAKAmf-Aa74zHEWMqu0hpNsy6X5dyNHAnvEBV1cudGHJOXJzuZ-kWUvOsVargh1CYITWrQHPpXOBUH6mpr5I3GEwgx1ivGil0c0W4OqLW9kuk02LbWFg5hikwl_p1RYmuPWKxxob7dKeX6omTyy6tfhb7LZ6tvWufRdhVRnaS9NfYlUSYrUt5gU2aF7CjqNmzyDGSL836SohnCLuP7hf_9FBUY1eix27UFOja3-RYSariiMDLGHxundDK_vUbUXIoqspCvoPPdhtp-9cqQzoOXGXfBMvOaBJJS8m66UWEB64Mtwv7F8eH2xKOrEyt0OYo3DOcGKip8CUiDQcn01vyemCcMmnh1We4LExOOkvSQDCvBV5Ed-LO7SRalpLkfKWZO7Ro8CgaPpGpOZs8QC0OyoKw2YW47hfnnnTSF3ucD70VVWrAaPZKSWXuQbvPyGoACCsTq84IqPkVa5SS8QueLzTLgXBObHdqCUqm1vJyN821u_2ypJrxdkEnIc9GLMdIpF2PqZXOYk8iH0bYfM1mALK5lj3ywepb1drd9M9hq3mGQwc5W-cDVyAZlWb3XA5YSeM2oELIjnsq2RyWHUlw2CJM7yt2_hVoQPSY326a1mlAInYkoLXKo8M%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-9837065932233532%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=8235424317486&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 150

• https://hal90006.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3j0M0Lu3ZYPoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QpxFj0Bi4Po1QhwmJOiCKyu-vC3ZTUrRM-_tD9ois1T5wc5QOPp5hizkda4aeyXfRsZUPt96FXqj9XoDZCsKSfFo01UOumJBToBKvSXgkfVJFmdMq44N7tyS5QQQ3qw9ZNGROoKP_QezeDudztqYq20oQl5lyf1ALtEfGiDSTzWHBrpvm0eScITvdeMkF77_aYzRfYIhzQGgH43KX2_6f0i0BrARA-RdIuUdCSkqJf9rgDZz9xJUalMH1IrxhPVqiwkXSf770dzU0wu0ssLsCrb3mnk4OoLZsKdhCSdCaMR8yxj_Q2jGb9WIJwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_1DuKO0cKaYDg4kFm9ihUj72mVVJA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BxiKAl7SZ-fVFBpKDlMFDRAqfsa7ZI806Z6rqHWbA57j0fBh3I2JrdkXkvYTkdlZ241w-5KbwADArlVashj7IXi3Ru6K6fLsBlibuMOUjckNH_E3FiXcqqbhS-SYC4PsFnxEGN47ob_3MDAe-9u8Z-SC2hadvGeSW4UOxVOJcJdHE5T0Y%26cry%3D1%26dbm_d%3DAKAmf-DsMZVgJfrVG-KfBzMRECx4xQAUjIofKlDQ6gVhfl1ltEZaDMb4SqwGgGt05wmo2XxvE8mdaoq2YN1s86jhOarAtYRKhzC-OVeyo0539FKi5YzVzlBqRNC9w0fyxaT1ueUMoIHN3ofkUQRy2U8jEg6b4HCYA3F7hcw8TCbQBq5Y1C9OsQdXSqxUyWcL1bl3C0NbUI7EL-6TtiFh3YD7o_BvcF4L0uUpri7ya3l17-YTrM3tyal1RwNYO0kiv4mTj3Gf_s26blSs0Qp21UuHOfe603qrSTqo5boE5ETBzVXmn5AhBgHL-jBrIFzj9-BSeoyOw3hZ0EAPXn6gzqgL6hl1olmL9h3gXUJADqqqIRCyzMp9Z1D7fucfbaW0y9TMPfphAlZ-s-BwH6vzqjbQscRjRBMKWYBaGDMzaszL1_ALWwJdZI-2QppWHgUNgWP4Qb2hiRdkvbaUY7p2DSjSAn5mvixblSzEvM-Bb0Tb1HFEONGYmFRc-i00_H98rL4wOYQOTvUjWH7z7e5DUdgeK9Nwoj0UJ3ZghhzUI1z1BAPzBU8ZTp6Dn-u96MDKB6YLUt9J3q0ATUZlZi266Vz03SWXK70sBQDzEAta6laTkaeWZgBi-l0%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-9837065932233532%26fa%3D4%26ifi%3D7%26uci%3Da!7%26btvi%3D6&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=9626712546942&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
• https://hal90006.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3j0M0Lu3ZYPoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QpxFj0Bi4Po1QhwmJOiCKyu-vC3ZTUrRM-_tD9ois1T5wc5QOPp5hizkda4aeyXfRsZUPt96FXqj9XoDZCsKSfFo01UOumJBToBKvSXgkfVJFmdMq44N7tyS5QQQ3qw9ZNGROoKP_QezeDudztqYq20oQl5lyf1ALtEfGiDSTzWHBrpvm0eScITvdeMkF77_aYzRfYIhzQGgH43KX2_6f0i0BrARA-RdIuUdCSkqJf9rgDZz9xJUalMH1IrxhPVqiwkXSf770dzU0wu0ssLsCrb3mnk4OoLZsKdhCSdCaMR8yxj_Q2jGb9WIJwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_1DuKO0cKaYDg4kFm9ihUj72mVVJA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BxiKAl7SZ-fVFBpKDlMFDRAqfsa7ZI806Z6rqHWbA57j0fBh3I2JrdkXkvYTkdlZ241w-5KbwADArlVashj7IXi3Ru6K6fLsBlibuMOUjckNH_E3FiXcqqbhS-SYC4PsFnxEGN47ob_3MDAe-9u8Z-SC2hadvGeSW4UOxVOJcJdHE5T0Y%26cry%3D1%26dbm_d%3DAKAmf-DsMZVgJfrVG-KfBzMRECx4xQAUjIofKlDQ6gVhfl1ltEZaDMb4SqwGgGt05wmo2XxvE8mdaoq2YN1s86jhOarAtYRKhzC-OVeyo0539FKi5YzVzlBqRNC9w0fyxaT1ueUMoIHN3ofkUQRy2U8jEg6b4HCYA3F7hcw8TCbQBq5Y1C9OsQdXSqxUyWcL1bl3C0NbUI7EL-6TtiFh3YD7o_BvcF4L0uUpri7ya3l17-YTrM3tyal1RwNYO0kiv4mTj3Gf_s26blSs0Qp21UuHOfe603qrSTqo5boE5ETBzVXmn5AhBgHL-jBrIFzj9-BSeoyOw3hZ0EAPXn6gzqgL6hl1olmL9h3gXUJADqqqIRCyzMp9Z1D7fucfbaW0y9TMPfphAlZ-s-BwH6vzqjbQscRjRBMKWYBaGDMzaszL1_ALWwJdZI-2QppWHgUNgWP4Qb2hiRdkvbaUY7p2DSjSAn5mvixblSzEvM-Bb0Tb1HFEONGYmFRc-i00_H98rL4wOYQOTvUjWH7z7e5DUdgeK9Nwoj0UJ3ZghhzUI1z1BAPzBU8ZTp6Dn-u96MDKB6YLUt9J3q0ATUZlZi266Vz03SWXK70sBQDzEAta6laTkaeWZgBi-l0%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-9837065932233532%26fa%3D4%26ifi%3D7%26uci%3Da!7%26btvi%3D6&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=9626712546942&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 166

• https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
• https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js

214 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lien-minh-okvip-ho-chi-minh-5132649 Show response raovat49.com/s/	60 KB 11 KB	953ms 379ms	Document text/html	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 59133f0a4649828d6ce85531bed07a92f7acd0a86acf6f85cdd4b0d6af8b83b5 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Mon, 29 Jan 2024 14:53:10 GMT server Microsoft-IIS/10.0 strict-transport-security max-age=2592000 vary Accept-Encoding x-html-minification-powered-by WebMarkupMin x-powered-by ASP.NET
GET H2	200	bootstrap_min.css raovat49.com/Themes/v1/assets/bootstrap/css/	118 KB 27 KB	137ms 137ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/bootstrap/css/bootstrap_min.css Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash dc0a7aea2a8359b56611fdccd2d893ebed6eae8c69f9cd81a399a020e1a6f2a0 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:10 GMT last-modified Sat, 01 Apr 2023 14:36:57 GMT server Microsoft-IIS/10.0 etag "1d964a7691c53d0" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	style.css raovat49.com/Themes/v1/assets/css/	113 KB 28 KB	274ms 273ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash dc87654a6d636a179920315df7487166906d8c111d5abb6ca65b1e1095c25c93 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:10 GMT last-modified Thu, 15 Jun 2023 11:12:24 GMT server Microsoft-IIS/10.0 etag "1d99f7a42d0581a" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	jquery.min.js Show response raovat49.com/Themes/v1/assets/js/jquery/	91 KB 41 KB	139ms 139ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/js/jquery/jquery.min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:10 GMT last-modified Fri, 11 Dec 2020 19:54:14 GMT server Microsoft-IIS/10.0 etag "1d6cff766a41c81" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	148 KB 51 KB	119ms 65ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9837065932233532 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c913dbcd7e149d8278685129b520eaa8a457ec60bd24b9bb008dd6b2cade5344 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51416 x-xss-protection 0 server cafe etag 6072769263710718134 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Mon, 29 Jan 2024 14:53:03 GMT
GET H2	200	swg-basic.js Show response news.google.com/swg/js/v1/	250 KB 72 KB	84ms 22ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/swg-basic.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3fb5ade2daefe86215359918ebf19c6028276feba9653c975177386cbb060797 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:03:40 GMT content-encoding gzip x-content-type-options nosniff age 2963 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73536 x-xss-protection 0 last-modified Wed, 24 Jan 2024 22:28:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type text/javascript cache-control public, max-age=3000 accept-ranges bytes expires Mon, 29 Jan 2024 14:53:40 GMT
GET H2	200	logo.png raovat49.com/images/	6 KB 6 KB	273ms 273ms	Image image/png	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/images/logo.png Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b1b3f02ca855972a4d2a283eabef6e9c3ccc133d16fb895eb539a8a2a9c3b49c Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:10 GMT last-modified Fri, 11 Dec 2020 19:54:24 GMT server Microsoft-IIS/10.0 etag "1d6cff76c9b4ea8" x-powered-by ASP.NET content-type image/png accept-ranges bytes content-length 5800
GET H2	200	lien-minh-okvip-ho-chi-minh-01.jpg raovat49.com/Img/2024/1/	18 KB 18 KB	406ms 406ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Img/2024/1/lien-minh-okvip-ho-chi-minh-01.jpg?w= Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 46a8f4fc811ceefbe8e7e385e39cc9b6e2493561aae82af10fe71b3ebdc59c99 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:10 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 18782 content-type image/jpeg
GET H2	200	raovat49.com.1380001.js Show response jsc.mgid.com/r/a/	4 KB 2 KB	119ms 63ms	Script text/javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/r/a/raovat49.com.1380001.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 769f13a49aeb56a2d1aed1be943b82c5d3a092c82d6ece94a90c8c08c817237e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT x-amz-version-id ZfqgoivyvzxszJhskjaAxuryAPmNc84Z content-encoding br cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id PP0CJF06XA21XFAQ cf-polished origSize=3750 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 SwmAaTkMKB63PEmHkUfOrg8SGPmCBCkCtZp5MLuJjpmvAggVuFOCp037IejgfeTt923nhJxo0waHg9SHpA4nFwpeJUhQlkXb cf-bgj minify last-modified Fri, 26 Jan 2024 12:12:58 GMT server cloudflare etag W/"41d6eb2e4c9105cff0585f4a7a0f2daa" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=10800 cf-ray 84d24d711c33c2cd-VIE expires Mon, 29 Jan 2024 17:53:03 GMT
GET H2	200	raovat49.com.1380009.js Show response jsc.mgid.com/r/a/	4 KB 2 KB	124ms 68ms	Script text/javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/r/a/raovat49.com.1380009.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4de008b41cf42838b8f7b4e614f755ed4d6c88cdce492ac126e4923d31ca3ae4 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT x-amz-version-id 65NiCWH6eQDOKh4SJy6nIR1My.5c2oDL content-encoding br cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id PP0F8G48BMHCDFDH cf-polished origSize=3750 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 obsWKhuhrdwXQXhBQJKdVABRqNl/a1wha3EGqYrgIFjNUWRysUdkGHkZXTx5kN7ZCZc8BS0u9jMvdXnQz26NpYVTZ9FpJk4K cf-bgj minify last-modified Fri, 26 Jan 2024 12:12:59 GMT server cloudflare etag W/"a069c506aebfb75c4ba09731fef60f7c" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=10800 cf-ray 84d24d711c34c2cd-VIE expires Mon, 29 Jan 2024 17:53:03 GMT
GET H2	200	noimage.jpg raovat49.com/img/	8 KB 8 KB	135ms 134ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/img/noimage.jpg Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash be06c1b8199376db1040e89f3f0835df9cd17647a05513b8820e257db4fcb291 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:10 GMT last-modified Fri, 11 Dec 2020 19:54:20 GMT server Microsoft-IIS/10.0 etag "1d6cff76a38df6f" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 8559
GET H2	200	raovat49.com.1379964.js Show response jsc.mgid.com/r/a/	4 KB 2 KB	115ms 59ms	Script text/javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/r/a/raovat49.com.1379964.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9af4f485a098ceee139b6df0ed70abea09238990529a04bceb2fdceb65ef9c8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT x-amz-version-id GBd_0RQ.FHTTh3XrnKzvhutEciDloVId content-encoding br cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id PP051SG1324375G9 cf-polished origSize=3750 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 flRi50neOoylv66Vtj4iR2JD69P2KOvHw8Jxy2yJkypczEU8bALvHF5G7s2pcmZCa3Bzg3iX9wA= cf-bgj minify last-modified Fri, 26 Jan 2024 12:12:50 GMT server cloudflare etag W/"84a7dbc450e808220bc04c7dd4ea5c65" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=10800 cf-ray 84d24d711c32c2cd-VIE expires Mon, 29 Jan 2024 17:53:03 GMT
GET H2	200	1185007 Show response adhitzads.com/	1 KB 944 B	112ms 58ms	Script text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://adhitzads.com/1185007 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0594353fc476bb01afd9647158b9947ebaf0d67d7b147cae05510fd6d8883ccc Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2aBu2IMuLBPCWo9G3IskHo4RR8A2D0IHjkkgw87oi32BikB5LmTdTb4u5pkWCSUEpW2H5aGXqqMGXZiyz7F4Ff6bkm%2BsHOXsgiUb2JaHn96%2BkHOVU0xUIiFdC5T9Da%2B"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 access-control-allow-origin * cf-ray 84d24d710da737f8-FRA alt-svc h3=":443"; ma=86400
GET H2	200	c2c_ad_image.jpg raovat49.com/Themes/v1/assets/img/	12 KB 12 KB	155ms 155ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Themes/v1/assets/img/c2c_ad_image.jpg?w=330 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 275a0ec88d109d6f36bec793bcaae6490a0995e833d1c9c5aed09583b0cb9d64 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Sat, 22 Aug 2020 07:24:53 GMT server Microsoft-IIS/10.0 etag "1d6785553f32185" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 12549
GET H2	200	sweetalert2.min.js Show response raovat49.com/Content/sweetalert2/	39 KB 16 KB	147ms 147ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Content/sweetalert2/sweetalert2.min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash cbfdba94a6787f39b486dc6f729a5bb1281f72c49334e8088b9929dbe52ffb75 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:12 GMT server Microsoft-IIS/10.0 etag "1d6cff76574d62d" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	sweetalert2.min.css raovat49.com/Content/sweetalert2/	29 KB 6 KB	138ms 136ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Content/sweetalert2/sweetalert2.min.css Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash c3871ce363f25b8c1a57eed1f9dfd033d3e3617c0729393b275fc9713f0c032c Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:12 GMT server Microsoft-IIS/10.0 etag "1d6cff76574380b" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	bootstrap.min.js Show response raovat49.com/Themes/v1/assets/bootstrap/js/	36 KB 13 KB	141ms 139ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/bootstrap/js/bootstrap.min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:15 GMT server Microsoft-IIS/10.0 etag "1d6cff7673e9d84" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	jquery.matchHeight-min.js Show response raovat49.com/Themes/v1/assets/js/	3 KB 1 KB	154ms 152ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/js/jquery.matchHeight-min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 469c03d376ea57e7f5ed6e2dd00c36451d8545e475a49e3ac82185286f149ec8 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:14 GMT server Microsoft-IIS/10.0 etag "1d6cff766a57d1a" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1322
GET H2	200	hideMaxListItem.js Show response raovat49.com/Themes/v1/assets/js/	2 KB 905 B	155ms 153ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/js/hideMaxListItem.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 2dd993e7b649718b52837352586cf5c8ed423d5b27bb795038631533e95e4af0 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:14 GMT server Microsoft-IIS/10.0 etag "1d6cff766a5714c" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 847
GET H2	200	layer.js Show response raovat49.com/plugins/layer/	34 KB 13 KB	153ms 151ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/plugins/layer/layer.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 9324ebf02f4919cb6c9c54e216c5594b9ed2bf16abf770b17492d66a7bc36140 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Sat, 27 Aug 2022 06:33:35 GMT server Microsoft-IIS/10.0 etag "1d8b9deeeef41bc" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	cffunction.js Show response raovat49.com/Content/	24 KB 8 KB	153ms 152ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Content/cffunction.js?v=638421619907259388 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash f0a0ca7e30ab6dfb777ab7acd971ef0a1bc89592130a4a80c94af5df97aa4962 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Sun, 18 Sep 2022 14:25:10 GMT server Microsoft-IIS/10.0 etag "1d8cb6a7528f992" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	js Show response www.googletagmanager.com/gtag/	260 KB 88 KB	95ms 41ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XY9GFQ0EKD Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3f1783ffc05ebc963e247e599ee0a9574225d19d1f8628f4e016e7c9526b0e3f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89950 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 29 Jan 2024 14:53:03 GMT
GET H2	200	jquery.lazy.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/	5 KB 2 KB	70ms 29ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5226233 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2090 last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-139e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2F4RH8ulQITZM4o7UGt%2BvCY1%2BiBxISFho4YFuMQA%2FLu3F%2FZ4GxzYlP7uPaxRaK6Fy09ByKb8LTUIrgUs1faKd%2BEGLGyJOmq458CexWVIbtTPk6Ltyhe%2BDgCojeZamf9gGE39%2F%2BCvy0AlnFtT%2FJGry9Mp"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84d24d710e0e0408-FRA expires Sat, 18 Jan 2025 14:53:03 GMT
GET H2	200	jquery.lazy.plugins.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/	4 KB 2 KB	69ms 27ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.plugins.min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 6775302 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1296 last-modified Mon, 04 May 2020 16:11:47 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec3-113c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OplXM09auOjApyN8AVOF%2BVxwWZzbLf3IXTaXWsGI6BnOsCN%2BtR97pp1AUSnyCE7OtpuMzrOHWDMYoAmiFJzvVC1u5qB43dnulpG%2FcL43MIS347OreDtB%2BA%2F80cAjWVFwS6dh0bDZsSwYO1Lc5euTilUV"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84d24d710e0f0408-FRA expires Sat, 18 Jan 2025 14:53:03 GMT
GET H2	200	jquery.bxslider.css raovat49.com/Themes/v1/assets/plugins/bxslider/	3 KB 1 KB	155ms 154ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/plugins/bxslider/jquery.bxslider.css Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 1251477cdf2883026b816ec85a39fb436e0a10e49ddb32e605e43c45c58c8e51 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:15 GMT server Microsoft-IIS/10.0 etag "1d6cff7673e077c" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 992
GET H2	200	jquery.bxslider.min.js Show response raovat49.com/Themes/v1/assets/plugins/bxslider/	19 KB 6 KB	154ms 153ms	Script application/javascript	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/plugins/bxslider/jquery.bxslider.min.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:15 GMT server Microsoft-IIS/10.0 etag "1d6cff7673e461f" x-powered-by ASP.NET vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	fontello.css raovat49.com/Themes/v1/assets/css/	21 KB 4 KB	135ms 135ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/css/fontello.css Requested by Host: raovat49.com URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 302cb8f9f9bfca19a556095a13a4f252cb28d681b563dfbe59ddead4f0d81ef1 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:10 GMT last-modified Fri, 11 Dec 2020 19:54:14 GMT server Microsoft-IIS/10.0 etag "1d6cff766a52274" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 4231
GET H2	200	fileinput.min.css raovat49.com/Themes/v1/assets/css/	2 KB 1 KB	136ms 135ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/css/fileinput.min.css Requested by Host: raovat49.com URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash bf2b6a99a621afb4daa71438c81d20df647021a8856c82d31e97dbbeb3cd8dca Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:10 GMT last-modified Fri, 11 Dec 2020 19:54:14 GMT server Microsoft-IIS/10.0 etag "1d6cff766a57fcb" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes content-length 1140
GET H2	200	lien-minh-okvip-ho-chi-minh-01.jpg raovat49.com/Img/2024/1/	18 KB 18 KB	280ms 279ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Img/2024/1/lien-minh-okvip-ho-chi-minh-01.jpg?w= Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 46a8f4fc811ceefbe8e7e385e39cc9b6e2493561aae82af10fe71b3ebdc59c99 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 18782 content-type image/jpeg
GET H2	200	noimage.jpg raovat49.com/img/	8 KB 8 KB	280ms 280ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/img/noimage.jpg Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash be06c1b8199376db1040e89f3f0835df9cd17647a05513b8820e257db4fcb291 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:20 GMT server Microsoft-IIS/10.0 etag "1d6cff76a38df6f" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 8559
GET H2	200	c2c_ad_image.jpg raovat49.com/Themes/v1/assets/img/	12 KB 12 KB	279ms 279ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Themes/v1/assets/img/c2c_ad_image.jpg Requested by Host: raovat49.com URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 275a0ec88d109d6f36bec793bcaae6490a0995e833d1c9c5aed09583b0cb9d64 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Sat, 22 Aug 2020 07:24:53 GMT server Microsoft-IIS/10.0 etag "1d6785553f32185" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 12549
GET H2	200	camera.svg raovat49.com/Themes/v1/assets/img/	2 KB 2 KB	280ms 280ms	Image image/svg+xml	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Themes/v1/assets/img/camera.svg Requested by Host: raovat49.com URL: https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 61656efe30c04dc51e8913c0a773cecbf30d32975c057abcb2678b3da49149e7 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/Themes/v1/assets/css/style.css?v=12052021 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 21 Aug 2020 06:14:52 GMT server Microsoft-IIS/10.0 etag "1d67782618b9edc" x-powered-by ASP.NET content-type image/svg+xml accept-ranges bytes content-length 2268
GET H2	200	fontello03a0.woff raovat49.com/Themes/v1/assets/fonts/fontello/	58 KB 58 KB	274ms 274ms	Font application/font-woff	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/Themes/v1/assets/fonts/fontello/fontello03a0.woff Requested by Host: raovat49.com URL: https://raovat49.com/Themes/v1/assets/css/fontello.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 53aa8b90b07993a22709e908a884ff9f53976bfd1f32de290d136dadd45c49e8 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers Referer https://raovat49.com/Themes/v1/assets/css/fontello.css Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:15 GMT server Microsoft-IIS/10.0 etag "1d6cff7673ee5dc" x-powered-by ASP.NET content-type application/font-woff accept-ranges bytes content-length 59484
GET H2	200	adjs.php Show response api.adhitz.com/	52 B 558 B	142ms 68ms	Script text/javascript	104.21.12.154 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.adhitz.com/adjs.php?zoneid=&block=1&c=1&l=https%3A//raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649&r=&s=&p=2151904818&cb=22675993913&charset=UTF-8&loc=https%3A//raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Requested by Host: adhitzads.com URL: https://adhitzads.com/1185007 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.12.154 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 45791773e706de7b5d86b8479a5f6fb1c856bf5754f88571d0e041db3d6f1ea5 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggE3Z8puT3hhhF94IFcp2tJMfenJmTS6g46K0NdTusuNZ%2FC%2FNyw59IeTFhaXJ%2BOT0prl%2BcBRec4%2Fyoa4KqyMcxx1j36dpXWoRP06fEYJWGZ9ZknL0oQLOVqEYKOXMUYd7g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin * content-type text/javascript; charset=UTF-8 cache-control no-cache, no-store, must-revalidate cf-ray 84d24d71da1d0095-AMS alt-svc h3=":443"; ma=86400 expires 0
GET H3	200	raovat49.com.1379964.es6.js Show response jsc.mgid.com/r/a/	334 KB 100 KB	341ms 314ms	Script text/javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/r/a/raovat49.com.1379964.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1379964.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a52854c47fb846a812507760b86b9e297f3bc006280d35d7bca0c6677d2ab14 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT x-amz-version-id sV6pgZdItDOIRE7Qrj0_Vcj8UaiU.HDs content-encoding br cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id MAAM68M1SVQ8ZJN3 cf-polished origSize=342207 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 hC/213g8lRP03pY/Cgs2w++pfhW9/mAytAizrwfUrPL9Scx+rAQsvvg6frVyegvqCHXFp0mEaYQ= cf-bgj minify last-modified Fri, 26 Jan 2024 12:12:50 GMT server cloudflare etag W/"09837322b32a122a3d2e9ba0c9e93acf" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=10800 cf-ray 84d24d71a9625adb-VIE expires Mon, 29 Jan 2024 17:53:03 GMT
GET H3	200	raovat49.com.1380001.es6.js Show response jsc.mgid.com/r/a/	333 KB 100 KB	408ms 385ms	Script text/javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/r/a/raovat49.com.1380001.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380001.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8519dae6e0433b1d800e6fd21c9ed68118066f8e1d1726234b1c81d1facd4480 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT x-amz-version-id 5AaCX8MqXBC1QJe2sfzzCAsU7iwuFmLy content-encoding br cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id PDHZHZZZQ0ZJN9VH cf-polished origSize=340625 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 QM+f0nlqcttMbOQ9eoe9dHDT16gB4UpL4h9HYyj+6xHH6kONQdt6eoL5O1T4WmVyiqlfGkNvmUE= cf-bgj minify last-modified Fri, 26 Jan 2024 12:12:58 GMT server cloudflare etag W/"1e0b46868260127cad755fb92df07b44" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=10800 cf-ray 84d24d71a95d5adb-VIE expires Mon, 29 Jan 2024 17:53:03 GMT
GET H3	200	raovat49.com.1380009.es6.js Show response jsc.mgid.com/r/a/	337 KB 101 KB	266ms 248ms	Script text/javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/r/a/raovat49.com.1380009.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380009.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 744899e2b8537e7288f96c0fd2ae0cf1669bec97b7c94b1a83107685cbe845e6 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT x-amz-version-id 3blo.KHhINXzx4HXFxU20dBu8sHGjCja content-encoding br cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload x-amz-request-id Q5RZYBDPWC725NEK cf-polished origSize=344728 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 NGTzLvLu8dADzGSS2IegUMlqHOGNS5/TRJrjnH2OATzkRyd6q4kBzyy9yh/epwdKljy63ee6LH4= cf-bgj minify last-modified Fri, 26 Jan 2024 12:12:59 GMT server cloudflare etag W/"ed434ab12bfcfaf35164909e0cd5789f" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=10800 cf-ray 84d24d71a95f5adb-VIE expires Mon, 29 Jan 2024 17:53:03 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/	405 KB 137 KB	159ms 113ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9837065932233532 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9867db5b34957720735931382e47855a19c5811d8235ec0613207323aedc1f7b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140720 x-xss-protection 0 server cafe etag 4445156825851064638 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 29 Jan 2024 14:53:03 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 07BC	9 KB 5 KB	76ms 23ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9837065932233532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 54746 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Jan 2024 23:40:37 GMT etag 3890843268177463596 expires Sun, 11 Feb 2024 23:40:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	c2c_ad_image.jpg raovat49.com/Themes/v1/assets/img/	12 KB 12 KB	137ms 136ms	Image image/jpeg	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Themes/v1/assets/img/c2c_ad_image.jpg?w=330 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 275a0ec88d109d6f36bec793bcaae6490a0995e833d1c9c5aed09583b0cb9d64 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Sat, 22 Aug 2020 07:24:53 GMT server Microsoft-IIS/10.0 etag "1d6785553f32185" x-powered-by ASP.NET content-type image/jpeg accept-ranges bytes content-length 12549
GET H2	200	bdvws.js Show response cdn.hyperpromote.com/bidvertiser/tags/active/	14 KB 15 KB	121ms 32ms	Script application/javascript	2600:9000:20b4:be00:c:69b9:6340:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hyperpromote.com/bidvertiser/tags/active/bdvws.js?bvwidgetid=ntv_14736561706539983718&bvlinksownid=1473656&rows=2&cols=1&textpos=below&imagewidth=230&mobilecols=1&cb=1706539983718 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20b4:be00:c:69b9:6340:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 706098feb15dd73269dd7eb8892e1992cd23f5a299b17668db4024efd0270403 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 07:28:35 GMT via 1.1 c3d7a569db567dde78a645781f9949a2.cloudfront.net (CloudFront) last-modified Fri, 26 Jan 2024 07:28:28 GMT server Microsoft-IIS/10.0 x-amz-cf-pop AMS58-P4 age 26668 etag "8dc4d5412950da1:0" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 14750 x-amz-cf-id 1GZKDZ4EpaPS4axPUXB74Kuv4V6peQQoiGU5inWVbh9S96G_FUTHZw==
GET H2	200	layer.css raovat49.com/plugins/layer/skin/default/	15 KB 4 KB	135ms 134ms	Stylesheet text/css	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Full URL https://raovat49.com/plugins/layer/skin/default/layer.css Requested by Host: raovat49.com URL: https://raovat49.com/plugins/layer/layer.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 59cd4311088408db15f8434216e4868759b7a2a9b5e8df539b5584b1e9214898 Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 content-encoding gzip date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 04 Nov 2016 00:14:50 GMT server Microsoft-IIS/10.0 etag "1d2363075364228" x-powered-by ASP.NET vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	bx_loader.gif raovat49.com/Themes/v1/assets/plugins/bxslider/images/	8 KB 8 KB	136ms 136ms	Image image/gif	207.244.243.69 NL-811-40021
General Check archive.org Show headers Download Go to Show image Full URL https://raovat49.com/Themes/v1/assets/plugins/bxslider/images/bx_loader.gif Requested by Host: raovat49.com URL: https://raovat49.com/Themes/v1/assets/plugins/bxslider/jquery.bxslider.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.244.243.69 St Louis, United States, ASN40021 (NL-811-40021, US), Reverse DNS vmi395580.contaboserver.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a Security Headers Name Value Strict-Transport-Security max-age=2592000 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/Themes/v1/assets/plugins/bxslider/jquery.bxslider.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=2592000 date Mon, 29 Jan 2024 14:53:11 GMT last-modified Fri, 11 Dec 2020 19:54:15 GMT server Microsoft-IIS/10.0 etag "1d6cff7673e2c05" x-powered-by ASP.NET content-type image/gif accept-ranges bytes content-length 8581
POST H2	204	collect region1.analytics.google.com/g/	0 243 B	106ms 41ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-XY9GFQ0EKD&gtm=45je41o0v879242433&_p=1706539983726&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1862192617.1706539984&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706539983&sct=1&seg=0&dl=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&dt=Li%C3%AAn%20minh%20okvip%20h%E1%BB%93%20ch%C3%AD%20minh%20-%20%C4%90%C4%83ng%20tin%20rao%20v%E1%BA%B7t%20mi%E1%BB%85n%20ph%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1719 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XY9GFQ0EKD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://raovat49.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 252 B	99ms 33ms	Ping text/plain	2a00:1450:400c:c00::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XY9GFQ0EKD&cid=1862192617.1706539984&gtm=45je41o0v879242433&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XY9GFQ0EKD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://raovat49.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ch/ads/	42 B 408 B	101ms 48ms	Image image/gif	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XY9GFQ0EKD&cid=1862192617.1706539984&gtm=45je41o0v879242433&aip=1&dma=0&gcd=11l1l1l1l1&z=1464743996 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	loader.svg news.google.com/swg/js/v1/	0 1 KB	22ms 22ms	Other image/svg+xml	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/loader.svg Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg-basic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:11:55 GMT content-encoding gzip x-content-type-options nosniff age 2468 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1049 x-xss-protection 0 last-modified Mon, 16 Mar 2020 18:14:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type image/svg+xml cache-control public, max-age=3000 accept-ranges bytes expires Mon, 29 Jan 2024 15:01:55 GMT
GET H2	200	swg-mini-prompt.css news.google.com/swg/js/v1/	3 KB 947 B	24ms 24ms	Stylesheet text/css	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/swg-mini-prompt.css Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg-basic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c28dcb52ba694c0b6bced69ed130c0d67a1a2238b41ac036f5264037eb99414 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:08:12 GMT content-encoding gzip x-content-type-options nosniff age 2691 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 855 x-xss-protection 0 last-modified Wed, 03 Jan 2024 21:19:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes expires Mon, 29 Jan 2024 14:58:12 GMT
GET H2	200	swg-button.css news.google.com/swg/js/v1/	18 KB 5 KB	22ms 22ms	Stylesheet text/css	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://news.google.com/swg/js/v1/swg-button.css Requested by Host: news.google.com URL: https://news.google.com/swg/js/v1/swg-basic.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2935e77ba4a31d658633687964df779e6a6acd911252186240c22eafeba8bc36 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:40:14 GMT content-encoding gzip x-content-type-options nosniff age 769 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5195 x-xss-protection 0 last-modified Wed, 03 Jan 2024 21:19:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="news-frontend" vary Accept-Encoding report-to {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]} content-type text/css cache-control public, max-age=3000 accept-ranges bytes expires Mon, 29 Jan 2024 15:30:14 GMT
GET		article news.google.com/swg/_/api/v1/publication/CAows8OlDA/	0 0
GET H/1.1	200 OK	bidvertiser.dbm Show response bdvjds.bidvertiser.com/	27 B 288 B	507ms 55ms	Script text/xml	2a05:d018:12e1:f200:719d:1ed7:a9a0:c884 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bdvjds.bidvertiser.com/bidvertiser.dbm?pid=668894&bid=1970117&cip=101.131.121.141&kterm=rao%20v%E1%BA%B7t%20to%C3%A0n%20qu%E1%BB%91c%20Rao%20v%E1%BA%B7t%20mi%E1%BB%85n%20ph%C3%AD&maxcount=15&bvref=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&xml=1&u_agnt=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&ownid=1473656&format=jsonp&callback=kk&bvwidgetid=ntv_14736561706539983718&cb=1706539983718&rows=2&cols=1&textpos=below&imagewidth=230&mobilecols=1&bvlang=en-US%2Cen Requested by Host: cdn.hyperpromote.com URL: https://cdn.hyperpromote.com/bidvertiser/tags/active/bdvws.js?bvwidgetid=ntv_14736561706539983718&bvlinksownid=1473656&rows=2&cols=1&textpos=below&imagewidth=230&mobilecols=1&cb=1706539983718 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:12e1:f200:719d:1ed7:a9a0:c884 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 20acbf978dd7616b89148c4f0bc89e059e752cdfd5ee34a08e60391177a8f131 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers P3P policyref="http://www.bidvertiser.com/bdv/bidvertiser/p3p.xml", CP="NOI DEV PSA PSD IVA OTP OUR OTR IND OTC" Date Cache-Control no-store X-CnECTION Close Last-Modified Content-Length 27 Content-Type text/xml; charset=UTF-8
GET BLOB	200 OK	a0865692-e678-4c6f-bfbb-29a6da687a11 https://raovat49.com/	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/a0865692-e678-4c6f-bfbb-29a6da687a11 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	37bcd9ee-6a1c-4373-8792-a526581a339c https://raovat49.com/	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/37bcd9ee-6a1c-4373-8792-a526581a339c Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
GET H2	200	/ c.mgid.com/pv/	43 B 115 B	64ms 55ms	Image image/gif	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/pv/?lu=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&cbuster=1706539983948692035493&pvid=18d55b5a44c904eac98&implVersion=11&cxurl=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&site=290563&i=1&scum=%3F0&scuw=%3F0 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:03 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type image/gif cf-ray 84d24d73c975c2cd-VIE alt-svc h3=":443"; ma=86400 content-length 43
GET BLOB	200 OK	79d446e5-2b80-47d3-a516-e526326638e7 https://raovat49.com/	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/79d446e5-2b80-47d3-a516-e526326638e7 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	5177e1ed-edf8-492b-82ea-e1ab035f95d3 https://raovat49.com/	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/5177e1ed-edf8-492b-82ea-e1ab035f95d3 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B048	139 KB 31 KB	500ms 500ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9837065932233532&output=html&adk=1812271804&adf=3025194257&lmt=1706539983&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706539983635&bpp=4&bdt=583&idt=330&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4569760773104&frm=20&pv=2&ga_vid=1862192617.1706539984&ga_sid=1706539984&ga_hid=1804230551&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322182%2C95320893%2C95321627%2C95322165%2C95323005&oid=2&pvsid=1162273600596718&tmod=278352604&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=348 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f56ebc315c6321e3340b771cc6ece09041ad54fed6c38789dca27168e380a42d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 31267 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	167ms 167ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-site%20navbar-default&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	c352919e-b5d5-4dbe-a471-09e2020a0489 https://raovat49.com/	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/c352919e-b5d5-4dbe-a471-09e2020a0489 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	25aa71b9-109f-4d7e-b84e-8505122f2da4 https://raovat49.com/	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/25aa71b9-109f-4d7e-b84e-8505122f2da4 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
GET BLOB	206 Partial Content	23b6656a-7357-4f03-b874-582d670aed39 https://raovat49.com/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/23b6656a-7357-4f03-b874-582d670aed39 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	206 Partial Content	cff5796c-0a89-4f4a-992c-c209c35cfc5d https://raovat49.com/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/cff5796c-0a89-4f4a-992c-c209c35cfc5d Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	206 Partial Content	ee337b82-fcc1-4e88-ac41-2f4056049f72 https://raovat49.com/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://raovat49.com/ee337b82-fcc1-4e88-ac41-2f4056049f72 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	steepto_logo_mini_45.png cdn.steepto.com/images/steepto/	3 KB 3 KB	80ms 32ms	Image image/png	104.19.129.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT x-amz-version-id null cf-cache-status HIT x-amz-request-id 6BMD5DVSBP4KKJ72 age 1111 content-length 2745 x-amz-id-2 M3aSzD653MqmzigmJqsbz4ZXVOALEAHu2iv0RN7NwaPJGPLvEJUWfRnH0ea1KM3I9vxUm47JTr5W48dY2v8I6qXkBTxk7GEXWieYTAyDeTA= last-modified Mon, 04 May 2020 12:16:55 GMT server cloudflare etag "7e16c555b09abddb8088e5bfca7a1cde" vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 84d24d750d9a905e-FRA expires Mon, 29 Jan 2024 18:53:04 GMT
GET H2	200	1 Show response servicer.mgid.com/1380009/	3 KB 2 KB	78ms 69ms	Script application/x-javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1380009/1?mp4=1&ap=1&w=678&h=226&sz=332x112&szp=1,2,3,4&szl=1,2;3,4&cols=2&sessionId=65b7bbd0-136c4&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&cbuster=1706539984163722745104&pvid=18d55b5a44c904eac98&implVersion=11&cxurl=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&scum=%3F0&scuw=%3F0&consentStrLen=0&uniqId=1579b&niet=4g&nisd=false&pv=5&lct=1706227200&jsv=es6&pageView=1&dpr=1&ref=&tfre=1112 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380009.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d9bcfde9a9eb2df869fec1aca14976c7fb4dd93a29548ac027203c7a0ffe342 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 84d24d752bb0c2cd-VIE alt-svc h3=":443"; ma=86400
GET H2	200	1 Show response servicer.mgid.com/1379964/	7 KB 2 KB	86ms 80ms	Script application/x-javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1379964/1?mp4=1&ap=1&w=678&h=542&sz=219x244&szp=1,2,3,4,5,6&szl=1,2,3;4,5,6&cols=3&sessionId=65b7bbd0-136c4&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&cbuster=1706539984167633409853&pvid=18d55b5a44c904eac98&implVersion=11&cxurl=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&scum=%3F0&scuw=%3F0&consentStrLen=0&uniqId=1753e&niet=4g&nisd=false&pv=5&lct=1706227200&jsv=es6&pageView=0&dpr=1&ref=&tfre=1116 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1379964.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15b01357b4a957d3b2d019ca965dfd3859422695725046f1f2692e7a2492c801 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 84d24d752baec2cd-VIE alt-svc h3=":443"; ma=86400
GET H2	200	1 Show response servicer.mgid.com/1380001/	5 KB 2 KB	89ms 86ms	Script application/x-javascript	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1380001/1?mp4=1&ap=1&w=678&h=240&sz=163x205&szp=1,2,3,4&szl=1,2,3,4&cols=4&sessionId=65b7bbd0-136c4&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&cbuster=1706539984169194033893&pvid=18d55b5a44c904eac98&implVersion=11&cxurl=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&scum=%3F0&scuw=%3F0&consentStrLen=0&niet=4g&nisd=false&pv=5&lct=1706227200&jsv=es6&pageView=0&dpr=1&ref=&tfre=1119 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380001.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58a73eec46c4bc5cfdce503195dd084822618215193ba4645396de0e0d3fcf4b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 84d24d752bb3c2cd-VIE alt-svc h3=":443"; ma=86400
GET H2	200	widget-ssp-performance c.mgid.com/	43 B 95 B	57ms 57ms	Image image/gif	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/widget-ssp-performance?time=80 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare cf-ray 84d24d759c65c2cd-VIE alt-svc h3=":443"; ma=86400 content-type image/gif
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS83NDI1MzAvYzE3Y... s-img.steepto.com/g/18257946/492x277/-/	35 KB 35 KB	413ms 365ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/18257946/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS83NDI1MzAvYzE3YzBjYjkxOTNjMzY4OWY0MDcwMGYwNGJjM2I5MzcuanBn.webp?v=1706539984-zk2sAbNU6BGpgYoTKHTNmKr3s6iJKgcLJtcUKR5Bm2w Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1df3fad3327eaab1e23bdeb4f69c8d61eeff240442852bb3f68bca4c9ced333 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Tue, 23 Jan 2024 16:36:46 GMT x-mg-request-uuid 90b3ac8a-e428-4522-8495-d9677266d0db server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75eda69bd7-FRA content-length 35498
GET H2	206	501ea07fcf84601f4be74aaa059d6b0a.mp4 cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-01/348419/	174 KB 175 KB	118ms 66ms	Media video/mp4	2606:4700:4400::6812:297f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2024-01/348419/501ea07fcf84601f4be74aaa059d6b0a.mp4?v=1706539984-9FYQOEkqxIvX6uem25bixXdkBV4rIV78qIOaU5-WxhY Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe511f4abff1689fa4d25005e5e91b2470844cefab0f0e3e28c0700a7021629 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://raovat49.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff cf-cache-status HIT age 202587 Content-Range bytes 0-178127/178128 server-timing cld-cloudflare;mitm=c;dur=171;start=2024-01-27T05:55:22.234Z;desc=miss,content-info;desc="width=680,height=382,abps=56849,fps=60.0,du=3.133,vc="h264",bytes=178128,owidth=1358,oheight=1066,oabps=396945,ofps=60.0,odu=3.133,ovc="h264",obytes=1243762,oformat="mp4",ef=(18,61,65);";cloudinary;dur=149;start=2024-01-27T05:55:22.256Z alt-svc h3=":443"; ma=86400 Content-Length 178128 last-modified Mon, 08 Jan 2024 14:16:37 GMT server cloudflare etag "c44efa26b908f854ffc9bec5e72a93a1" vary Accept-Encoding content-type video/mp4;codecs=avc1 access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,Vary,x-content-type-options cache-control public, max-age=31536000, no-transform timing-allow-origin * x-robots-tag noindex cf-ray 84d24d7609c39043-FRA
GET H2	200	i.js Show response cm.steepto.com/	0 134 B	273ms 254ms	Script application/javascript	104.19.129.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.steepto.com/i.js?muid=o0t425hp0NR6&cbuster=170653998425297614658 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380009.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.129.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Mon, 29 Jan 2024 14:53:04 GMT server cloudflare vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 accept-ranges bytes cf-ray 84d24d75be4f905e-FRA content-length 0
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	113 KB 28 KB	69ms 29ms	Script text/javascript	2606:4700:10::6816:3556 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380009.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Mon, 08 Jan 2024 11:20:59 GMT server cloudflare x-amz-request-id J6PPM7V0DYP0CFJH age 3050 etag W/"9692928e9024f20ea54c02122b35d5bb" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 84d24d75dd19925f-FRA x-amz-id-2 E2dxCfXCsx5k4HZcSQw7dFRHO24XSWaZz7wnd5zFsTjIK8baUgGgcqyDTc+PxPqbmAAxz610ANk=
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/161673/7165/	207 KB 63 KB	80ms 23ms	Script application/javascript	23.213.164.238 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/r/a/raovat49.com.1380009.es6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-213-164-238.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding gzip last-modified Sat, 29 Apr 2023 00:55:21 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=77610 accept-ranges bytes content-length 63913 expires Tue, 30 Jan 2024 12:26:34 GMT
GET H2	200	widget-ssp-performance c.mgid.com/	43 B 95 B	59ms 59ms	Image image/gif	2606:4700:1::6813:834c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/widget-ssp-performance?time=87 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:1::6813:834c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT strict-transport-security max-age=15552000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare cf-ray 84d24d75ac7ec2cd-VIE alt-svc h3=":443"; ma=86400 content-type image/gif
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzYyLHlfMzQ5L2h0dHBzOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wM... s-img.steepto.com/g/18427490/492x277/-/	29 KB 29 KB	310ms 273ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/18427490/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzYyLHlfMzQ5L2h0dHBzOi8vaW1naG9zdHMuY29tL3QvMjAyNC0wMS80NzU4MjEvNjIzYTQwOTQ0M2M0NjBhMDQ4YmRjN2RhMjExY2I3YTYucG5n.webp?v=1706539984-C5krQ2m9Xdi63aEc_JNGlAkAj4eKHsJDyTZyW_md42Y Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2949b464e2e25f9887893418e7f676aa1bb47b0b2271bea7073cfb43d3e9261f Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Mon, 29 Jan 2024 13:45:37 GMT x-mg-request-uuid 68ccd14b-584f-47eb-8d9e-f709d566ace3 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75edad9bd7-FRA content-length 29664
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMi8zNjk0MDMvMTJkY... s-img.steepto.com/g/17989868/492x277/-/	23 KB 23 KB	414ms 377ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/17989868/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMi8zNjk0MDMvMTJkYTE5NzRiY2NiODlkYmM1MjVlMDkxYmZhNjY3MjcucG5n.webp?v=1706539984-6SpS6QJDpUJ_jT6j7dzqhmQ90vAOnInCOOHd3tJHzow Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1196a8d5a037ca990feee5d72097733d2675235086de06384ff465a783f3b84 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Sat, 09 Dec 2023 12:15:14 GMT x-mg-request-uuid 93d1b985-e979-429b-a8f1-32ccae18ac43 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75eda99bd7-FRA content-length 23768
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMjAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA5L... s-img.steepto.com/g/17334702/492x277/-/	15 KB 15 KB	339ms 302ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/17334702/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMzAwLHlfMjAwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA5LzM2NjkwNC84NmYzZjU5OTQzMDhmNDllMzk4YzA2NWRmOGIxM2RkYy5wbmc.webp?v=1706539984-LccnBaGK_wZrM4sstl_xk6bQ3QRP-uyxCqEujaqPvxE Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a2153631f29ad5433df476a048872a134b1bec1aab8e9fff3bc4893b199b087 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Tue, 03 Oct 2023 13:56:43 GMT x-mg-request-uuid b36e8df9-8456-427d-bccf-ace945fbed7e server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75edac9bd7-FRA content-length 15326
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvNGYyZ... s-img.steepto.com/g/17928732/492x277/-/	9 KB 9 KB	297ms 263ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/17928732/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0xMS8zNjY5MDQvNGYyZTdiNjA1YTVlMzY3MjVmZjFjNTI5MzM5OTU3NWMucG5n.webp?v=1706539984-e5fV8fz09YnWx1tU6JKJa53NwI61kPX1Bi7iu2_1fY8 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 64511eb16b26a657642ebf4cdda009893f812c71d87b3eaf9ede851b2d2fa928 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Thu, 30 Nov 2023 15:32:41 GMT x-mg-request-uuid f9a59b57-3890-4c4c-9646-f7a6281755d0 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75eda89bd7-FRA content-length 9278
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvNDM1M... s-img.steepto.com/g/16621572/492x277/-/	51 KB 51 KB	488ms 487ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/16621572/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMS8zNjk0MDMvNDM1MzZlMzQ5NmVkNmY3NTYxNTYyMmY3Y2Y4MGY3MGYuanBlZw.webp?v=1706539984-j_aX57GJ8nHygieTkkZKscFjwCwfyuAEgbUfD0AamHY Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 44ac98f2f3d285dfcdec430233c3c9ac0c3ddf22a788549140e815bbd22cba55 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Wed, 05 Jul 2023 08:05:52 GMT x-mg-request-uuid 09752890-7671-4509-820c-3b0428ca5be1 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75edbb9bd7-FRA content-length 52358
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzN... s-img.steepto.com/g/16853266/492x277/-/	9 KB 9 KB	279ms 279ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/16853266/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wNS8zNjY5MDQvNjYzNzAwNGEwOGMyMWU0MjVjNWZmOTQ2ZDRhMDkyNGYuanBn.webp?v=1706539984-HGCRs5-Yfhn1gzijvbyOeQPU49K-WwhHGBWY8yEiG9E Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fac3e33c9cfb1292e532ff09ff978a92bcccd41a1bd79c6a13dc5631c712a8c Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Wed, 02 Aug 2023 15:40:37 GMT x-mg-request-uuid 2edf23fd-643a-4dbe-8d0e-dfdfd4bcfa7d server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75edbd9bd7-FRA content-length 9050
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0Lzc0MjUzMC8yYTJlN... s-img.steepto.com/g/18347666/492x328/-/	20 KB 20 KB	316ms 290ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/18347666/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0Lzc0MjUzMC8yYTJlNjMxNzIzYzBhMmZhOTAwMGU1MDhlMDc5N2JlMC5qcGVn.webp?v=1706539984-J7-rCmarendIoOTZg6lwRrn9j1vRRzKESc6ukCP6kJg Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ade3de575c45bdac049099b863b6a87e773ce370bfb962525730d5fc8adcc50 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Fri, 26 Jan 2024 16:18:20 GMT x-mg-request-uuid 0ca628a8-75db-4c70-9d9d-003343c36464 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75eda39bd7-FRA content-length 20254
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTEwLzM2OTQwMy84OTNlZ... s-img.steepto.com/g/17485997/492x328/-/	10 KB 11 KB	284ms 283ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/17485997/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTEwLzM2OTQwMy84OTNlZDE5N2Y4MDYyMmU0YjYxNzY3YjYzZjAwOWE5Ni5qcGVn.webp?v=1706539984-dkNcSJkfpyiNU1DjG9qMLJAAuGw5kpF_Sy2l2KNBH8o Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29852da46230916d028e4af79c3fe3d85db8233e4c2ea56c4471d7603ff55d10 Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Wed, 18 Oct 2023 13:59:56 GMT x-mg-request-uuid 98fae89f-6ddb-47cd-9bb8-f116db7fbfb9 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75fdc99bd7-FRA content-length 10738
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA3Lzc4MzM4NS9hMmExO... s-img.steepto.com/g/16675892/492x328/-/	10 KB 10 KB	289ms 289ms	Image image/webp	104.19.132.72 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.steepto.com/g/16675892/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA3Lzc4MzM4NS9hMmExODBkZjAxZmJmMTY2MjBkZTVmYjVhMmRhOWRkNS5wbmc.webp?v=1706539984-b-PgJsz0zp-HVNw60_yd5sf1Y3bmQutqN3AIZM15uRA Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.72 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0620e570910498e3dc902f9ac44893c4636e4e8624a88840e1e6325e886f41de Request headers Referer https://raovat49.com/ Origin https://raovat49.com accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status MISS last-modified Tue, 11 Jul 2023 13:02:47 GMT x-mg-request-uuid 0a9e87d9-6c3e-43ce-adfc-dd5b2123c268 server cloudflare vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes cf-ray 84d24d75fdca9bd7-FRA content-length 10580
GET H2	206	382807a63802a06b08a3659468d0f84b.mp4 cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-11/369403/	678 KB 680 KB	43ms 43ms	Media video/mp4	2606:4700:4400::6812:297f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cl.imghosts.com/imgh/video/upload/ar_3:2,c_fill,w_680/videos/t/2022-11/369403/382807a63802a06b08a3659468d0f84b.mp4?v=1706539984-7CkzlILRDzUyxIAw7I3bTuUyUyCJmAAtkbAfFp7z_l0 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:297f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6da70fee3734ed02f9d24b7bf94d63d74ad070c725a4881060aecb815a4af31 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://raovat49.com/ Accept-Encoding identity;q=1, *;q=0 accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff cf-cache-status HIT age 28277 Content-Range bytes 0-694760/694761 server-timing cld-cloudflare;mitm=c;dur=290;start=2023-11-29T19:38:10.941Z;desc=miss,content-info;desc="width=680,height=452,abps=94217,fps=29.97,du=7.374,vc="h264",bytes=694761;";cloudinary;dur=250;start=2023-11-29T19:38:10.969Z alt-svc h3=":443"; ma=86400 Content-Length 694761 last-modified Tue, 17 Oct 2023 11:19:51 GMT server cloudflare etag "0d6df3f5ff507ddad07b2d29bda8fe1c" vary Accept-Encoding content-type video/mp4;codecs=avc1 access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,Vary,x-content-type-options cache-control public, max-age=31536000, no-transform, immutable timing-allow-origin * x-robots-tag noindex cf-ray 84d24d7609c59043-FRA
GET H2	200	bdvw.html Show response d2b9l3u54v5v39.cloudfront.net/active/	7 KB 7 KB	65ms 18ms	XHR text/html	2600:9000:225b:4800:c:95c2:e940:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b9l3u54v5v39.cloudfront.net/active/bdvw.html?cb=1706539983718 Requested by Host: cdn.hyperpromote.com URL: https://cdn.hyperpromote.com/bidvertiser/tags/active/bdvws.js?bvwidgetid=ntv_14736561706539983718&bvlinksownid=1473656&rows=2&cols=1&textpos=below&imagewidth=230&mobilecols=1&cb=1706539983718 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:4800:c:95c2:e940:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Microsoft-IIS/10.0 / Resource Hash 481b667ef8bbecb921a75a87ac44db8475b715c4c88e1037b5dc1a5ef349391d Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 07:50:38 GMT via 1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront) last-modified Wed, 14 Nov 2018 07:27:22 GMT server Microsoft-IIS/10.0 x-amz-cf-pop MUC50-P1 age 25477 etag "2c36c67beb7bd41:0" x-cache Hit from cloudfront content-type text/html access-control-allow-origin * accept-ranges bytes content-length 6752 x-amz-cf-id rcGCzZcwI49vbuqtF-dHKb_aVJeN0NPztPomBJkJqULOGUiuHHzW4w==
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/	165 KB 56 KB	70ms 69ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 63b55ec193a19dd911333ffbf857ad111b670eafdd0d26d63c60c0da3195a6b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57005 x-xss-protection 0 server cafe etag 9700655215373902926 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H2	200	ca-pub-9837065932233532 Show response fundingchoicesmessages.google.com/i/	183 KB 61 KB	109ms 55ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-9837065932233532?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8e4924975cdcb7dc103e53b4e22c67612d238d76e54b318d9132f2e668d1a450 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-868GFH8mtS_I8x7w0a6bgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-security-policy script-src 'report-sample' 'nonce-868GFH8mtS_I8x7w0a6bgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjusCoxSXF4KEhxbCIfxfTeac7TNeB-KLKU6abQFzL8IypFYgfhD9jegHEBhrPmSyAuCD7OVMFEDP-ecHECcQ9_S-ZpgDxuy8vmTi-vmSSAGI1IH4n-YrpGxDv8PFgeRM-nZUtYjrr6YLprJeBmK1iOisfEMfVTWfNAWK-ddNZNddPZ91yZjrrHiCOeT6dNQWIF7POYF0NxFMCZ7DOAeKW6Bmsk4DYKX0GawAQf86cwfobiMtun2OtA2IhHo4L3--tZRN48fTQfCYA4s5etQ" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	167ms 167ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322182%2C95320893%2C95321627%2C95322165%2C95323005&hl=vi&pvc=1162273600596718 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 6A94	720 B 388 B	182ms 182ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9837065932233532&output=html&h=600&adk=3412714941&adf=1448982554&pi=t.aa~a.3978928939~rp.3&w=241&fwrn=4&fwrnh=100&lmt=1706539984&rafmt=1&to=qs&pwprc=3321651938&format=241x600&url=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706539984594&bpp=1&bdt=1542&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4569760773104&frm=20&pv=1&ga_vid=1862192617.1706539984&ga_sid=1706539984&ga_hid=1804230551&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2244&ady=1311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322182%2C95320893%2C95321627%2C95322165%2C95323005&oid=2&pvsid=1162273600596718&tmod=278352604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=84 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 727f334eb142b7dca7e9e93550f3f1d686f5e4ae947c773472eca5889f9df7c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 363 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5483	850 B 436 B	218ms 218ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9837065932233532&output=html&h=600&adk=3412714941&adf=3096081303&pi=t.aa~a.3978944434~rp.3&w=241&fwrn=4&fwrnh=100&lmt=1706539984&rafmt=1&to=qs&pwprc=3321651938&format=241x600&url=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706539984594&bpp=1&bdt=1542&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C241x600&nras=3&correlator=4569760773104&frm=20&pv=1&ga_vid=1862192617.1706539984&ga_sid=1706539984&ga_hid=1804230551&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2244&ady=2149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322182%2C95320893%2C95321627%2C95322165%2C95323005&oid=2&pvsid=1162273600596718&tmod=278352604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=89 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6aca74ef0267eab9938bbf779112258f719b7ff536a2cba9d35ccfe663eef0d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 411 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8B40	720 B 384 B	178ms 178ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9837065932233532&output=html&h=600&adk=3412714941&adf=495329788&pi=t.aa~a.3978943417~rp.3&w=241&fwrn=4&fwrnh=100&lmt=1706539984&rafmt=1&to=qs&pwprc=3321651938&format=241x600&url=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706539984594&bpp=1&bdt=1543&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C241x600%2C241x600&nras=4&correlator=4569760773104&frm=20&pv=1&ga_vid=1862192617.1706539984&ga_sid=1706539984&ga_hid=1804230551&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2244&ady=2988&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322182%2C95320893%2C95321627%2C95322165%2C95323005&oid=2&pvsid=1162273600596718&tmod=278352604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=91 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40a05ef275e2d79ad3762b7434aa4eb616aba34a556eaf430e1c5c76b5405bd1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 359 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 6326	720 B 384 B	206ms 206ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-9837065932233532&output=html&h=600&adk=3412714941&adf=2713508416&pi=t.aa~a.3978934016~rp.3&w=241&fwrn=4&fwrnh=100&lmt=1706539984&rafmt=1&to=qs&pwprc=3321651938&format=241x600&url=https%3A%2F%2Fraovat49.com%2Fs%2Flien-minh-okvip-ho-chi-minh-5132649&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706539984594&bpp=1&bdt=1542&idt=-M&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C241x600%2C241x600%2C241x600&nras=5&correlator=4569760773104&frm=20&pv=1&ga_vid=1862192617.1706539984&ga_sid=1706539984&ga_hid=1804230551&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=2244&ady=3848&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795922%2C95322182%2C95320893%2C95321627%2C95322165%2C95323005&oid=2&pvsid=1162273600596718&tmod=278352604&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=93 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 104d035432cbfa6890fc1481ca1e4dcea5f7330ddb5860e6fb3382247f9defa8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 359 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame EE48	9 KB 4 KB	23ms 23ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 55482 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Jan 2024 23:28:22 GMT etag 3890843268177463596 expires Sun, 11 Feb 2024 23:28:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 60B3	9 KB 4 KB	23ms 23ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 55482 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Jan 2024 23:28:22 GMT etag 3890843268177463596 expires Sun, 11 Feb 2024 23:28:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 541A	9 KB 4 KB	23ms 23ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers age 55482 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 28 Jan 2024 23:28:22 GMT etag 3890843268177463596 expires Sun, 11 Feb 2024 23:28:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	AGSKWxXeu8HijA7-ZiYvP43YaU85q9yLhkeEejrwdJtFAjOkr4p-8OyrslLrxzzNy-etg_uTEsQK43luSz82XOQ3YWpl-qg4dTE5hR-MeOJZuxrZCLiuTFw0rbPXX3mexg4TVrh3YNEx-g== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	71ms 70ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXeu8HijA7-ZiYvP43YaU85q9yLhkeEejrwdJtFAjOkr4p-8OyrslLrxzzNy-etg_uTEsQK43luSz82XOQ3YWpl-qg4dTE5hR-MeOJZuxrZCLiuTFw0rbPXX3mexg4TVrh3YNEx-g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NTM5OTg0LDcxMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yYW92YXQ0OS5jb20vcy9saWVuLW1pbmgtb2t2aXAtaG8tY2hpLW1pbmgtNTEzMjY0OSIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a107f02a2e70a8632f67e8bcf806cfb9e7c9a84baff57154ee7cae3ddcb2bb6e Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cHcAvJ1O906HQ6ZZI9WYsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-security-policy script-src 'report-sample' 'nonce-cHcAvJ1O906HQ6ZZI9WYsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjusKoxSXF4KYhxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgLsh-zlQBxIx_XjBxAnFP_0umKUD87stLJo6vL5kkgFgNiN9JvmL6BsQ7fDxY3oRPZ2WLmM56umA662UgZquYzsoHxHF101lzgJhv3XRWzfXTWbecmc66B4hjnk9nTQHixawzWFcD8ZTAGaxzgLglegbrJCB2Sp_BGgDEnzNnsP4G4rLb51jrgFiIh-PC93tr2QRWfJ70hgkA8uBiOw" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame C87E	478 B 199 B	59ms 59ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNXs8bH11ZwUwKZSzMNx0f1wR2SHqtSbhGwxOyAwGZa73LMmulBNikv6h14drwqQJf9JD9U5RvIC5T3rEOX7jjcxxLrWhQ Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 175 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame FB13	89 KB 31 KB	82ms 82ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame FB13	3 KB 1 KB	101ms 47ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Jan 2024 21:06:05 GMT content-encoding br x-content-type-options nosniff age 64019 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Feb 2024 21:06:05 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame FB13	20 KB 9 KB	77ms 24ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:41:57 GMT content-encoding br x-content-type-options nosniff age 54667 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Feb 2024 23:41:57 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame FB13	205 KB 65 KB	90ms 37ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66337 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1706100845105677" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame FB13	42 B 63 B	171ms 171ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AcQ47zo4-VMnkmkhzts0p1Lsuj5s-Ma-qt8jdSdpw4n6AxbIJohyUzZoYR80DrOac82cbHO_txLbOuWZZ51ae2l2PJwpR22IalnwlzdPBRB_duFXY Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame F762	478 B 199 B	61ms 60ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNUEeoGxUoJ9qw-_Gr2W0x1e8xigkEh1TC25N7nBW7lxCe1yM7QOZm6DhUIfrHLKaZVJJis4hA5lfJYHB7lBsW1-ZJAvow Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 175 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 14DC	89 KB 31 KB	147ms 147ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 14DC	3 KB 1 KB	84ms 48ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Jan 2024 21:06:05 GMT content-encoding br x-content-type-options nosniff age 64019 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Feb 2024 21:06:05 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 14DC	20 KB 8 KB	64ms 27ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:41:57 GMT content-encoding br x-content-type-options nosniff age 54667 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Feb 2024 23:41:57 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 14DC	205 KB 65 KB	112ms 77ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66337 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1706100845105677" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 14DC	42 B 63 B	168ms 168ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArmHwz-UGE1wGhGlkffMIR0nvq3kClb86nZ2SNF52qd2gMH_6lGce0kuRwTQNU_-KHqZJCy79xoBPIZZO2kc1eC27i80WzboPUquj7gCsIaTBhEQo Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame AF15	478 B 199 B	62ms 61ms	Document text/html	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYyKW1gAIwAQ&v=APEucNUCxk647aF6twIgkOuS6M9uMu8YajA4IID8uRNTZurOMdYcJRvdCVx8hr7D6rFMWYTpjksKGttTBt-oGogR-0UugKNkBA Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 175 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:04 GMT expires Mon, 29 Jan 2024 14:53:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1B04	89 KB 31 KB	137ms 137ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H2	200	/ Show response a1.adform.net/adfscript/ Frame 1B04	2 KB 3 KB	135ms 33ms	Script text/javascript	37.157.3.26 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a1.adform.net/adfscript/?bn=70055959;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&sig=AOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA&client=ca-pub-9837065932233532&dbm_c=AKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs&cry=1&dbm_d=AKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk&adurl= Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 5f07fe7732a1336ea5036a379bb590d0b55e7725254ae54f8b0d89a15c48be09 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 2391 expires -1
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1B04	3 KB 1 KB	76ms 49ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Jan 2024 21:06:05 GMT content-encoding br x-content-type-options nosniff age 64019 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Feb 2024 21:06:05 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 1B04	20 KB 8 KB	58ms 30ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 28 Jan 2024 23:41:57 GMT content-encoding br x-content-type-options nosniff age 54667 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8492 x-xss-protection 0 server cafe etag 9878124937798820110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 11 Feb 2024 23:41:57 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 1B04	205 KB 65 KB	121ms 94ms	Script text/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66337 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1706100845105677" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 29 Jan 2024 14:53:04 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B04	42 B 63 B	167ms 167ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ArEXK77_r5J0uAUnbBORiLN9J2gwr3Fru852f2s0dVKqce48_Cdb-cIubdH7Wj2WDg4YqEMfeRjs_Bw2IqOz--UwLSnAUM4WoUI78EDNoly3pSjOM Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxWrXGJponOZzW0rn5jhYed-c2VAVJEPUkim80GRyI879yOo6R454u82xmcsY9mdaI3B4viwh9fsrCpUAp-5pIC3fO2XAjlMe7GmDqqFkFm3CcJU7SueX65a-IixhgQM41h3I2rYeg== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	43ms 43ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWrXGJponOZzW0rn5jhYed-c2VAVJEPUkim80GRyI879yOo6R454u82xmcsY9mdaI3B4viwh9fsrCpUAp-5pIC3fO2XAjlMe7GmDqqFkFm3CcJU7SueX65a-IixhgQM41h3I2rYeg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NTM5OTg0LDc4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcmFvdmF0NDkuY29tL3MvbGllbi1taW5oLW9rdmlwLWhvLWNoaS1taW5oLTUxMzI2NDkiLG51bGwsW1s4LCJZdGt2VXZyMEtoSSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2e7ddee6eaa0df7966211279764555d3e99f1a0ec1c5777d567053388e4fe7fc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9_huOfaYtP3iJMI0uFji6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:04 GMT content-security-policy script-src 'report-sample' 'nonce-9_huOfaYtP3iJMI0uFji6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KchxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gbistvnWOuAWIiH48L3e2vZBCacu9_IDACr9lzb" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C87E	170 B 232 B	99ms 32ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNXs8bH11ZwUwKZSzMNx0f1wR2SHqtSbhGwxOyAwGZa73LMmulBNikv6h14drwqQJf9JD9U5RvIC5T3rEOX7jjcxxLrWhQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C87E Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFshYQVKKL4zDYpARKhe2mg&google_cver=1	43 B 770 B	34ms 33ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFshYQVKKL4zDYpARKhe2mg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNXs8bH11ZwUwKZSzMNx0f1wR2SHqtSbhGwxOyAwGZa73LMmulBNikv6h14drwqQJf9JD9U5RvIC5T3rEOX7jjcxxLrWhQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP0759oWpbo%2BWEWVDJQv10vo0UV8%2FFqlix7coVuCBDZKf%2Buj8lIrfdUgsVeLThrYdWujBTmKivzD84bobZS9%2BQcIItLqzkyi0bkJu1m3kQOZmBb6J3QcLNkeDH2L7NUdeZ33rxdpGNUbUw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84d24d79b84d0404-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFshYQVKKL4zDYpARKhe2mg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C87E Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbe70BRKGlEes-ujOU03tQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1	43 B 734 B	37ms 37ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNXs8bH11ZwUwKZSzMNx0f1wR2SHqtSbhGwxOyAwGZa73LMmulBNikv6h14drwqQJf9JD9U5RvIC5T3rEOX7jjcxxLrWhQ Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6%2FblzjNgB5B6TOKNNBtyXO6Slq0oCBUjRVn37jLn91PblwBp6jhcrQ%2BDK7bMM7AN9Yq5GzSdi0piBeQCeUE6fBGOO9OEvwW8VCKWBQjZRc%2Beh%2Fi9y6qTXB6uDVl19DgdwOkgiot51ZA1w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84d24d79f89b0404-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame F762	170 B 409 B	78ms 31ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNUEeoGxUoJ9qw-_Gr2W0x1e8xigkEh1TC25N7nBW7lxCe1yM7QOZm6DhUIfrHLKaZVJJis4hA5lfJYHB7lBsW1-ZJAvow Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame F762 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdTyjyivdHnqJzYegPpGv0&google_cver=1	43 B 734 B	38ms 37ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdTyjyivdHnqJzYegPpGv0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNUEeoGxUoJ9qw-_Gr2W0x1e8xigkEh1TC25N7nBW7lxCe1yM7QOZm6DhUIfrHLKaZVJJis4hA5lfJYHB7lBsW1-ZJAvow Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVYStFiQKAXbCxSZ5Zs3Q0kpEt56l%2BKWPbIuu2BGAD%2BCNuNQvNdGFyR3CAFFEDK4JKon6nF7PplUEBU9wiiws4GQIu7i%2BcLVTc1mgFfFxs7yw6St3ZUviHKpr1HmJcVyETuTU%2FlVioGd8w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84d24d79b84e0404-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPdTyjyivdHnqJzYegPpGv0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame F762 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbe70OI.k93-toEkLpaheAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1&google_hm=2	43 B 734 B	33ms 33ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1&google_hm=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjy74jGATAB&v=APEucNUEeoGxUoJ9qw-_Gr2W0x1e8xigkEh1TC25N7nBW7lxCe1yM7QOZm6DhUIfrHLKaZVJJis4hA5lfJYHB7lBsW1-ZJAvow Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyRs6uxlY8jKZeWnvAnJeTHMpYxr1XGDr5uD248in87v9OjQ1tC7FpEyN9M0i%2FjDjusYNq845LGbAB%2FVe%2FWaH22%2BQZoZ6VHdz7AdBzAvvnS%2B0AwK3PyDtlHiJVA4SI0hNCF26ay5vlsIcQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84d24d79f8980404-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1&google_hm=2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame AF15	170 B 232 B	70ms 32ms	Image image/png	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYyKW1gAIwAQ&v=APEucNUCxk647aF6twIgkOuS6M9uMu8YajA4IID8uRNTZurOMdYcJRvdCVx8hr7D6rFMWYTpjksKGttTBt-oGogR-0UugKNkBA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame AF15 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-P3GCUjd8cDJReLyoiuBc&google_cver=1	43 B 733 B	42ms 41ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-P3GCUjd8cDJReLyoiuBc&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYyKW1gAIwAQ&v=APEucNUCxk647aF6twIgkOuS6M9uMu8YajA4IID8uRNTZurOMdYcJRvdCVx8hr7D6rFMWYTpjksKGttTBt-oGogR-0UugKNkBA Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDVNokhwqUDE0gNMs46P9cGHccJIgGLCL9C1F6ftYYVmV%2FTWYdkTuFEqt%2FWYB2nQ7QR1KETwpKgxGkizBpjnuhldvYOcCF0TNoTPxqD%2B4pI7yMBJapRCLERrrh5Ki7DxGndTItvxGZI5UA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84d24d79b84f0404-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM-P3GCUjd8cDJReLyoiuBc&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame AF15 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zbe70A5aT8cKavuHRGN6VgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1	43 B 740 B	34ms 34ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJD8NRDO0zYYyKW1gAIwAQ&v=APEucNUCxk647aF6twIgkOuS6M9uMu8YajA4IID8uRNTZurOMdYcJRvdCVx8hr7D6rFMWYTpjksKGttTBt-oGogR-0UugKNkBA Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJqzDth2F%2BkmiqsOOwkuxXGLFZkRC%2BvSD4tkguM5AAzLG39rvnFKlEJOWe%2B8hTlr%2FtvJU9uBWNDt%2BbsJFHGZvemhltq%2FY5r32aB28y6Y7mM0q%2BsM9lXfwHZ%2Fh2fHq5Vd3CATHjuMHGucpA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 84d24d79f89c0404-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDoCFCym7ie9iG8Lw4X9VH4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame FB13	0 20 B	168ms 168ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=935096077948&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame FB13	0 20 B	167ms 167ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=935096077948&version=m202309260101&ct=77&x=1&cor=11344637135888734000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame FB13	20 KB 13 KB	66ms 65ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnX3Hs88M-t6SZH53W0uwiv7fWyLGoXFXb5fGXYRJiSFhZNa8e5-F3fgnwbXG52rPpRiY1BWP7tvbEaiXmDRS8AKesNd3qfIjtDg9Dm5w7zcqoFNfQ8lhtX1U4VI-RELdsFZyjYCGv2Ri0wwpK-xP_iL2LWqrRigtYWVRWOQwqZLxg1aY&cry=1&dbm_d=AKAmf-DySWoPzdEvwsYd8EyjQqm6x8RdFiC84SPILjzY_gwlDT4s-EFyErLvyPGgN9ChcefRDEfsOc029OSt4ShTKyilKt6NUpjGyX4KfMKO9uYxz72ntCvs6TCVw4jP2JY_uFXXKZocRuP_aO2dJULRT7sSFWz7JvHhIPkRQ-oydCosOEbXkLKz_rF_-8tf1Td_ppo1YHUl2APh9KPhWlomsEt-NHECmYwZX4IlGPZNtqI96VYFgQ6sQCrMJk6dXgpX1sbk3rRpXeslBaU_e24N-JJWRjmin3ZJxW9HgOjvJtfS7NT4u6bbsT-qSJWfnXNRIPuW9ez2XZkrXQX2ArTSpVjJcTjO2vwX6-YgR9d1X9VKeGOfRKwunUSY0pKuIWkH2MNnp8G6eg2eMO24USwrW9wlDPWwtFFz8xKjAymAC8A8KPvSwAnzDZrHM88w_AyfWrY6fgJlQLc_R26bT2Cj7gCePUwHdmFat4aY_eESMhibe70zcf62m1xcrHexMIgNRvv2G8ngb_3w7ZInTkUgTWQ-GxHXgvVRIxUFYRVI9xXhiFjEsAq70H4q_TbbshUwZZ6c5zjZXqFF7A3cF71wAoFzxOBsraOC-kty-Xd5AGgdaAHDca-d8P6FInfmZE9id4SpyzPeg4AszXqFabvJBYZOUyqJDTMtY0F3qEr2VK3z0yVCLf739AH2Ks3HiW3A0-ghpAl0EJ6EjcymRATWwIgcvYI7oq6yWm-ymTNH2tIKd4E4KTAlnXOdyh00gnEpSxm9HHpLW1R9t33m21oy3nFSKxKrBqjSG_YVCUE4ftdsn5Ks8Iy1b5mQt5p_6cGg2HHyUxfYvIKb4CmrRqwGKRObuZAgUw2qERd-getRTY_iR5yeWkMvZWA-EVpleYGHOfclVF5q6t4G59TQLk6CqCzWyPztx2bGoo6qAkAbsmCo74FKZD4JAgi9EGpzzKuEBcXmjfC8tLJi9O3JvvwEe6n-XrpLSLiF_xB6AvsDBtL3Mms3WnIqYmthx5nlbawg59_nZUApQh2L7fZcmXI8XjJfM-OJvChWg6G5JwjmrHgPyhmbvbsUePRyYPYr4D8WR5_8ioVsIuykE0eDXlQuyy9RfOaADG9MabDUfIp_t0MnwvtxTI7dbtAzSBw_uTgbP4Lf00Bq8cyjw8xE05wtTPomTa8LhrWaVR6T_CxzZZg2gJFUSAM94fUFVn0_76DMxxfOXVuiJt4u-sOKwjGzKeNAlKQsnj-HCKsr2jfuD2-EV_kxQHerOC7rwOkeUiuG-y8hNwDb66UpZQT24DatQiM7OpE8N3268ugwzw1-UlOWidXb42Umxg2AuOxuLy50F1lMG7UhLAj7MnQRMUzmKN9r7En9MYVJcgAWIctmS3khDaDY3hIafPyRR-GOgw9XzWOl_rwWNQU1uzzHjzv9OabivtcYGRJi3yWJiEhSAa2hQ2IORSY8yQHpBGJHv7XcDLGU8ZoxmRGQD1GisV8oXXRgd8UFyKJuSGEJiE9H8zCLUVHygWsPXxRe4VPsdEcxES6nHxbzuTMHNwgr0J92hNXyF3xl_tTNcVMKNXY8waUjy93WmmdKT74y9_sqI5f93wHU-VRjmFQWBq7TIVKE-5sXD06plnBViBodrj7TUZCdTJkp4-fQbpt9vRDBg3V8GPqvUXTI2yd_FBz4W1RC5v7ul27BIA4H0t4ak6kDxcDs1N4RWJ2w84SbISf-Fhzfz77BTnERENtJEKboJF2-oG4m-5o-f6GaVyhPxFbxvquHi82fhyDnKCvjyTo3UpdfwAMGeMWCBUfOQUA4HJbLMdT8EjpRfPBvRLKyDtnN7_HswXh34ARGtHoxrkJNJadY_L-2SD55E-Kyd3-kM1c3r7d0yXui-zXLMNU70v1zAHqjcRRwL_4esLAM6u5HjZeCqAKIyq86NYK_Y5kMEceEKwhSwnQB-ENn77jPzgKfb1VPcN81xEuSwOkrzHfHoXfIsBqDP93KMg1R8nAH751XWwddNwUYvys3UimCjCtqyksUanBpp4ZXkDJiJFzMgPgFgCY1YvibrxaOt-sbTs9VJLxME553RQQLir0Sy044JPEUapQ9ICQwt_ZgCJFIYfePYmuqIwI5zunyBXfUMSO-lnzUbVsL5XCvkthL1j6Y47vuh9yXyd3f9rPufa_-VtGGlZy1snUzQI3hRrkR2GA3pDuhZC7vdJ0u-biRRMC-VpyqqWh7IJIsLAFPknNiorArD8O5J0q9YoICcFAoAKJG75ZEWXvHgqfBa4fQm7oEOknf4pADcAgu8uoqtwfxz_UFQZB2qwR9foWbZLza_8m4RTYGD3nCkv8a2XFDjR4FG6OCULdMBK7txudxA8JDOoflvyMTBVXYAHFynJSgX7QS2NK-BvdVysdt6BA_6yVVDRQUDfF0Q9ynkTz6WjBGs8lSDsHiENYER2Piwti6XpOSjNUHQcgAcy0q1vy2WfoPSElzPIxZmsHeTTEBnmJ_03GynXJri_-i1FDZwE2Nkafca6Dvnw7VpQFsHxOTKJJK_tJz-nuwNNTDZCRImE4KgRC3LhR--7szqDOEC6_YQDAkqqSUr-1y0PiwzmRCNB-9S_f_nByswFXiz2pl5_cmCL2m5j-MeDphPKRkoJ7F6z-9oter42OHgp-iY_m3Az85qb6cIoaLoB1G9ZiSiow7TU0gp-aPlPvjV3_kd8yKvDOnaCewUXdgeS1phcKhuwO7CUv4AY5-LZJe3s3xQ8fqF3jzOneH3mNYzSJLtKgkiGHGtCn18ltXChsAIlziYQJbYlFWP-okO6QyFuzwl0wJzZDliTyjG-SsW08iP08P9afrRWFA8WaLTD6eGX2v8XDmJs3_LsIgfp2BzMhcyzTyar-azKIQbHC4jACgoG-KKl1ZnWXl6h0K9B13vVw8DnjZBmx2oLNdGMBVmR52UOEuW4ZqbY8uPC9cZDRgc12WnVkqNZAg8_wsUa9aF-uRotaZXZSC-JNymH-p-tkHsP6LqOcBom_wEz56kMmSlrawb1L2oB8-g_eRzkpFwLl6hUUbEWa0gcSLQo_pkZkbjq8JfhJs2uRDG5EDoGQ1sNjU8a-oiCWTEImAkllDN0m7BQJ4FPFBJclWFiRfkwU7ctZ6d7bgFAlf80MpItmOTcvgsy9FLxbpPBYtkMSOyGFZxUiZ57zTQNQ_lZkW15GIggaFkTeGgK2PYzjNXEIfRH4QuR2Ml-09jZLj4Hh_GJXZKcad8Txbr3sTPJf48ONrrT5FayU0kw3z0rZ8NChyA9Z1SsbW6eTb9Kp81lHV7H2XuFvn7PsKYWcZBLrH-B9q15FVE8tlvEP3nH3udjsZc01AnuqXvIqkLdmEUdJRdh6iiggFApRLOxdC94ExNoaecbRavHNPT7ZhuUkpqrA6KJ7ydYnh3_hbzagE37ZpxvEnmg03PuKPIe_PoIL21jLe2jTB-i-uqzf8ha0en5Wzm8wcJC4ajakFH5ufTcPV5rc19QkXIccaSO37eh70sq7-G1fnTYkM4yUFhRTxO36Z4XhOeqXqdkBADVn-5AvemIxItd6aeqSDWoHsUKoHeI4v38bqXycaAVGhGonltC9jcqJzvGeEbVNJYrM84bvuCdQqUC8soBOOnruCYr8_R9O_HS2VdxTOctKUhdb8Vn2NtKP5eUkSyGxpo2ibVxlQrDKDGsLIOKyemq7UgqTz3gnDirRT7neHs7CjkI1UcGC_S8qWriWWC6DViNqAleadPIvZlJXUxd-kylL9yNu5G8nKIH_Wpn10nrIgDqMcvxGtD782YYHBaiVwpOkP03Bz3lfdaQoWFNij8VSwEJGpTP6ILDubbedR8tCw2YKBYNKccoKdfNoV1GEed5hJpev3dfmtrk1z6lqHQsOxiUz-32-8PrOyWepJANM-KilfWVNl8PSursEGtOXpHBc3Pw&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=11344637135888734000&adk=2515327513&idt=89&cac=0&dtd=7 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8ee4fd6a2e051820278100f9be95f682fb5afb3936ee88515cfb0c5848aefb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13610 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame FB13	41 KB 14 KB	24ms 23ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BnX3Hs88M-t6SZH53W0uwiv7fWyLGoXFXb5fGXYRJiSFhZNa8e5-F3fgnwbXG52rPpRiY1BWP7tvbEaiXmDRS8AKesNd3qfIjtDg9Dm5w7zcqoFNfQ8lhtX1U4VI-RELdsFZyjYCGv2Ri0wwpK-xP_iL2LWqrRigtYWVRWOQwqZLxg1aY&cry=1&dbm_d=AKAmf-DySWoPzdEvwsYd8EyjQqm6x8RdFiC84SPILjzY_gwlDT4s-EFyErLvyPGgN9ChcefRDEfsOc029OSt4ShTKyilKt6NUpjGyX4KfMKO9uYxz72ntCvs6TCVw4jP2JY_uFXXKZocRuP_aO2dJULRT7sSFWz7JvHhIPkRQ-oydCosOEbXkLKz_rF_-8tf1Td_ppo1YHUl2APh9KPhWlomsEt-NHECmYwZX4IlGPZNtqI96VYFgQ6sQCrMJk6dXgpX1sbk3rRpXeslBaU_e24N-JJWRjmin3ZJxW9HgOjvJtfS7NT4u6bbsT-qSJWfnXNRIPuW9ez2XZkrXQX2ArTSpVjJcTjO2vwX6-YgR9d1X9VKeGOfRKwunUSY0pKuIWkH2MNnp8G6eg2eMO24USwrW9wlDPWwtFFz8xKjAymAC8A8KPvSwAnzDZrHM88w_AyfWrY6fgJlQLc_R26bT2Cj7gCePUwHdmFat4aY_eESMhibe70zcf62m1xcrHexMIgNRvv2G8ngb_3w7ZInTkUgTWQ-GxHXgvVRIxUFYRVI9xXhiFjEsAq70H4q_TbbshUwZZ6c5zjZXqFF7A3cF71wAoFzxOBsraOC-kty-Xd5AGgdaAHDca-d8P6FInfmZE9id4SpyzPeg4AszXqFabvJBYZOUyqJDTMtY0F3qEr2VK3z0yVCLf739AH2Ks3HiW3A0-ghpAl0EJ6EjcymRATWwIgcvYI7oq6yWm-ymTNH2tIKd4E4KTAlnXOdyh00gnEpSxm9HHpLW1R9t33m21oy3nFSKxKrBqjSG_YVCUE4ftdsn5Ks8Iy1b5mQt5p_6cGg2HHyUxfYvIKb4CmrRqwGKRObuZAgUw2qERd-getRTY_iR5yeWkMvZWA-EVpleYGHOfclVF5q6t4G59TQLk6CqCzWyPztx2bGoo6qAkAbsmCo74FKZD4JAgi9EGpzzKuEBcXmjfC8tLJi9O3JvvwEe6n-XrpLSLiF_xB6AvsDBtL3Mms3WnIqYmthx5nlbawg59_nZUApQh2L7fZcmXI8XjJfM-OJvChWg6G5JwjmrHgPyhmbvbsUePRyYPYr4D8WR5_8ioVsIuykE0eDXlQuyy9RfOaADG9MabDUfIp_t0MnwvtxTI7dbtAzSBw_uTgbP4Lf00Bq8cyjw8xE05wtTPomTa8LhrWaVR6T_CxzZZg2gJFUSAM94fUFVn0_76DMxxfOXVuiJt4u-sOKwjGzKeNAlKQsnj-HCKsr2jfuD2-EV_kxQHerOC7rwOkeUiuG-y8hNwDb66UpZQT24DatQiM7OpE8N3268ugwzw1-UlOWidXb42Umxg2AuOxuLy50F1lMG7UhLAj7MnQRMUzmKN9r7En9MYVJcgAWIctmS3khDaDY3hIafPyRR-GOgw9XzWOl_rwWNQU1uzzHjzv9OabivtcYGRJi3yWJiEhSAa2hQ2IORSY8yQHpBGJHv7XcDLGU8ZoxmRGQD1GisV8oXXRgd8UFyKJuSGEJiE9H8zCLUVHygWsPXxRe4VPsdEcxES6nHxbzuTMHNwgr0J92hNXyF3xl_tTNcVMKNXY8waUjy93WmmdKT74y9_sqI5f93wHU-VRjmFQWBq7TIVKE-5sXD06plnBViBodrj7TUZCdTJkp4-fQbpt9vRDBg3V8GPqvUXTI2yd_FBz4W1RC5v7ul27BIA4H0t4ak6kDxcDs1N4RWJ2w84SbISf-Fhzfz77BTnERENtJEKboJF2-oG4m-5o-f6GaVyhPxFbxvquHi82fhyDnKCvjyTo3UpdfwAMGeMWCBUfOQUA4HJbLMdT8EjpRfPBvRLKyDtnN7_HswXh34ARGtHoxrkJNJadY_L-2SD55E-Kyd3-kM1c3r7d0yXui-zXLMNU70v1zAHqjcRRwL_4esLAM6u5HjZeCqAKIyq86NYK_Y5kMEceEKwhSwnQB-ENn77jPzgKfb1VPcN81xEuSwOkrzHfHoXfIsBqDP93KMg1R8nAH751XWwddNwUYvys3UimCjCtqyksUanBpp4ZXkDJiJFzMgPgFgCY1YvibrxaOt-sbTs9VJLxME553RQQLir0Sy044JPEUapQ9ICQwt_ZgCJFIYfePYmuqIwI5zunyBXfUMSO-lnzUbVsL5XCvkthL1j6Y47vuh9yXyd3f9rPufa_-VtGGlZy1snUzQI3hRrkR2GA3pDuhZC7vdJ0u-biRRMC-VpyqqWh7IJIsLAFPknNiorArD8O5J0q9YoICcFAoAKJG75ZEWXvHgqfBa4fQm7oEOknf4pADcAgu8uoqtwfxz_UFQZB2qwR9foWbZLza_8m4RTYGD3nCkv8a2XFDjR4FG6OCULdMBK7txudxA8JDOoflvyMTBVXYAHFynJSgX7QS2NK-BvdVysdt6BA_6yVVDRQUDfF0Q9ynkTz6WjBGs8lSDsHiENYER2Piwti6XpOSjNUHQcgAcy0q1vy2WfoPSElzPIxZmsHeTTEBnmJ_03GynXJri_-i1FDZwE2Nkafca6Dvnw7VpQFsHxOTKJJK_tJz-nuwNNTDZCRImE4KgRC3LhR--7szqDOEC6_YQDAkqqSUr-1y0PiwzmRCNB-9S_f_nByswFXiz2pl5_cmCL2m5j-MeDphPKRkoJ7F6z-9oter42OHgp-iY_m3Az85qb6cIoaLoB1G9ZiSiow7TU0gp-aPlPvjV3_kd8yKvDOnaCewUXdgeS1phcKhuwO7CUv4AY5-LZJe3s3xQ8fqF3jzOneH3mNYzSJLtKgkiGHGtCn18ltXChsAIlziYQJbYlFWP-okO6QyFuzwl0wJzZDliTyjG-SsW08iP08P9afrRWFA8WaLTD6eGX2v8XDmJs3_LsIgfp2BzMhcyzTyar-azKIQbHC4jACgoG-KKl1ZnWXl6h0K9B13vVw8DnjZBmx2oLNdGMBVmR52UOEuW4ZqbY8uPC9cZDRgc12WnVkqNZAg8_wsUa9aF-uRotaZXZSC-JNymH-p-tkHsP6LqOcBom_wEz56kMmSlrawb1L2oB8-g_eRzkpFwLl6hUUbEWa0gcSLQo_pkZkbjq8JfhJs2uRDG5EDoGQ1sNjU8a-oiCWTEImAkllDN0m7BQJ4FPFBJclWFiRfkwU7ctZ6d7bgFAlf80MpItmOTcvgsy9FLxbpPBYtkMSOyGFZxUiZ57zTQNQ_lZkW15GIggaFkTeGgK2PYzjNXEIfRH4QuR2Ml-09jZLj4Hh_GJXZKcad8Txbr3sTPJf48ONrrT5FayU0kw3z0rZ8NChyA9Z1SsbW6eTb9Kp81lHV7H2XuFvn7PsKYWcZBLrH-B9q15FVE8tlvEP3nH3udjsZc01AnuqXvIqkLdmEUdJRdh6iiggFApRLOxdC94ExNoaecbRavHNPT7ZhuUkpqrA6KJ7ydYnh3_hbzagE37ZpxvEnmg03PuKPIe_PoIL21jLe2jTB-i-uqzf8ha0en5Wzm8wcJC4ajakFH5ufTcPV5rc19QkXIccaSO37eh70sq7-G1fnTYkM4yUFhRTxO36Z4XhOeqXqdkBADVn-5AvemIxItd6aeqSDWoHsUKoHeI4v38bqXycaAVGhGonltC9jcqJzvGeEbVNJYrM84bvuCdQqUC8soBOOnruCYr8_R9O_HS2VdxTOctKUhdb8Vn2NtKP5eUkSyGxpo2ibVxlQrDKDGsLIOKyemq7UgqTz3gnDirRT7neHs7CjkI1UcGC_S8qWriWWC6DViNqAleadPIvZlJXUxd-kylL9yNu5G8nKIH_Wpn10nrIgDqMcvxGtD782YYHBaiVwpOkP03Bz3lfdaQoWFNij8VSwEJGpTP6ILDubbedR8tCw2YKBYNKccoKdfNoV1GEed5hJpev3dfmtrk1z6lqHQsOxiUz-32-8PrOyWepJANM-KilfWVNl8PSursEGtOXpHBc3Pw&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=11344637135888734000&adk=2515327513&idt=89&cac=0&dtd=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Jan 2024 11:54:17 GMT content-encoding br x-content-type-options nosniff age 356327 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 24 Jan 2025 11:54:17 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjUzOTk4NDg2NDc0OAogIHNlcnZlcl9pcDogMTgyNzk2MzQxCiAgcHJvY2Vzc19pZDogMjM4MjQ4NTcxNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame FB13	0 868 B	138ms 56ms	Image image/png	142.250.74.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjUzOTk4NDg2NDc0OAogIHNlcnZlcl9pcDogMTgyNzk2MzQxCiAgcHJvY2Vzc19pZDogMjM4MjQ4NTcxNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNjg0NDUzNjkzNzM2NjAzNDE3MQpkZWJ1Z19rZXk6IDE0NDE2NDEyNjI5OTQ3ODYzNjk5CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0yOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMDcwMzM1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2MjY3OTAyMDkKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTUzODE0OTAKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3NTQ5NzQ3MjAK Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0x5d5c0de4abc214df0000000000000000","13":"0xbc89ca425f96bc6d0000000000000000","14":"0x79f5cf5341867bed0000000000000000","15":"0x861a79e9211f251a0000000000000000"},"debug_key":"14416412629947863699","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"16844536937366034171"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	70so8an67my2 Show response hal9000.redintelligence.net/zone/ Frame FB13	11 KB 4 KB	86ms 26ms	Script text/html	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/70so8an67my2?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2I5L0Lu3ZYLoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QJ8SInbGhb2tP26GQMTdbdJo2Q4ecNkbpg3qOaQYl6qxCmccVb1CAcfqSFUE1nST9vYrZbTxPnorP_OIQPoDAG-8t9pFQczA3IEJvyyubdXygI8vsu2tSHUld6mI7ebZDB10qcOT9IabLOnu8RPBPXezNK7lgane-8FqrpMskXA3WjlHiDGeXQixVniVVE6LTsfrjnT-OmvorlniY12Am33Ci6P9Do-_FH-GEa9ETZZ27hOm8eSXiYo0fdhxdEreM9c808uuBNn64D3eWN88LO6tJBFoNOlUSuUTJ6E5r9vU0FKRJZtit_5GtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_2eMpbC8EpIBX1f4OrlQnjWyH9BQw%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BYdrLPOUVoaW0DpwdZJVf5CFlgHbrl15wj30LuvhsN93f59gCB33rGc92TGjnQkhBe5TBCSNhew1rwmTwn4RiqQXKWBl1lqFtaPVWy8aUpurVqdFohrV4Gry9hCwkMa-LAlhcB8LwPSkvIszKiPUvgfajr1Qvk_lCeD8QWWFWyl0gzwkc%26cry%3D1%26dbm_d%3DAKAmf-Aa74zHEWMqu0hpNsy6X5dyNHAnvEBV1cudGHJOXJzuZ-kWUvOsVargh1CYITWrQHPpXOBUH6mpr5I3GEwgx1ivGil0c0W4OqLW9kuk02LbWFg5hikwl_p1RYmuPWKxxob7dKeX6omTyy6tfhb7LZ6tvWufRdhVRnaS9NfYlUSYrUt5gU2aF7CjqNmzyDGSL836SohnCLuP7hf_9FBUY1eix27UFOja3-RYSariiMDLGHxundDK_vUbUXIoqspCvoPPdhtp-9cqQzoOXGXfBMvOaBJJS8m66UWEB64Mtwv7F8eH2xKOrEyt0OYo3DOcGKip8CUiDQcn01vyemCcMmnh1We4LExOOkvSQDCvBV5Ed-LO7SRalpLkfKWZO7Ro8CgaPpGpOZs8QC0OyoKw2YW47hfnnnTSF3ucD70VVWrAaPZKSWXuQbvPyGoACCsTq84IqPkVa5SS8QueLzTLgXBObHdqCUqm1vJyN821u_2ypJrxdkEnIc9GLMdIpF2PqZXOYk8iH0bYfM1mALK5lj3ywepb1drd9M9hq3mGQwc5W-cDVyAZlWb3XA5YSeM2oELIjnsq2RyWHUlw2CJM7yt2_hVoQPSY326a1mlAInYkoLXKo8M%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash 71f57ddd8d3cd52b228020a44a4a8c25c3a38dbcbb7217fb3aafee54bef811eb Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:04 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4194 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B04	0 20 B	168ms 168ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3820036480581&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B04	0 20 B	168ms 168ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3820036480581&version=m202309260101&ct=77&x=1&cor=6841829248467980000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1B04	34 KB 19 KB	61ms 61ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdLZOt8SDiER3_XmJUxk0MsQYbGKjQnhVXWhjmevg86mfuxwrzIELmJUVXrzWVloZ3JdrKUp0u87_4_BYuwZzAmx6OOjhfZE841wQ9zeKCH-RW1HyWU_YQIds7GqWaDGyI4XEIhdbDmFjty5HABSyorIDwklFL1JKeClkhnIyO6zyxpKw&cry=1&dbm_d=AKAmf-ClnM8cdWG986J2ws-kZzQ4sMXrdtsegUFVaOSMRVLGgzVcvIO0RANo8Lx64Z9MrJLO4kHtFMyloiQg7zWTvsdwKAHAjmHTSZIpyPrECLexJgMjppIpwSc-ZtHmFrrwuzm2QxVHPDSyv1xHGxgA7PqeeH1Tbt8dxkXqs9z9U9tmtRgRFMnaEG3zf9Kiz92t82MJqctLvzh0P8wHpA-RobUsyoYiiPINgHzCRagi0OgVeS0pYXqduk-F2LjPfIcg9XFrBnZIGVIbNBk-NgOEfcmgrKUz5M61PGhl7AFyoFJp1odUJaorsUtH_yffKIrOWu-gyPwV-E9wrCxnf8wSa8gSqVshJu47IlA1bBnjJ9KZv8LBytFKRc1lZjjn8Gy5kN5EB-lhQJjNf0x8KZrB4MllXKWbSy-D0SoZE2f6nRG2MDhJ7sA6k39UJJAGdXmgCrkzu6W3fOzI8kJtrTYt6OyYBjzwFV36FHdKMF98m_6LVMvX9_KHrF4lC0y-cr6K3okTWlJia41ywCZaiQ2juElTq39ihNjdeFtSt3E4gmtQPiXRYJrstCsgviE6CwLZMVpA1bxLCUutenf6jbL_I2NtoSZLZg-rJf1U27ZIEQAZieTjUzYyd4JnvTvJEzmskWDxy1ScrnFl2vVw5j0t4zK8D4MCTCJG_rC2uSghluG_89soOtcWBbi-xsHGorxxn6dkkTpuJh6IXYB30xzAgyINrQECXzighM_uG17lSdWalZpcL3VE60B8QdlOm5F8lAC8d74BLWFwBA0yAJWnBbnEG1NVWlb8hTPKFNCBBZQ4ny4QxsBp58vvd8HkJT6w4804S_LGAuIDpGNwNsygrXi1BTSlXcJlXjTgFhuDmbDMC5_1LhxqcS1tXLCr5PoHSUqRhITjDYzGtaAe2CGzIaYClvwK4tVp3oUuAxegt8sy9ahyfnfFOB_asqb7_k8eiwr4qhefcUGIion0YTOGJt1sj_Be4ja2QwEEz3I_vlvRLfwmjJ24EuxjmNXJxQc-g9bZCVCBoLY0OGqyE3ZAHnRi7cHFD1uWWuiq0qldFiA3k4XOYdE614DlmtKtwIuM-WANiIoY4mvVRAJrO0o4FLLO_2b4vncQ4TgLa4-aGPxkYehaDE0VZF7P4uixKoGVz4w-cRfvjNoYOZ3M6A4yVed09ACJ6a46R4nThTaLBIdj2kdi5mcc1Vi8DTPPVFfEBr7A8M1400PJz3o4N8_Fxd2PSqioqRvEdKBZM7Qy8UhBP6dblE8rD9LAoECUfikyK5yI-ImSj6voxZpfrghPi-EHRZtkzMar48Eg5o70vgYJ2Y9gwdsrHMEdOrF0v4GM5YQobavQAvi3XMSrHbNTvI9A1aogrK-Qs3ss5eNtNFZzEvWmB8KPziy5wbO_vWJNEMcfcKYmIqXy_rQVVVCUtDS87FqyA6d3XKaXMwo5G1eVMlnHUIuk2VRWJ3kW4rzcSkmuoaYFYh2UYTaTFHRch2tygUff4v18JHkU9Hh0meHU-GeQRm9h2Nyy3yCfZLvQcMo7NbCd6KFjbz2QqierL5M5LvOZkTVJFRozapT4eXtnnn9AvuMD3dy59fY0rVeDOwjNGP01_jc-RVAY3PCVI7Mw_qLhaxlsHZrfn1poDSmltro0nblJfoeb_hngSZoIuPSr_qH9jZODjZcikLpQ0f3DDWfwFMDdpIoeETK1sVlIz-y9SueulPo2NnjNF5EpQ58TR5NPWHt1IBbvVUEYMUTYBMhXP16MLujAcSvOVi9a0RkXJek2jer_Q9VGnt0H0UKk0SwU5G78MbnOMKgXLoww93lmou0Pj7t7spFVX4kMtRtNs4i0Urh2iNfewJqWO-JAOeIGGnZuYGp7Tx4bhXEgnD2eRi8QyPThj1PQ34DiBV9fDCgv5WSee5Fs3SiIhB2YNSFDoBndWheo6CbPHBDUv13y_i-Qyyy1w_qTJ5HyfZJOYEg8GzQ_Vngu0ND27VSlUdwEh_c9cQjKb_erjgKwrA_a_tCAOlCZW9B5uLRjAnyfuCUD-t0UIx6aXNygQVlH2mdw-0jvxbQ-RWAxHXi29OY3dCpj06B4Nu6Y6rN3riaH858JKRvLy-YOOuPbNlT_nP_Wl--fSGHat1_nJjfLxJNz3UHFRKs55Sm0Zv4ajfLiHGUtEStiumBkkIZsQSen4frnZN1oqs7pyQZxMsiVVj420cjErbrUFa4LCJffRIzgoaDb15gClG-2WsUhXbnBuHKuM_60J3qusXoVuN9yq9x8masFVep--x13EATtcUHoSdasOM26_BVvD1AxNmEvJnejjKxqRoArRX5Jg8Ju9gVY00-C20m73IPfBWklQNibSDWqnVv0d2IDWGkI_pOyjqLdmLZKyHpFOAvJhSORmY6XAes7ecPCtNnld6MUILzCBtzmypp5qS7nGY1KpXrb0IUQ8SdzwXtvKn-02DaggGf8rk6NIuwilPa7tlPKN96nwHrBWlv8LL-WkEo0MUist6zQvAbUFm_Mu_5YqT60FPL4Ju-1GYbR_R4l5ZE32E8GaIW5GGEbbfUC2T-iUkjpgXTLkE4KWJgjRQLS92nSj2Ikemc8NdPJk5oeMUcn6-Oduc82L2N8wLyFL1Cf_Vf0d4YwLh3q5iiLERy_vBYNil1rSg5Nj8sg7PQ9a8vJX8PFwe_blRfBcI_uTFT8owSPU7oiD1oh1MQc6yfAcTwllCJhA0AeMdQM40CXlJlGFIxUUHErE5A7SvDQno5m7-kC2Elc8rYang-eSv5-3DDbkG7bjIrkS8vnqX_QpxTKy7AQyC7fY7IzhUxUHOKVI8Hb8tpbVBhT9zD0f7coUUXYz9HSm_MhApjflGYGEp584RUGgam89Kczs79RkYZSx1Q308ZiFMv2mh_8aQbcyJd3BuJY84BBq22W0Z2D9NHflDlGDi10b8m-AFh-KbGvCv4yl7LurYvo1u3YFMZP3L6ZKmRKTPkUw0TKOB-Czdx-zX3A0YpjAM9NfMJVtL1AKjVjQObY2dfjiRAt3wGutlQr3ZVl5Y1U4XYqSwSZGATXMtldTpREj0udQo_WUFA4Lo4LRbO51AVcbXNIeXix0QrE-rCcaCg7CLsKYrdMtqXu1_d4Q3OyxcipghS9BB8RGsPu7XLeqRu_E0mB7sLb2BULrRAwb37JEKJ6qfSydjQqmyFqtet7ReP2vcxHRNeXHxX1Kebzero_5vMkhyQIj6vwgzx4lameV3bFXIXvIDtOdeENpgKT7TbuN6Yoo0LaKWHAyHnUDeq_QCPFuLrO_sv3TQIJHsYD0auVmjPTd9v-SE3eZ_NZmS2UOrHZT4rZ-xl1wl1e_EsKOP31Q1gj1GTfAYKk_7FGHufEwH99hMnWvKwZRK1ayAacA-dSzqfV430LLylZjjBSAKaEF9I_JsySTt79ErNOHTxFNmQ_9pPnF6miryg9TIqgvvuDj50cy_oSldTaIt4zzbz7aNAzmfQtiyVUh4XsRg3FnXnnDeBSBSkBdkNJEzXJ5oP82KdO2J53HlvKfQ66QbvGe1_11zaNGZNogzWTl9hePLZd4Hz6KPFWcxYizTceLt0GoRRi1O9e2biA7IfDYpd_PnTs1n94sILyRZbyR4QPuWDhbHxSFgOUaZJe1oBU_H6MmanXGdE8Lhf6LvmSqEdwS1ZNICTO5yG1pZy-JKxiqQIJ6Mto3I9xyKrp8HiqpSqyAQ-J1c5tyzIkWpjMZTpatKu_2I2k2HrUwHdzgXcPRDDWJrigNrvaM6Z55VvfBm3sGZhxKK5tjhJ-etw05abR2LqZbvAK_axYL1sClJIeIF8gJt8v1Ur92zM&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=6841829248467980000&adk=1935140219&idt=145&cac=0&dtd=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1b6ec1bf76be244067d50fd42ee44d8f8b91ba721659fc98da07c3c773c450b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19647 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 14DC	0 20 B	167ms 167ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6825033459227&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 14DC	0 20 B	167ms 167ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6825033459227&version=m202309260101&ct=77&x=1&cor=4333941170271662000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 14DC	20 KB 13 KB	63ms 62ms	Script text/javascript	2a00:1450:4001:81c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBxde4fHR3aOyk5FVxf51ZVC8lPTUq2Lk7EzMWAjoC4h1RiHPYIYKx85QHrm1-OPcD8mC5END4MTckPOIv2AsQyWEeArg6CnC-Bn0ys2b8QimrDQL-amq1MGcMf7xb3TMcldRlUuLCWLKfYARuZkgBSqty8sZ-J2QjsKsUxXXkn9TIucc&cry=1&dbm_d=AKAmf-AtD2toO6UNTlk3-Ah_G4TugRNR-7fFRNAz6VEg5UYRzTxSP90vt_0DI_5XSG8u9zEPDm52xD9bbdr5OacvTWg-NuWQFI5R3yC0oMGuoxGmdqlQRVNQxbWACihKJIFlwU02kZoPQ9EpWPqVDnemcMH5tEF9pVYNECFDwKtM-79O28_BewWuOFPbaZuJAc_YdLgIaqRYZ37tvA9IZqb7tKZLv_mkwLEmQ4pQ6hnRM_8DyPUKhq9V65gQddnPc2JLZ3GvhtBZ3UObPDK-Jx2_GrkT2dT8UXYszD2QklHUtDeNc2qn7NBAteMuRMhkgMpDR4t8IMww27lryvmQl0EpLfciql9OS8fBOoACH7v2uHegks85IKmFa4gbXYNrJlx21U4Tti-VlY8gLb5oL0n463wLEnvIEX9Ujz9rxisq7KfTInd6aVOhXYa2zmlyKmlcFHhGCI2UEsbQ_sTeyAO9DAw-NEleaTqUdnBN7LjufgnxYas_cuX7CIffZRtYWwI2odvXLGxjyx7xb5CyW_WpzQA0s9zNF7M_xyeQ0tVcvUthuAOulhhkmAjgCKYYBDCkKnX9Bxjy14q3-xo0g6d_e3CtELMFc2BhajV6jrSPyCXRHo4oKdoJAaD8fTPtiSFXwJFBOcKQw5_5H8pC5M4gsEn__RqEx8hiKdtMpzDn-q0NdamQZGKQMILKdWOA23NmSr87PRWnvEaaPgpF7wAZT8kBGjcfUH7Z2A_v6fRR1yR73VPcTsYenmiPx3tcfy0IzTr4rzHyvBsrggMqzOimw9K-LNepPV5L6raUHL8F7XGbfOZCcVUU03_ZsVv3OCI4aX9tN73BMvC3K9G0U1-Vf5nMCA5Ds4XZEr2uzMjwYVr62jqaIW7JA5m0weNMEm-C6nctplJzczhNbSK3dbN_lKwAHX7lOoX9gc64PfuACmOpCHjE8i8EMSjy0u8P79E1hAqUvImn9ikOe8_3Mumrjq2fXst1VNrcK3LZQKZZwmU84cOEN4DNb3VVuJvnANZrc7hghusaA8HCcwbS67yiCx7kEL4OUPM4VWCV4gyoeEjOg4NuSL54EGuwTpc_YgMCY2Z4VnuJke7CMtyM0gIUYMFiO0Iiojkzj6s_KRlrI0cjPLCOGJk5YjskaetaJqBgEMUeBdXbrtqzfmxg4AflkrOBc-0bp90Cw6zrsq8yVgwdndY7gX_tJrF-bz9tEcg9lAluiFfVLqLJlaZmUPd-3rrCR9kjhHc84k-2xXoXyvmoMiFy1xBA-0g8-KngZkNqo1fY5Rsg5iPJa4RxsKHvnRYZra3hdg6icNpxCQVCHLfNr9-TLayvkAiU2HDFMH51Ukdqb3MDMGuMsCsyve81Tvqh7UOGl7qzLJRP02hnrorDMIAlwvTCAyLPLJKHn_eFlseA_faANOz54LsgQZDnkMaTptgJdwSYnkXMNMHyVsfWgUgCwHtZ1PQalIrrdU0H12501JqaSmzIR2_ihDW0_GhbEv3i0U18NM-f5x_ttPKHhvPgOi64O3egHuBHlfKDR3uFiQnRekCunMllZ52i6pjGVAWsOQuGkCBhJ0vZee7fdKApD563KSYrSU6JX3VHJGGxMCFGRu2DeTbqB-T4iz7Xo4bZ5mOm5t3ZqAqdQuuXGB0lym11DjNPrI3wWHrByu3PhJb2OB1o_rTrMi9dN-HacDislHXKPBiYbqPatYwAHKe7McKV8i7xOjKLm_qqWrJc23iQG4R_ylrwtD42q_qiL05JYsU3ORkWsT8tJmjVT5jQ2obb1ZeqIOqefMFk1lWqdRnK5oI62o3Wb5r5Aenm086MRV3f8lDNZAq0T5XA7ooxiS5AJ1dsC7Yx-HaQSiNt8ZhYDbenaZOHVx7FwxNc2kEAVENpMuPS-p1c-eoWoIDgCTr9-NduCuLRumspd_-avG3SB3OMJq4Yl9Xagu6Y-EqQqAr9HMk_4W2VbfcWTL4CaaifKMrLG0ifPZhFiEw6HF6OdJV1ma6jMXL5lbC-Y2cOKFWEB0_Zw6TcwLBsZdCWBh424V7mNHF8Ye4rbKVCShSeRi_qs-0-cDf_7h1UPuW4r83WVhsNyLE60NTMlUMKPWzXeZPUvy6uows7SInGDZlanbUGxQcfJZ4ISuWhTzzKQYCdPqPitia1vSCwQKKgAvOq94-pJfzbr_9Gm8s_Z-toICxcOyCKBRRaDqLV39DKvHI_uZFWmTxdqL7oLGymBIW74df5RA09uS0RFmUpAiMWPGyVvGCgulXECokdtoMrrEcv5-3Yrg9P0yGD-xYwo6scdal61CO2AdCGA-MNAsj2fQdSd5uz3GPlnQ8kIahgTRe4PN47Qp9wZi3d-7Hpd8dXEKNicgJF_yApTz3ddNeE9zJNqAXemDJ2nEy11TFS_u6cknZJh7Bu-a5r7Wy56e1gEIM86LLG33_I9Dg7faaCymfoksLHLJxLNeuPgHqDejuakRejTp-q704ZaMmtRu3aOFrI5Ca38CCkphfzx-siV7M6hUcWLLPWl3kM6ab4qIo6YNwWMzaZlEiF5lmlHaUKXIfbDCpaaIIjawYEqY6pZ-mZIMonIkS-G1eeu4sV2u81znDMI_HPIAUrBbCbEXmONgunxxI209Aca6I_o6nfqTJTB__dIftXDPY0OmjC_Z7bMj3DhoRIHOawE4Ad9KLm80WdVrJ18Vod0mAks-d5T0G2UasmZDbHZj3fVAnIElXhgKchC9ExwM78poHhmzpvt8EFIHDQmnGBnc2hJgUm-WZMEYokrlBsA0ifRuYpALeNqk6qhkDk7VP3kOLJuq_nnbPn4Bu9wA9cAwl01o9mI5kljjbd1x3bRmzJ1iy8w70ty1ZJ6XTWIc6Q8gVK1SG82Z6htXzd_camPRRe8lzNy05YzruKj5kecPy-8Awd1NyqqJWefF7xnMEuIi0ETNrrEHp5BfmWNxcyRvzv_iUYOK98d_J3xgSh0tEKQVCf2Pjb-_mcje18W5FxuqYQgdeFibOAw0WlHLQa0Aq0lWX3NmN0PDLio457CeIhCKx4zTAGh_nJfIccgPGgXGCEk-o-f7tFDI-e8Egps9QE1skqTP-mhnyOJe7e1R47o_bIemFOd1irJzG5o_fOVw-w6vKNTMFStemVbJPOc0XcxoqT_4e7BwQ835lXrIIZRn-D83ZRpYn32Q1dkAuAV8F6dRkITOFzEhlQ5EZoCKkngvtfZLg-cPGwBsognEnRgdd3VynZX7zoFY1mW80sRPFNVg8iw5SDRqBvgr0wm7WbhgTvJxvLVd9ekhNHNUiVyfm15SQDF7zO6vMOCdaMqr0RC81YPgkPM72jIdUoa_pPzyZyQ0OvAcFvHbPQUWC5i-9CDv0fhdq1TfEI0hIK7l0yvPQ-63cw0YaGJEAzSU4lFuHfAaogNclU8LfQHLXG46I6HnKqdohCZgC7Ez7fdsAVugRUIZtskB-c8hmNaP16fD3HrW2jNy0rppk8GS-VyLzhO1o5koiNErYQlDFR0uufzKYb-I5MouPvHqoR-9YA8Ax-IEH8qOXIgz0ZUzBboA1a58-ZswvVD_6Goi4DLzAV-CP9QfHspYjJ6AJx2F0t61FTA0a9vM9FPKh2MbYXLgeO4erWoFODRzOPv24Z7hygXU7sBtlmcod9gVFe70hAAxnlFC-uy1Xptg_jl7Wk8rLWbGNjmA5H-a3ujbdi2b9Ws0HIGhLlQg6ChIIdeQFz05ROTFqJBbVaK9tzBkyuLaCcC3nK9Oz-6PO9F-4Fp-epdlY5bubeeLT_irF_WsF69pHDKnbXJK3Cr28k64oYmJk-81DYtu-0KKDAX06lz7PYTwf-KXj8CKrmuAOsnQNNozPEOMwKStN3Q8IW5EBZzb1luQV4ykaASHlqdUuvl-sLBeIunglkpXFdSsa8hyxVCRRWteFF_JvadJGGQ83mR3h8cQ&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=4333941170271662000&adk=3062569611&idt=176&cac=0&dtd=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a6b7661647f7c53c8275fa1308d3dd1a1134a19eea258d621144ea58c5d2c44c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:04 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13556 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame F0AD	38 KB 13 KB	26ms 25ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 356327 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 Jan 2024 11:54:17 GMT expires Fri, 24 Jan 2025 11:54:17 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame F0AD	39 KB 15 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 09:45:49 GMT content-encoding br x-content-type-options nosniff age 18435 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Jan 2025 09:45:49 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 1B04	31 KB 12 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdLZOt8SDiER3_XmJUxk0MsQYbGKjQnhVXWhjmevg86mfuxwrzIELmJUVXrzWVloZ3JdrKUp0u87_4_BYuwZzAmx6OOjhfZE841wQ9zeKCH-RW1HyWU_YQIds7GqWaDGyI4XEIhdbDmFjty5HABSyorIDwklFL1JKeClkhnIyO6zyxpKw&cry=1&dbm_d=AKAmf-ClnM8cdWG986J2ws-kZzQ4sMXrdtsegUFVaOSMRVLGgzVcvIO0RANo8Lx64Z9MrJLO4kHtFMyloiQg7zWTvsdwKAHAjmHTSZIpyPrECLexJgMjppIpwSc-ZtHmFrrwuzm2QxVHPDSyv1xHGxgA7PqeeH1Tbt8dxkXqs9z9U9tmtRgRFMnaEG3zf9Kiz92t82MJqctLvzh0P8wHpA-RobUsyoYiiPINgHzCRagi0OgVeS0pYXqduk-F2LjPfIcg9XFrBnZIGVIbNBk-NgOEfcmgrKUz5M61PGhl7AFyoFJp1odUJaorsUtH_yffKIrOWu-gyPwV-E9wrCxnf8wSa8gSqVshJu47IlA1bBnjJ9KZv8LBytFKRc1lZjjn8Gy5kN5EB-lhQJjNf0x8KZrB4MllXKWbSy-D0SoZE2f6nRG2MDhJ7sA6k39UJJAGdXmgCrkzu6W3fOzI8kJtrTYt6OyYBjzwFV36FHdKMF98m_6LVMvX9_KHrF4lC0y-cr6K3okTWlJia41ywCZaiQ2juElTq39ihNjdeFtSt3E4gmtQPiXRYJrstCsgviE6CwLZMVpA1bxLCUutenf6jbL_I2NtoSZLZg-rJf1U27ZIEQAZieTjUzYyd4JnvTvJEzmskWDxy1ScrnFl2vVw5j0t4zK8D4MCTCJG_rC2uSghluG_89soOtcWBbi-xsHGorxxn6dkkTpuJh6IXYB30xzAgyINrQECXzighM_uG17lSdWalZpcL3VE60B8QdlOm5F8lAC8d74BLWFwBA0yAJWnBbnEG1NVWlb8hTPKFNCBBZQ4ny4QxsBp58vvd8HkJT6w4804S_LGAuIDpGNwNsygrXi1BTSlXcJlXjTgFhuDmbDMC5_1LhxqcS1tXLCr5PoHSUqRhITjDYzGtaAe2CGzIaYClvwK4tVp3oUuAxegt8sy9ahyfnfFOB_asqb7_k8eiwr4qhefcUGIion0YTOGJt1sj_Be4ja2QwEEz3I_vlvRLfwmjJ24EuxjmNXJxQc-g9bZCVCBoLY0OGqyE3ZAHnRi7cHFD1uWWuiq0qldFiA3k4XOYdE614DlmtKtwIuM-WANiIoY4mvVRAJrO0o4FLLO_2b4vncQ4TgLa4-aGPxkYehaDE0VZF7P4uixKoGVz4w-cRfvjNoYOZ3M6A4yVed09ACJ6a46R4nThTaLBIdj2kdi5mcc1Vi8DTPPVFfEBr7A8M1400PJz3o4N8_Fxd2PSqioqRvEdKBZM7Qy8UhBP6dblE8rD9LAoECUfikyK5yI-ImSj6voxZpfrghPi-EHRZtkzMar48Eg5o70vgYJ2Y9gwdsrHMEdOrF0v4GM5YQobavQAvi3XMSrHbNTvI9A1aogrK-Qs3ss5eNtNFZzEvWmB8KPziy5wbO_vWJNEMcfcKYmIqXy_rQVVVCUtDS87FqyA6d3XKaXMwo5G1eVMlnHUIuk2VRWJ3kW4rzcSkmuoaYFYh2UYTaTFHRch2tygUff4v18JHkU9Hh0meHU-GeQRm9h2Nyy3yCfZLvQcMo7NbCd6KFjbz2QqierL5M5LvOZkTVJFRozapT4eXtnnn9AvuMD3dy59fY0rVeDOwjNGP01_jc-RVAY3PCVI7Mw_qLhaxlsHZrfn1poDSmltro0nblJfoeb_hngSZoIuPSr_qH9jZODjZcikLpQ0f3DDWfwFMDdpIoeETK1sVlIz-y9SueulPo2NnjNF5EpQ58TR5NPWHt1IBbvVUEYMUTYBMhXP16MLujAcSvOVi9a0RkXJek2jer_Q9VGnt0H0UKk0SwU5G78MbnOMKgXLoww93lmou0Pj7t7spFVX4kMtRtNs4i0Urh2iNfewJqWO-JAOeIGGnZuYGp7Tx4bhXEgnD2eRi8QyPThj1PQ34DiBV9fDCgv5WSee5Fs3SiIhB2YNSFDoBndWheo6CbPHBDUv13y_i-Qyyy1w_qTJ5HyfZJOYEg8GzQ_Vngu0ND27VSlUdwEh_c9cQjKb_erjgKwrA_a_tCAOlCZW9B5uLRjAnyfuCUD-t0UIx6aXNygQVlH2mdw-0jvxbQ-RWAxHXi29OY3dCpj06B4Nu6Y6rN3riaH858JKRvLy-YOOuPbNlT_nP_Wl--fSGHat1_nJjfLxJNz3UHFRKs55Sm0Zv4ajfLiHGUtEStiumBkkIZsQSen4frnZN1oqs7pyQZxMsiVVj420cjErbrUFa4LCJffRIzgoaDb15gClG-2WsUhXbnBuHKuM_60J3qusXoVuN9yq9x8masFVep--x13EATtcUHoSdasOM26_BVvD1AxNmEvJnejjKxqRoArRX5Jg8Ju9gVY00-C20m73IPfBWklQNibSDWqnVv0d2IDWGkI_pOyjqLdmLZKyHpFOAvJhSORmY6XAes7ecPCtNnld6MUILzCBtzmypp5qS7nGY1KpXrb0IUQ8SdzwXtvKn-02DaggGf8rk6NIuwilPa7tlPKN96nwHrBWlv8LL-WkEo0MUist6zQvAbUFm_Mu_5YqT60FPL4Ju-1GYbR_R4l5ZE32E8GaIW5GGEbbfUC2T-iUkjpgXTLkE4KWJgjRQLS92nSj2Ikemc8NdPJk5oeMUcn6-Oduc82L2N8wLyFL1Cf_Vf0d4YwLh3q5iiLERy_vBYNil1rSg5Nj8sg7PQ9a8vJX8PFwe_blRfBcI_uTFT8owSPU7oiD1oh1MQc6yfAcTwllCJhA0AeMdQM40CXlJlGFIxUUHErE5A7SvDQno5m7-kC2Elc8rYang-eSv5-3DDbkG7bjIrkS8vnqX_QpxTKy7AQyC7fY7IzhUxUHOKVI8Hb8tpbVBhT9zD0f7coUUXYz9HSm_MhApjflGYGEp584RUGgam89Kczs79RkYZSx1Q308ZiFMv2mh_8aQbcyJd3BuJY84BBq22W0Z2D9NHflDlGDi10b8m-AFh-KbGvCv4yl7LurYvo1u3YFMZP3L6ZKmRKTPkUw0TKOB-Czdx-zX3A0YpjAM9NfMJVtL1AKjVjQObY2dfjiRAt3wGutlQr3ZVl5Y1U4XYqSwSZGATXMtldTpREj0udQo_WUFA4Lo4LRbO51AVcbXNIeXix0QrE-rCcaCg7CLsKYrdMtqXu1_d4Q3OyxcipghS9BB8RGsPu7XLeqRu_E0mB7sLb2BULrRAwb37JEKJ6qfSydjQqmyFqtet7ReP2vcxHRNeXHxX1Kebzero_5vMkhyQIj6vwgzx4lameV3bFXIXvIDtOdeENpgKT7TbuN6Yoo0LaKWHAyHnUDeq_QCPFuLrO_sv3TQIJHsYD0auVmjPTd9v-SE3eZ_NZmS2UOrHZT4rZ-xl1wl1e_EsKOP31Q1gj1GTfAYKk_7FGHufEwH99hMnWvKwZRK1ayAacA-dSzqfV430LLylZjjBSAKaEF9I_JsySTt79ErNOHTxFNmQ_9pPnF6miryg9TIqgvvuDj50cy_oSldTaIt4zzbz7aNAzmfQtiyVUh4XsRg3FnXnnDeBSBSkBdkNJEzXJ5oP82KdO2J53HlvKfQ66QbvGe1_11zaNGZNogzWTl9hePLZd4Hz6KPFWcxYizTceLt0GoRRi1O9e2biA7IfDYpd_PnTs1n94sILyRZbyR4QPuWDhbHxSFgOUaZJe1oBU_H6MmanXGdE8Lhf6LvmSqEdwS1ZNICTO5yG1pZy-JKxiqQIJ6Mto3I9xyKrp8HiqpSqyAQ-J1c5tyzIkWpjMZTpatKu_2I2k2HrUwHdzgXcPRDDWJrigNrvaM6Z55VvfBm3sGZhxKK5tjhJ-etw05abR2LqZbvAK_axYL1sClJIeIF8gJt8v1Ur92zM&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=6841829248467980000&adk=1935140219&idt=145&cac=0&dtd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 03:29:33 GMT content-encoding br x-content-type-options nosniff age 41011 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11931 x-xss-protection 0 server cafe etag 11828260617052087593 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 12 Feb 2024 03:29:33 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 1B04	41 KB 14 KB	23ms 23ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdLZOt8SDiER3_XmJUxk0MsQYbGKjQnhVXWhjmevg86mfuxwrzIELmJUVXrzWVloZ3JdrKUp0u87_4_BYuwZzAmx6OOjhfZE841wQ9zeKCH-RW1HyWU_YQIds7GqWaDGyI4XEIhdbDmFjty5HABSyorIDwklFL1JKeClkhnIyO6zyxpKw&cry=1&dbm_d=AKAmf-ClnM8cdWG986J2ws-kZzQ4sMXrdtsegUFVaOSMRVLGgzVcvIO0RANo8Lx64Z9MrJLO4kHtFMyloiQg7zWTvsdwKAHAjmHTSZIpyPrECLexJgMjppIpwSc-ZtHmFrrwuzm2QxVHPDSyv1xHGxgA7PqeeH1Tbt8dxkXqs9z9U9tmtRgRFMnaEG3zf9Kiz92t82MJqctLvzh0P8wHpA-RobUsyoYiiPINgHzCRagi0OgVeS0pYXqduk-F2LjPfIcg9XFrBnZIGVIbNBk-NgOEfcmgrKUz5M61PGhl7AFyoFJp1odUJaorsUtH_yffKIrOWu-gyPwV-E9wrCxnf8wSa8gSqVshJu47IlA1bBnjJ9KZv8LBytFKRc1lZjjn8Gy5kN5EB-lhQJjNf0x8KZrB4MllXKWbSy-D0SoZE2f6nRG2MDhJ7sA6k39UJJAGdXmgCrkzu6W3fOzI8kJtrTYt6OyYBjzwFV36FHdKMF98m_6LVMvX9_KHrF4lC0y-cr6K3okTWlJia41ywCZaiQ2juElTq39ihNjdeFtSt3E4gmtQPiXRYJrstCsgviE6CwLZMVpA1bxLCUutenf6jbL_I2NtoSZLZg-rJf1U27ZIEQAZieTjUzYyd4JnvTvJEzmskWDxy1ScrnFl2vVw5j0t4zK8D4MCTCJG_rC2uSghluG_89soOtcWBbi-xsHGorxxn6dkkTpuJh6IXYB30xzAgyINrQECXzighM_uG17lSdWalZpcL3VE60B8QdlOm5F8lAC8d74BLWFwBA0yAJWnBbnEG1NVWlb8hTPKFNCBBZQ4ny4QxsBp58vvd8HkJT6w4804S_LGAuIDpGNwNsygrXi1BTSlXcJlXjTgFhuDmbDMC5_1LhxqcS1tXLCr5PoHSUqRhITjDYzGtaAe2CGzIaYClvwK4tVp3oUuAxegt8sy9ahyfnfFOB_asqb7_k8eiwr4qhefcUGIion0YTOGJt1sj_Be4ja2QwEEz3I_vlvRLfwmjJ24EuxjmNXJxQc-g9bZCVCBoLY0OGqyE3ZAHnRi7cHFD1uWWuiq0qldFiA3k4XOYdE614DlmtKtwIuM-WANiIoY4mvVRAJrO0o4FLLO_2b4vncQ4TgLa4-aGPxkYehaDE0VZF7P4uixKoGVz4w-cRfvjNoYOZ3M6A4yVed09ACJ6a46R4nThTaLBIdj2kdi5mcc1Vi8DTPPVFfEBr7A8M1400PJz3o4N8_Fxd2PSqioqRvEdKBZM7Qy8UhBP6dblE8rD9LAoECUfikyK5yI-ImSj6voxZpfrghPi-EHRZtkzMar48Eg5o70vgYJ2Y9gwdsrHMEdOrF0v4GM5YQobavQAvi3XMSrHbNTvI9A1aogrK-Qs3ss5eNtNFZzEvWmB8KPziy5wbO_vWJNEMcfcKYmIqXy_rQVVVCUtDS87FqyA6d3XKaXMwo5G1eVMlnHUIuk2VRWJ3kW4rzcSkmuoaYFYh2UYTaTFHRch2tygUff4v18JHkU9Hh0meHU-GeQRm9h2Nyy3yCfZLvQcMo7NbCd6KFjbz2QqierL5M5LvOZkTVJFRozapT4eXtnnn9AvuMD3dy59fY0rVeDOwjNGP01_jc-RVAY3PCVI7Mw_qLhaxlsHZrfn1poDSmltro0nblJfoeb_hngSZoIuPSr_qH9jZODjZcikLpQ0f3DDWfwFMDdpIoeETK1sVlIz-y9SueulPo2NnjNF5EpQ58TR5NPWHt1IBbvVUEYMUTYBMhXP16MLujAcSvOVi9a0RkXJek2jer_Q9VGnt0H0UKk0SwU5G78MbnOMKgXLoww93lmou0Pj7t7spFVX4kMtRtNs4i0Urh2iNfewJqWO-JAOeIGGnZuYGp7Tx4bhXEgnD2eRi8QyPThj1PQ34DiBV9fDCgv5WSee5Fs3SiIhB2YNSFDoBndWheo6CbPHBDUv13y_i-Qyyy1w_qTJ5HyfZJOYEg8GzQ_Vngu0ND27VSlUdwEh_c9cQjKb_erjgKwrA_a_tCAOlCZW9B5uLRjAnyfuCUD-t0UIx6aXNygQVlH2mdw-0jvxbQ-RWAxHXi29OY3dCpj06B4Nu6Y6rN3riaH858JKRvLy-YOOuPbNlT_nP_Wl--fSGHat1_nJjfLxJNz3UHFRKs55Sm0Zv4ajfLiHGUtEStiumBkkIZsQSen4frnZN1oqs7pyQZxMsiVVj420cjErbrUFa4LCJffRIzgoaDb15gClG-2WsUhXbnBuHKuM_60J3qusXoVuN9yq9x8masFVep--x13EATtcUHoSdasOM26_BVvD1AxNmEvJnejjKxqRoArRX5Jg8Ju9gVY00-C20m73IPfBWklQNibSDWqnVv0d2IDWGkI_pOyjqLdmLZKyHpFOAvJhSORmY6XAes7ecPCtNnld6MUILzCBtzmypp5qS7nGY1KpXrb0IUQ8SdzwXtvKn-02DaggGf8rk6NIuwilPa7tlPKN96nwHrBWlv8LL-WkEo0MUist6zQvAbUFm_Mu_5YqT60FPL4Ju-1GYbR_R4l5ZE32E8GaIW5GGEbbfUC2T-iUkjpgXTLkE4KWJgjRQLS92nSj2Ikemc8NdPJk5oeMUcn6-Oduc82L2N8wLyFL1Cf_Vf0d4YwLh3q5iiLERy_vBYNil1rSg5Nj8sg7PQ9a8vJX8PFwe_blRfBcI_uTFT8owSPU7oiD1oh1MQc6yfAcTwllCJhA0AeMdQM40CXlJlGFIxUUHErE5A7SvDQno5m7-kC2Elc8rYang-eSv5-3DDbkG7bjIrkS8vnqX_QpxTKy7AQyC7fY7IzhUxUHOKVI8Hb8tpbVBhT9zD0f7coUUXYz9HSm_MhApjflGYGEp584RUGgam89Kczs79RkYZSx1Q308ZiFMv2mh_8aQbcyJd3BuJY84BBq22W0Z2D9NHflDlGDi10b8m-AFh-KbGvCv4yl7LurYvo1u3YFMZP3L6ZKmRKTPkUw0TKOB-Czdx-zX3A0YpjAM9NfMJVtL1AKjVjQObY2dfjiRAt3wGutlQr3ZVl5Y1U4XYqSwSZGATXMtldTpREj0udQo_WUFA4Lo4LRbO51AVcbXNIeXix0QrE-rCcaCg7CLsKYrdMtqXu1_d4Q3OyxcipghS9BB8RGsPu7XLeqRu_E0mB7sLb2BULrRAwb37JEKJ6qfSydjQqmyFqtet7ReP2vcxHRNeXHxX1Kebzero_5vMkhyQIj6vwgzx4lameV3bFXIXvIDtOdeENpgKT7TbuN6Yoo0LaKWHAyHnUDeq_QCPFuLrO_sv3TQIJHsYD0auVmjPTd9v-SE3eZ_NZmS2UOrHZT4rZ-xl1wl1e_EsKOP31Q1gj1GTfAYKk_7FGHufEwH99hMnWvKwZRK1ayAacA-dSzqfV430LLylZjjBSAKaEF9I_JsySTt79ErNOHTxFNmQ_9pPnF6miryg9TIqgvvuDj50cy_oSldTaIt4zzbz7aNAzmfQtiyVUh4XsRg3FnXnnDeBSBSkBdkNJEzXJ5oP82KdO2J53HlvKfQ66QbvGe1_11zaNGZNogzWTl9hePLZd4Hz6KPFWcxYizTceLt0GoRRi1O9e2biA7IfDYpd_PnTs1n94sILyRZbyR4QPuWDhbHxSFgOUaZJe1oBU_H6MmanXGdE8Lhf6LvmSqEdwS1ZNICTO5yG1pZy-JKxiqQIJ6Mto3I9xyKrp8HiqpSqyAQ-J1c5tyzIkWpjMZTpatKu_2I2k2HrUwHdzgXcPRDDWJrigNrvaM6Z55VvfBm3sGZhxKK5tjhJ-etw05abR2LqZbvAK_axYL1sClJIeIF8gJt8v1Ur92zM&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=6841829248467980000&adk=1935140219&idt=145&cac=0&dtd=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Jan 2024 11:54:17 GMT content-encoding br x-content-type-options nosniff age 356327 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 24 Jan 2025 11:54:17 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjUzOTk4NDk0MTIzOAogIHNlcnZlcl9pcDogMTM5ODAyNTY1CiAgcHJvY2Vzc19pZDogMTg5NjQzMzM5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1MjkxMTY2... ad.doubleclick.net/ddm/activity/ Frame 1B04	0 497 B	65ms 56ms	Image image/png	142.250.74.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjUzOTk4NDk0MTIzOAogIHNlcnZlcl9pcDogMTM5ODAyNTY1CiAgcHJvY2Vzc19pZDogMTg5NjQzMzM5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA1MjkxMTY2CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9tZWxpYS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMjMxNDI1NDg3MjM5ODc3MDc1CmRlYnVnX2tleTogNjA0MjU5NzM1NzMyMjc4OTE1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0yOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUyOTExNjYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODI4MzUyNjYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg5NTQzOAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxOTQxMDAxMjg5MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzNzc0NDA3MgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9tZWxpYS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzU0OTc0NzIwCg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0x5d2e3b1ea687f2570000000000000000","13":"0x5d9c9466c0085ec10000000000000000","14":"0xb7aae90a6b235f5f0000000000000000","15":"0x411c147a20d70b1a0000000000000000"},"debug_key":"604259735732278915","debug_reporting":true,"destination":"https://melia.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["5291166"]},"priority":"0","source_event_id":"231425487239877075"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bootstrap.js Show response s1.adform.net/stoat/631/s1.adform.net/ Frame 1B04	37 KB 17 KB	130ms 29ms	Script text/javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js Requested by Host: a1.adform.net URL: https://a1.adform.net/adfscript/?bn=70055959;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&sig=AOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA&client=ca-pub-9837065932233532&dbm_c=AKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs&cry=1&dbm_d=AKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk&adurl= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 3e172351681175a64b1e409719b4e5275cce06c8620547ce26fe08f6a669198e Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding gzip last-modified Tue, 19 Dec 2023 10:28:27 GMT server nginx x-cache-status STALE vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=100000 expires Fri, 19 Jan 2024 16:52:30 GMT
GET H/1.1	200 OK	request.php Show response hal900020.redintelligence.net/ Frame FB13 Redirect Chain https://hal900020.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&cl... https://hal900020.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...	613 B 937 B	135ms 87ms	Script application/x-javascript	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2I5L0Lu3ZYLoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QJ8SInbGhb2tP26GQMTdbdJo2Q4ecNkbpg3qOaQYl6qxCmccVb1CAcfqSFUE1nST9vYrZbTxPnorP_OIQPoDAG-8t9pFQczA3IEJvyyubdXygI8vsu2tSHUld6mI7ebZDB10qcOT9IabLOnu8RPBPXezNK7lgane-8FqrpMskXA3WjlHiDGeXQixVniVVE6LTsfrjnT-OmvorlniY12Am33Ci6P9Do-_FH-GEa9ETZZ27hOm8eSXiYo0fdhxdEreM9c808uuBNn64D3eWN88LO6tJBFoNOlUSuUTJ6E5r9vU0FKRJZtit_5GtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_2eMpbC8EpIBX1f4OrlQnjWyH9BQw%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BYdrLPOUVoaW0DpwdZJVf5CFlgHbrl15wj30LuvhsN93f59gCB33rGc92TGjnQkhBe5TBCSNhew1rwmTwn4RiqQXKWBl1lqFtaPVWy8aUpurVqdFohrV4Gry9hCwkMa-LAlhcB8LwPSkvIszKiPUvgfajr1Qvk_lCeD8QWWFWyl0gzwkc%26cry%3D1%26dbm_d%3DAKAmf-Aa74zHEWMqu0hpNsy6X5dyNHAnvEBV1cudGHJOXJzuZ-kWUvOsVargh1CYITWrQHPpXOBUH6mpr5I3GEwgx1ivGil0c0W4OqLW9kuk02LbWFg5hikwl_p1RYmuPWKxxob7dKeX6omTyy6tfhb7LZ6tvWufRdhVRnaS9NfYlUSYrUt5gU2aF7CjqNmzyDGSL836SohnCLuP7hf_9FBUY1eix27UFOja3-RYSariiMDLGHxundDK_vUbUXIoqspCvoPPdhtp-9cqQzoOXGXfBMvOaBJJS8m66UWEB64Mtwv7F8eH2xKOrEyt0OYo3DOcGKip8CUiDQcn01vyemCcMmnh1We4LExOOkvSQDCvBV5Ed-LO7SRalpLkfKWZO7Ro8CgaPpGpOZs8QC0OyoKw2YW47hfnnnTSF3ucD70VVWrAaPZKSWXuQbvPyGoACCsTq84IqPkVa5SS8QueLzTLgXBObHdqCUqm1vJyN821u_2ypJrxdkEnIc9GLMdIpF2PqZXOYk8iH0bYfM1mALK5lj3ywepb1drd9M9hq3mGQwc5W-cDVyAZlWb3XA5YSeM2oELIjnsq2RyWHUlw2CJM7yt2_hVoQPSY326a1mlAInYkoLXKo8M%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-9837065932233532%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=8235424317486&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash 4c9a4d6a4b12c984ec23eb85806435064fef1c0eace9589625997693b36884d1 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 29 Jan 2024 14:53:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 25254400118535004438272012584020 Connection close Content-Length 331 Expires Mon, 29 Jan 2024 14:53:05 +0100 Redirect headers Pragma no-cache Date Mon, 29 Jan 2024 14:53:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2I5L0Lu3ZYLoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QJ8SInbGhb2tP26GQMTdbdJo2Q4ecNkbpg3qOaQYl6qxCmccVb1CAcfqSFUE1nST9vYrZbTxPnorP_OIQPoDAG-8t9pFQczA3IEJvyyubdXygI8vsu2tSHUld6mI7ebZDB10qcOT9IabLOnu8RPBPXezNK7lgane-8FqrpMskXA3WjlHiDGeXQixVniVVE6LTsfrjnT-OmvorlniY12Am33Ci6P9Do-_FH-GEa9ETZZ27hOm8eSXiYo0fdhxdEreM9c808uuBNn64D3eWN88LO6tJBFoNOlUSuUTJ6E5r9vU0FKRJZtit_5GtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_2eMpbC8EpIBX1f4OrlQnjWyH9BQw%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BYdrLPOUVoaW0DpwdZJVf5CFlgHbrl15wj30LuvhsN93f59gCB33rGc92TGjnQkhBe5TBCSNhew1rwmTwn4RiqQXKWBl1lqFtaPVWy8aUpurVqdFohrV4Gry9hCwkMa-LAlhcB8LwPSkvIszKiPUvgfajr1Qvk_lCeD8QWWFWyl0gzwkc%26cry%3D1%26dbm_d%3DAKAmf-Aa74zHEWMqu0hpNsy6X5dyNHAnvEBV1cudGHJOXJzuZ-kWUvOsVargh1CYITWrQHPpXOBUH6mpr5I3GEwgx1ivGil0c0W4OqLW9kuk02LbWFg5hikwl_p1RYmuPWKxxob7dKeX6omTyy6tfhb7LZ6tvWufRdhVRnaS9NfYlUSYrUt5gU2aF7CjqNmzyDGSL836SohnCLuP7hf_9FBUY1eix27UFOja3-RYSariiMDLGHxundDK_vUbUXIoqspCvoPPdhtp-9cqQzoOXGXfBMvOaBJJS8m66UWEB64Mtwv7F8eH2xKOrEyt0OYo3DOcGKip8CUiDQcn01vyemCcMmnh1We4LExOOkvSQDCvBV5Ed-LO7SRalpLkfKWZO7Ro8CgaPpGpOZs8QC0OyoKw2YW47hfnnnTSF3ucD70VVWrAaPZKSWXuQbvPyGoACCsTq84IqPkVa5SS8QueLzTLgXBObHdqCUqm1vJyN821u_2ypJrxdkEnIc9GLMdIpF2PqZXOYk8iH0bYfM1mALK5lj3ywepb1drd9M9hq3mGQwc5W-cDVyAZlWb3XA5YSeM2oELIjnsq2RyWHUlw2CJM7yt2_hVoQPSY326a1mlAInYkoLXKo8M%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-9837065932233532%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=8235424317486&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Mon, 29 Jan 2024 14:53:05 +0100
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 14DC	41 KB 14 KB	36ms 36ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBxde4fHR3aOyk5FVxf51ZVC8lPTUq2Lk7EzMWAjoC4h1RiHPYIYKx85QHrm1-OPcD8mC5END4MTckPOIv2AsQyWEeArg6CnC-Bn0ys2b8QimrDQL-amq1MGcMf7xb3TMcldRlUuLCWLKfYARuZkgBSqty8sZ-J2QjsKsUxXXkn9TIucc&cry=1&dbm_d=AKAmf-AtD2toO6UNTlk3-Ah_G4TugRNR-7fFRNAz6VEg5UYRzTxSP90vt_0DI_5XSG8u9zEPDm52xD9bbdr5OacvTWg-NuWQFI5R3yC0oMGuoxGmdqlQRVNQxbWACihKJIFlwU02kZoPQ9EpWPqVDnemcMH5tEF9pVYNECFDwKtM-79O28_BewWuOFPbaZuJAc_YdLgIaqRYZ37tvA9IZqb7tKZLv_mkwLEmQ4pQ6hnRM_8DyPUKhq9V65gQddnPc2JLZ3GvhtBZ3UObPDK-Jx2_GrkT2dT8UXYszD2QklHUtDeNc2qn7NBAteMuRMhkgMpDR4t8IMww27lryvmQl0EpLfciql9OS8fBOoACH7v2uHegks85IKmFa4gbXYNrJlx21U4Tti-VlY8gLb5oL0n463wLEnvIEX9Ujz9rxisq7KfTInd6aVOhXYa2zmlyKmlcFHhGCI2UEsbQ_sTeyAO9DAw-NEleaTqUdnBN7LjufgnxYas_cuX7CIffZRtYWwI2odvXLGxjyx7xb5CyW_WpzQA0s9zNF7M_xyeQ0tVcvUthuAOulhhkmAjgCKYYBDCkKnX9Bxjy14q3-xo0g6d_e3CtELMFc2BhajV6jrSPyCXRHo4oKdoJAaD8fTPtiSFXwJFBOcKQw5_5H8pC5M4gsEn__RqEx8hiKdtMpzDn-q0NdamQZGKQMILKdWOA23NmSr87PRWnvEaaPgpF7wAZT8kBGjcfUH7Z2A_v6fRR1yR73VPcTsYenmiPx3tcfy0IzTr4rzHyvBsrggMqzOimw9K-LNepPV5L6raUHL8F7XGbfOZCcVUU03_ZsVv3OCI4aX9tN73BMvC3K9G0U1-Vf5nMCA5Ds4XZEr2uzMjwYVr62jqaIW7JA5m0weNMEm-C6nctplJzczhNbSK3dbN_lKwAHX7lOoX9gc64PfuACmOpCHjE8i8EMSjy0u8P79E1hAqUvImn9ikOe8_3Mumrjq2fXst1VNrcK3LZQKZZwmU84cOEN4DNb3VVuJvnANZrc7hghusaA8HCcwbS67yiCx7kEL4OUPM4VWCV4gyoeEjOg4NuSL54EGuwTpc_YgMCY2Z4VnuJke7CMtyM0gIUYMFiO0Iiojkzj6s_KRlrI0cjPLCOGJk5YjskaetaJqBgEMUeBdXbrtqzfmxg4AflkrOBc-0bp90Cw6zrsq8yVgwdndY7gX_tJrF-bz9tEcg9lAluiFfVLqLJlaZmUPd-3rrCR9kjhHc84k-2xXoXyvmoMiFy1xBA-0g8-KngZkNqo1fY5Rsg5iPJa4RxsKHvnRYZra3hdg6icNpxCQVCHLfNr9-TLayvkAiU2HDFMH51Ukdqb3MDMGuMsCsyve81Tvqh7UOGl7qzLJRP02hnrorDMIAlwvTCAyLPLJKHn_eFlseA_faANOz54LsgQZDnkMaTptgJdwSYnkXMNMHyVsfWgUgCwHtZ1PQalIrrdU0H12501JqaSmzIR2_ihDW0_GhbEv3i0U18NM-f5x_ttPKHhvPgOi64O3egHuBHlfKDR3uFiQnRekCunMllZ52i6pjGVAWsOQuGkCBhJ0vZee7fdKApD563KSYrSU6JX3VHJGGxMCFGRu2DeTbqB-T4iz7Xo4bZ5mOm5t3ZqAqdQuuXGB0lym11DjNPrI3wWHrByu3PhJb2OB1o_rTrMi9dN-HacDislHXKPBiYbqPatYwAHKe7McKV8i7xOjKLm_qqWrJc23iQG4R_ylrwtD42q_qiL05JYsU3ORkWsT8tJmjVT5jQ2obb1ZeqIOqefMFk1lWqdRnK5oI62o3Wb5r5Aenm086MRV3f8lDNZAq0T5XA7ooxiS5AJ1dsC7Yx-HaQSiNt8ZhYDbenaZOHVx7FwxNc2kEAVENpMuPS-p1c-eoWoIDgCTr9-NduCuLRumspd_-avG3SB3OMJq4Yl9Xagu6Y-EqQqAr9HMk_4W2VbfcWTL4CaaifKMrLG0ifPZhFiEw6HF6OdJV1ma6jMXL5lbC-Y2cOKFWEB0_Zw6TcwLBsZdCWBh424V7mNHF8Ye4rbKVCShSeRi_qs-0-cDf_7h1UPuW4r83WVhsNyLE60NTMlUMKPWzXeZPUvy6uows7SInGDZlanbUGxQcfJZ4ISuWhTzzKQYCdPqPitia1vSCwQKKgAvOq94-pJfzbr_9Gm8s_Z-toICxcOyCKBRRaDqLV39DKvHI_uZFWmTxdqL7oLGymBIW74df5RA09uS0RFmUpAiMWPGyVvGCgulXECokdtoMrrEcv5-3Yrg9P0yGD-xYwo6scdal61CO2AdCGA-MNAsj2fQdSd5uz3GPlnQ8kIahgTRe4PN47Qp9wZi3d-7Hpd8dXEKNicgJF_yApTz3ddNeE9zJNqAXemDJ2nEy11TFS_u6cknZJh7Bu-a5r7Wy56e1gEIM86LLG33_I9Dg7faaCymfoksLHLJxLNeuPgHqDejuakRejTp-q704ZaMmtRu3aOFrI5Ca38CCkphfzx-siV7M6hUcWLLPWl3kM6ab4qIo6YNwWMzaZlEiF5lmlHaUKXIfbDCpaaIIjawYEqY6pZ-mZIMonIkS-G1eeu4sV2u81znDMI_HPIAUrBbCbEXmONgunxxI209Aca6I_o6nfqTJTB__dIftXDPY0OmjC_Z7bMj3DhoRIHOawE4Ad9KLm80WdVrJ18Vod0mAks-d5T0G2UasmZDbHZj3fVAnIElXhgKchC9ExwM78poHhmzpvt8EFIHDQmnGBnc2hJgUm-WZMEYokrlBsA0ifRuYpALeNqk6qhkDk7VP3kOLJuq_nnbPn4Bu9wA9cAwl01o9mI5kljjbd1x3bRmzJ1iy8w70ty1ZJ6XTWIc6Q8gVK1SG82Z6htXzd_camPRRe8lzNy05YzruKj5kecPy-8Awd1NyqqJWefF7xnMEuIi0ETNrrEHp5BfmWNxcyRvzv_iUYOK98d_J3xgSh0tEKQVCf2Pjb-_mcje18W5FxuqYQgdeFibOAw0WlHLQa0Aq0lWX3NmN0PDLio457CeIhCKx4zTAGh_nJfIccgPGgXGCEk-o-f7tFDI-e8Egps9QE1skqTP-mhnyOJe7e1R47o_bIemFOd1irJzG5o_fOVw-w6vKNTMFStemVbJPOc0XcxoqT_4e7BwQ835lXrIIZRn-D83ZRpYn32Q1dkAuAV8F6dRkITOFzEhlQ5EZoCKkngvtfZLg-cPGwBsognEnRgdd3VynZX7zoFY1mW80sRPFNVg8iw5SDRqBvgr0wm7WbhgTvJxvLVd9ekhNHNUiVyfm15SQDF7zO6vMOCdaMqr0RC81YPgkPM72jIdUoa_pPzyZyQ0OvAcFvHbPQUWC5i-9CDv0fhdq1TfEI0hIK7l0yvPQ-63cw0YaGJEAzSU4lFuHfAaogNclU8LfQHLXG46I6HnKqdohCZgC7Ez7fdsAVugRUIZtskB-c8hmNaP16fD3HrW2jNy0rppk8GS-VyLzhO1o5koiNErYQlDFR0uufzKYb-I5MouPvHqoR-9YA8Ax-IEH8qOXIgz0ZUzBboA1a58-ZswvVD_6Goi4DLzAV-CP9QfHspYjJ6AJx2F0t61FTA0a9vM9FPKh2MbYXLgeO4erWoFODRzOPv24Z7hygXU7sBtlmcod9gVFe70hAAxnlFC-uy1Xptg_jl7Wk8rLWbGNjmA5H-a3ujbdi2b9Ws0HIGhLlQg6ChIIdeQFz05ROTFqJBbVaK9tzBkyuLaCcC3nK9Oz-6PO9F-4Fp-epdlY5bubeeLT_irF_WsF69pHDKnbXJK3Cr28k64oYmJk-81DYtu-0KKDAX06lz7PYTwf-KXj8CKrmuAOsnQNNozPEOMwKStN3Q8IW5EBZzb1luQV4ykaASHlqdUuvl-sLBeIunglkpXFdSsa8hyxVCRRWteFF_JvadJGGQ83mR3h8cQ&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fraovat49.com%2F&ds=l&xdt=1&iif=1&cor=4333941170271662000&adk=3062569611&idt=176&cac=0&dtd=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 25 Jan 2024 11:54:17 GMT content-encoding br x-content-type-options nosniff age 356328 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 24 Jan 2025 11:54:17 GMT
GET H2	200	attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjUzOTk4NDk2NDgxOAogIHNlcnZlcl9pcDogMTM1Mzk2MzI1CiAgcHJvY2Vzc19pZDogMzU0MDE1NTgyNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0... ad.doubleclick.net/ddm/activity/ Frame 14DC	0 507 B	65ms 64ms	Image image/png	142.250.74.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjUzOTk4NDk2NDgxOAogIHNlcnZlcl9pcDogMTM1Mzk2MzI1CiAgcHJvY2Vzc19pZDogMzU0MDE1NTgyNQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA1Nzk5Nzc2MzQ4OTU2OTM2MzIzCmRlYnVnX2tleTogMTc5MzA4MzYxNTE2NDA4NjQ5NzQKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAxLTI5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIwNzAzMzUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjYyNjc5MDIwOQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNTM4MTQ5MAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDc1NDk3NDcyMAo Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f6.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"12":"0x5d5c0de4abc214df0000000000000000","13":"0xbc89ca425f96bc6d0000000000000000","14":"0x79f5cf5341867bed0000000000000000","15":"0x861a79e9211f251a0000000000000000"},"debug_key":"17930836151640864974","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"5799776348956936323"} server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type image/png access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	70so8an67my2 Show response hal9000.redintelligence.net/zone/ Frame 14DC	11 KB 4 KB	74ms 26ms	Script text/html	138.201.63.117 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal9000.redintelligence.net/zone/70so8an67my2?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3j0M0Lu3ZYPoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QpxFj0Bi4Po1QhwmJOiCKyu-vC3ZTUrRM-_tD9ois1T5wc5QOPp5hizkda4aeyXfRsZUPt96FXqj9XoDZCsKSfFo01UOumJBToBKvSXgkfVJFmdMq44N7tyS5QQQ3qw9ZNGROoKP_QezeDudztqYq20oQl5lyf1ALtEfGiDSTzWHBrpvm0eScITvdeMkF77_aYzRfYIhzQGgH43KX2_6f0i0BrARA-RdIuUdCSkqJf9rgDZz9xJUalMH1IrxhPVqiwkXSf770dzU0wu0ssLsCrb3mnk4OoLZsKdhCSdCaMR8yxj_Q2jGb9WIJwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_1DuKO0cKaYDg4kFm9ihUj72mVVJA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BxiKAl7SZ-fVFBpKDlMFDRAqfsa7ZI806Z6rqHWbA57j0fBh3I2JrdkXkvYTkdlZ241w-5KbwADArlVashj7IXi3Ru6K6fLsBlibuMOUjckNH_E3FiXcqqbhS-SYC4PsFnxEGN47ob_3MDAe-9u8Z-SC2hadvGeSW4UOxVOJcJdHE5T0Y%26cry%3D1%26dbm_d%3DAKAmf-DsMZVgJfrVG-KfBzMRECx4xQAUjIofKlDQ6gVhfl1ltEZaDMb4SqwGgGt05wmo2XxvE8mdaoq2YN1s86jhOarAtYRKhzC-OVeyo0539FKi5YzVzlBqRNC9w0fyxaT1ueUMoIHN3ofkUQRy2U8jEg6b4HCYA3F7hcw8TCbQBq5Y1C9OsQdXSqxUyWcL1bl3C0NbUI7EL-6TtiFh3YD7o_BvcF4L0uUpri7ya3l17-YTrM3tyal1RwNYO0kiv4mTj3Gf_s26blSs0Qp21UuHOfe603qrSTqo5boE5ETBzVXmn5AhBgHL-jBrIFzj9-BSeoyOw3hZ0EAPXn6gzqgL6hl1olmL9h3gXUJADqqqIRCyzMp9Z1D7fucfbaW0y9TMPfphAlZ-s-BwH6vzqjbQscRjRBMKWYBaGDMzaszL1_ALWwJdZI-2QppWHgUNgWP4Qb2hiRdkvbaUY7p2DSjSAn5mvixblSzEvM-Bb0Tb1HFEONGYmFRc-i00_H98rL4wOYQOTvUjWH7z7e5DUdgeK9Nwoj0UJ3ZghhzUI1z1BAPzBU8ZTp6Dn-u96MDKB6YLUt9J3q0ATUZlZi266Vz03SWXK70sBQDzEAta6laTkaeWZgBi-l0%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.117.63.201.138.clients.your-server.de Software Apache / Resource Hash a0b6500fd9947cdb6e680c4b70fcc65c623fd3ba9db5e53c8103830ce24d68c8 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:05 GMT Content-Encoding gzip Server Apache Connection close Content-Length 4192 Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 65B5	38 KB 13 KB	36ms 36ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 356328 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 Jan 2024 11:54:17 GMT expires Fri, 24 Jan 2025 11:54:17 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 1027	38 KB 13 KB	38ms 38ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 356328 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 25 Jan 2024 11:54:17 GMT expires Fri, 24 Jan 2025 11:54:17 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F0AD	0 20 B	173ms 173ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BB_sJ0Lu3ZezjNLWAlQfSsYfwCAAAAAA4AeAEAg&bg=!MTKlMn3NAAa8BdJLnAU7ADQBe5WfOOS6gpuGd4bVCOa7UfYizW8y_M-QA9rYVYFW0rLZvN3raUFKMlnQr45L3IoS0H7UAgAAADRSAAAAAWgBBwoAgpg6GkdwJUbRmr7aggai07qK8y88jKmbDPRZyC65H1tKXDV6zrDHtYbUVhl3x4102AKgEouE0xo9oNHcvg2QHN7UqSQQm6CfPt5JLMxCjyLd7xeCJF3l0wKeu7v3pNalV89zXNDXcROaHQlU-cMORqAK3cZFpQQQjXWyhVSS9gKywVyZAwVxFL_il8wYlYdjVLB2xW-Yn6biDhl_FP9VUwT4wJlgKPgbzHCMWImo-yq2Ydoc3O5PT7UkZ37dpttZpTNSQuLj8V9ouuFu9KbH3eW0JH1TuLueWUr6j_aoMZIrxEa0n57Ct5rtC7KdEh3i33YzRTNnO_mohkXk113VitnQ15n7uHO46bOXfIet8TKSzT734wG8nKClEl64BtNLqesLdiRnWCPN-xkIqJQFvK0ccipXGUoGiHSK_Qvz3Gg91H7XWdiIbxocpuw1sRqZHyP1FYiNM8nuIuzkE3hzqmwkI01REP50vSZyN55v9-xTvTMErLh-zLn9OpK98Ki_6gwAIrkvws4Ls6iXv_cOPq0Sd0xqlrRyCGbL9Z6Tpkl-AmGM2WZmzJtY4b4RG08j516KBgo4WnZubCWzinybfhjlqni7ETDx4Uxj3HO3CDZW6FHIYeGtWl6DcvEU5PQv7iKoYm44ObFpSs20aVo8E_0GVsH0HGx-AKIZrOCCsQXcUcRPvaW2RtSM65Us9rX4nBCo0R5X1aLR4r-mNDvY82p7b_f2Q5elegXatvnNBiYxfB3SgZTAV-1KmGqxmODcCuQVN6sLu49VEEM6TAeTsZOhTIgtR_ZA8_UcbMJzzbdKlqn6_n5wRLgK7vsYCLhGGzaskUtjypcQspk1CY6PVF_Ix0JE4NTw418zAlaSBPf-0FRoh39TfPiVU6lHZVFz0avL0eBXMmwxeDRGXjkMpT1CtbgeNncOEfVZqDyU8hMZWSBU-31162K6Xu0QyZ5H0k4OveUR7KBceV4B8D7DsV9BHDtcHA4qBg02bHogrpH2VZEiKa9wJ1tiwAtDfK8LSlKb_66x0lCQ7Qkk-sComAuCAv2xWh3PMeT-bJmSh-Mma-7YVQtIsUNcZjJ14FJBEwUF_fC7blYFhw_wSdW462YxDT89VhrK1LbPCU8KgC3MPQoGCN9LGZZgwjB1xZW7Yvr0wEvxCwuWNPzXWoauswpu_UnpZiUeqHwlGGTe-AI0wZGbeWJgdmgdlg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 65B5	39 KB 15 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 09:45:49 GMT content-encoding br x-content-type-options nosniff age 18436 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Jan 2025 09:45:49 GMT
GET H/1.1	200 OK	request.php Show response hal90006.redintelligence.net/ Frame 14DC Redirect Chain https://hal90006.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli... https://hal90006.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...	612 B 937 B	153ms 105ms	Script application/x-javascript	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3j0M0Lu3ZYPoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QpxFj0Bi4Po1QhwmJOiCKyu-vC3ZTUrRM-_tD9ois1T5wc5QOPp5hizkda4aeyXfRsZUPt96FXqj9XoDZCsKSfFo01UOumJBToBKvSXgkfVJFmdMq44N7tyS5QQQ3qw9ZNGROoKP_QezeDudztqYq20oQl5lyf1ALtEfGiDSTzWHBrpvm0eScITvdeMkF77_aYzRfYIhzQGgH43KX2_6f0i0BrARA-RdIuUdCSkqJf9rgDZz9xJUalMH1IrxhPVqiwkXSf770dzU0wu0ssLsCrb3mnk4OoLZsKdhCSdCaMR8yxj_Q2jGb9WIJwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_1DuKO0cKaYDg4kFm9ihUj72mVVJA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BxiKAl7SZ-fVFBpKDlMFDRAqfsa7ZI806Z6rqHWbA57j0fBh3I2JrdkXkvYTkdlZ241w-5KbwADArlVashj7IXi3Ru6K6fLsBlibuMOUjckNH_E3FiXcqqbhS-SYC4PsFnxEGN47ob_3MDAe-9u8Z-SC2hadvGeSW4UOxVOJcJdHE5T0Y%26cry%3D1%26dbm_d%3DAKAmf-DsMZVgJfrVG-KfBzMRECx4xQAUjIofKlDQ6gVhfl1ltEZaDMb4SqwGgGt05wmo2XxvE8mdaoq2YN1s86jhOarAtYRKhzC-OVeyo0539FKi5YzVzlBqRNC9w0fyxaT1ueUMoIHN3ofkUQRy2U8jEg6b4HCYA3F7hcw8TCbQBq5Y1C9OsQdXSqxUyWcL1bl3C0NbUI7EL-6TtiFh3YD7o_BvcF4L0uUpri7ya3l17-YTrM3tyal1RwNYO0kiv4mTj3Gf_s26blSs0Qp21UuHOfe603qrSTqo5boE5ETBzVXmn5AhBgHL-jBrIFzj9-BSeoyOw3hZ0EAPXn6gzqgL6hl1olmL9h3gXUJADqqqIRCyzMp9Z1D7fucfbaW0y9TMPfphAlZ-s-BwH6vzqjbQscRjRBMKWYBaGDMzaszL1_ALWwJdZI-2QppWHgUNgWP4Qb2hiRdkvbaUY7p2DSjSAn5mvixblSzEvM-Bb0Tb1HFEONGYmFRc-i00_H98rL4wOYQOTvUjWH7z7e5DUdgeK9Nwoj0UJ3ZghhzUI1z1BAPzBU8ZTp6Dn-u96MDKB6YLUt9J3q0ATUZlZi266Vz03SWXK70sBQDzEAta6laTkaeWZgBi-l0%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-9837065932233532%26fa%3D4%26ifi%3D7%26uci%3Da!7%26btvi%3D6&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=9626712546942&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Server 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash 0f2da9354ffa29d0d31d20f4b9f9e421940bd198e06d8adda06ce7a408b2a1b5 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 29 Jan 2024 14:53:05 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Content-Type application/x-javascript; charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 X-NEORY-SubId 83794000117851504438272012584006 Connection close Content-Length 331 Expires Mon, 29 Jan 2024 14:53:05 +0100 Redirect headers Pragma no-cache Date Mon, 29 Jan 2024 14:53:05 GMT Server Apache P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Location request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3j0M0Lu3ZYPoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QpxFj0Bi4Po1QhwmJOiCKyu-vC3ZTUrRM-_tD9ois1T5wc5QOPp5hizkda4aeyXfRsZUPt96FXqj9XoDZCsKSfFo01UOumJBToBKvSXgkfVJFmdMq44N7tyS5QQQ3qw9ZNGROoKP_QezeDudztqYq20oQl5lyf1ALtEfGiDSTzWHBrpvm0eScITvdeMkF77_aYzRfYIhzQGgH43KX2_6f0i0BrARA-RdIuUdCSkqJf9rgDZz9xJUalMH1IrxhPVqiwkXSf770dzU0wu0ssLsCrb3mnk4OoLZsKdhCSdCaMR8yxj_Q2jGb9WIJwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_1DuKO0cKaYDg4kFm9ihUj72mVVJA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BxiKAl7SZ-fVFBpKDlMFDRAqfsa7ZI806Z6rqHWbA57j0fBh3I2JrdkXkvYTkdlZ241w-5KbwADArlVashj7IXi3Ru6K6fLsBlibuMOUjckNH_E3FiXcqqbhS-SYC4PsFnxEGN47ob_3MDAe-9u8Z-SC2hadvGeSW4UOxVOJcJdHE5T0Y%26cry%3D1%26dbm_d%3DAKAmf-DsMZVgJfrVG-KfBzMRECx4xQAUjIofKlDQ6gVhfl1ltEZaDMb4SqwGgGt05wmo2XxvE8mdaoq2YN1s86jhOarAtYRKhzC-OVeyo0539FKi5YzVzlBqRNC9w0fyxaT1ueUMoIHN3ofkUQRy2U8jEg6b4HCYA3F7hcw8TCbQBq5Y1C9OsQdXSqxUyWcL1bl3C0NbUI7EL-6TtiFh3YD7o_BvcF4L0uUpri7ya3l17-YTrM3tyal1RwNYO0kiv4mTj3Gf_s26blSs0Qp21UuHOfe603qrSTqo5boE5ETBzVXmn5AhBgHL-jBrIFzj9-BSeoyOw3hZ0EAPXn6gzqgL6hl1olmL9h3gXUJADqqqIRCyzMp9Z1D7fucfbaW0y9TMPfphAlZ-s-BwH6vzqjbQscRjRBMKWYBaGDMzaszL1_ALWwJdZI-2QppWHgUNgWP4Qb2hiRdkvbaUY7p2DSjSAn5mvixblSzEvM-Bb0Tb1HFEONGYmFRc-i00_H98rL4wOYQOTvUjWH7z7e5DUdgeK9Nwoj0UJ3ZghhzUI1z1BAPzBU8ZTp6Dn-u96MDKB6YLUt9J3q0ATUZlZi266Vz03SWXK70sBQDzEAta6laTkaeWZgBi-l0%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-9837065932233532%26fa%3D4%26ifi%3D7%26uci%3Da!7%26btvi%3D6&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=9626712546942&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1 Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Length 0 Expires Mon, 29 Jan 2024 14:53:05 +0100
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 1027	39 KB 15 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 09:45:49 GMT content-encoding br x-content-type-options nosniff age 18436 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Jan 2025 09:45:49 GMT
GET H2	200	/ Show response a1.adform.net/adfserve/ Frame 1B04	9 KB 5 KB	32ms 32ms	Script text/javascript	37.157.3.26 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a1.adform.net/adfserve/?CC=1&bn=70055959;click=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE&ae=1&num=1&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&sig=AOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA&client=ca-pub-9837065932233532&dbm_c=AKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs&cry=1&dbm_d=AKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk&adurl=;js=1;adfxid=1x;8095;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fraovat49.com Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash dd574444c681e697fe3c498866873372aec471ccc5f32f9086a4361675a0ba51 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform content-length 4113 expires -1
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 65B5	0 20 B	174ms 173ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCVxb0Lu3Zba5OcXv1PIP8o2liAcAAAAAOAHgBAI&bg=!JSalJmnNAAa8BdJLnAU7ADQBe5WfOGtAKbQ7otUgnTNafbEXAH_8tXVsgO4PZq8YCz8MU5OALZuy35cWQIYt4cJOLgu0AgAAADpSAAAAAWgBB5kC_uxGjIu52YnYbCFxWkr4MIoYzIHmLB8eK-ffQQvduj8G4KKeMEM92cJUB4aBEpeOron52VPK3SZU8yo_fZCrfTt3W10O6iX33fgjk9mAdvV_U9806TA6FeSAjOLGtOpVzpdbbgUHUp-YzKsnrhAYQPMDoFE98IGWT1ezhgYab-c6CidwUHUkpIOxTckF6S9zm7bSQp4upobDmdcI5eaLVVY9XxtLgEhjZJVx17YM2yiEjpyungs2Tixq8IN18kfD_LeIsvEpZVBn9P9GRPzDAk79CzoIB3nEd3SYDFyCTC3melFY6jYhCz26qUON02SvvHtUseNRskO_OEkqcwSHDDl-Z61EZOF9B-Frx9szOlk3vMBEr2K0AzoytanveSdtmI9FPvnx2rpgviVbc0EbTyVQi9UpN5fHIdeplas6GJUcM2OKNelLUjfJrlxHMu7r8LO2e5Jvd4CiB65lM_4m-EjmHuwis0EQb9Es_ofRVR367zgFqn0KR9kBGox3yYzgWfgw1Nw_tzBsjyeG_As4qEJkhqq8KEcHpJhEx1SZKpHYd3LgZVDvpgt0PRgogUzmiWY0OJwlhJtGIX1wmNDrLsX9MoNKPKFbsmqXYVc2DgMFGFb1itDL0svwUaUEpuknfKwS3LaNfB0fQu7hlBSXY_4lA5LLtihka2kY3lclBn9s90bRYMh5IRaAkbIARMMsG0olmLW6fHf9Mz9YUTEL3kz1vu-kKHozRq-PJBx6TTQE4-UguDwB1zu32LVsJGEoynxgTS3v4uqDhHl-KhJdQOUsa90jMyFdRjgo-Qgpv47ayFA4O8BLrGC4ToJvcVE_XavawTleEbtiI4J9-29k1dj339e-EXwTPv50hXROiXLKqKKAHZoTmpyOQ4h2CM_x1F27jMIBS4RAsTm-_v0HgyVOjxjp4xz-NhMLO2W_pMtcr0luUBeAQFDjjOd_zLCp_BBrJnjztkpL1tCuZb8Se1sRYKj2VKESKIVyFAsFX3NeM8zmL44mYhehWctGUCA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	1x1.b mml1.melia.com/dynview/melia-com/ Frame 1B04	111 B 1 KB	136ms 47ms	Image image/png	109.232.197.110 EULERIAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mml1.melia.com/dynview/melia-com/1x1.b?ead-publisher=mhi_dbm&ead-name=3_EMEA_PT_C_CH_p-mhi_dbm&ead-location=display_Prospecting_CH-728x90_de&ead-creative=CH-mhi_dbm-MRW_JanuarySuperSales_Tactica_h_ch--728x90_de&ead-creativetype=728x90_de&eseg-name=campaing&eseg-item=januarysupersales&ead-mediaplan=CH-Prospecting&ea-rnd=22153&adfrmid=1889972886217193987 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 109.232.197.110 , France, ASN50234 (EULERIAN-AS, FR), Reverse DNS ml.eulerian.net Software EWS / Resource Hash 0609b70c35eab974a2c2d99d6da5d84d95b97f9fe3d28828710d04835153cb20 Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma private, no-cache, no-cache=Set-Cookie, proxy-revalidate Date Mon, 29 Jan 2024 14:53:05 GMT Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Server EWS Content-Type image/png Cache-Control max-age=0, private Connection Close Accept-Ranges none X-Robots-Tag noindex Content-Length 111 X-XSS-Protection 0
GET DATA	200 OK	truncated / Frame 1B04	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a3c9f8109fb92437523644ec916c0e5923a41d9266c390ed701700a3792dd95d Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	request_content.php Show response hal900020.redintelligence.net/ Frame 2059	4 KB 2 KB	72ms 25ms	Document text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/request_content.php?s=25254400118535004438272012584020&a=e026f910 Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=9d20a25556&subid=&uid=60049d1243911725&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC2I5L0Lu3ZYLoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QJ8SInbGhb2tP26GQMTdbdJo2Q4ecNkbpg3qOaQYl6qxCmccVb1CAcfqSFUE1nST9vYrZbTxPnorP_OIQPoDAG-8t9pFQczA3IEJvyyubdXygI8vsu2tSHUld6mI7ebZDB10qcOT9IabLOnu8RPBPXezNK7lgane-8FqrpMskXA3WjlHiDGeXQixVniVVE6LTsfrjnT-OmvorlniY12Am33Ci6P9Do-_FH-GEa9ETZZ27hOm8eSXiYo0fdhxdEreM9c808uuBNn64D3eWN88LO6tJBFoNOlUSuUTJ6E5r9vU0FKRJZtit_5GtwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_2eMpbC8EpIBX1f4OrlQnjWyH9BQw%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BYdrLPOUVoaW0DpwdZJVf5CFlgHbrl15wj30LuvhsN93f59gCB33rGc92TGjnQkhBe5TBCSNhew1rwmTwn4RiqQXKWBl1lqFtaPVWy8aUpurVqdFohrV4Gry9hCwkMa-LAlhcB8LwPSkvIszKiPUvgfajr1Qvk_lCeD8QWWFWyl0gzwkc%26cry%3D1%26dbm_d%3DAKAmf-Aa74zHEWMqu0hpNsy6X5dyNHAnvEBV1cudGHJOXJzuZ-kWUvOsVargh1CYITWrQHPpXOBUH6mpr5I3GEwgx1ivGil0c0W4OqLW9kuk02LbWFg5hikwl_p1RYmuPWKxxob7dKeX6omTyy6tfhb7LZ6tvWufRdhVRnaS9NfYlUSYrUt5gU2aF7CjqNmzyDGSL836SohnCLuP7hf_9FBUY1eix27UFOja3-RYSariiMDLGHxundDK_vUbUXIoqspCvoPPdhtp-9cqQzoOXGXfBMvOaBJJS8m66UWEB64Mtwv7F8eH2xKOrEyt0OYo3DOcGKip8CUiDQcn01vyemCcMmnh1We4LExOOkvSQDCvBV5Ed-LO7SRalpLkfKWZO7Ro8CgaPpGpOZs8QC0OyoKw2YW47hfnnnTSF3ucD70VVWrAaPZKSWXuQbvPyGoACCsTq84IqPkVa5SS8QueLzTLgXBObHdqCUqm1vJyN821u_2ypJrxdkEnIc9GLMdIpF2PqZXOYk8iH0bYfM1mALK5lj3ywepb1drd9M9hq3mGQwc5W-cDVyAZlWb3XA5YSeM2oELIjnsq2RyWHUlw2CJM7yt2_hVoQPSY326a1mlAInYkoLXKo8M%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-9837065932233532%26fa%3D3%26ifi%3D6%26uci%3Da!6%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=8235424317486&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash d9d982bc5eb1c2f8f8d8d813f07f55263aec0249b252f62961ea9b8ce496631c Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 1500 Content-Type text/html; charset=utf-8 Date Mon, 29 Jan 2024 14:53:05 GMT Expires Mon, 29 Jan 2024 14:53:05 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	Standard Show response s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 1B04	91 KB 39 KB	41ms 41ms	Script text/javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/stoat/631/s1.adform.net/load/v/0.0.238/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash ed8343699e054a0900f23319e31cba32ad43bf77136313508ea25d86073366bb Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding gzip last-modified Tue, 19 Dec 2023 10:28:27 GMT server nginx x-cache-status STALE vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=100000 expires Fri, 19 Jan 2024 16:52:30 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1027	0 20 B	174ms 174ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlBRj0Lu3ZdLxOuX3x_APsfuJmA0AAAAAOAHgBAI&bg=!i4iliMfNAAa8BdJLnAU7ADQBe5WfOESgiDMyVTgZbZNqdY56xgtbXtEfYS_UQswFneJuXiVZPFwdHnMqTsoUFfc9MqVBAgAAAGdSAAAAAWgBB5kC-9lVoyYEntGM6nqdsZvCHV_s60S-juDT-WehMBnZ4hTj5xRKbuIICJkmNQ9H0edRsXF3QehvHozWaavvTAwH99FT-UGrBgytYHDtgslCs8FBGwZ0tEHcvjL_XoL8ZS1ON7NxRkegQMEQ73TsK7nOeWY6FDyB7oP8kyZWR6F62igguY7S5HVWJdkRS8zt0V8L3Qq6JWnMaUES_ZdhlX9dkVX3qW6i3ACQRqYtuGmooqYoe5R12y9mDhaeKjI-yfWjgSxuENa5gOLHPH8-amDENgjxHK88OZgXvdjw1qSz9xAyyBgsVGlvD7ED0JkaD2b9kKInhotK1Hfg0kAVX_--FgDWLRMHJlKGczpwutZGA-wShTcN6PU7E5ADt0rB6O5Sp_XqN9z6etu2cTRrZ1fEiVPcsAu0Z1t4gYfS1sn0ztrA4S61YpczM5RMVTFk4MD_OxtLKrqXG5bRRdOGG0KHQ-TdhXEjjcHslbWQG2xwglaW3tImA-yrrQpwGLzrCUnEFJPQy6nNAwts5IUFCl-iprGt5tf946D4wyQIHjAeoY217BU7rY5CtVuNf0KIznuYoNXF23MK4Eg_-XP3Kxsq-VIahVXsTJx9lNBz4C4BsA5RY-dshS7HCO8VLIrJedsikMYItcDvbC6_aeVCX1rywRycvqk7mtT16q9KPZp8ixhV-h8D1UfQA8SmRNIUhrH-2hQy5cEH-oDthj4CKHR3k6xjEeyyDpzbdJH9p3UTfjyHneYUxOJORxys8SVCVfaIt-G7u18EabXfQLcLiBp2LRcZVNBBv1fHyQHk7G5uLRwJxB5P0XBytjdniNxlQ2qJyUUcJaKMT6iqwNo9WgJcrQdmmKLgdlD759TCdfoRR2QF1tdb_5VtDuR8TgIT6-QpxaAcdVzfv_7qpxVzLG8rbg2y_I7eDpU7X70darBubOqpUZ1yXXmAr8r7I27_hWVCVSqjZjDPa1zdQ9TIAIOyDE9d2p6krLxWn09WSc9Uyh5b-8bP2NEDzKTVvAY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	/ a1.adform.net/csimpr/ Frame 1B04	35 B 600 B	30ms 30ms	Ping image/gif	37.157.3.26 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a1.adform.net/csimpr/?bn=70055959&csi=RdvAJCXVvau0DjrRoII8J7s2QVh5kgldA0t99EPpNF7rygPkIxxfk888nCYaWLPTvDii-9qbUn5uW9EM2qovNd6vWmW1dlSa0 Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://googleads.g.doubleclick.net/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:05 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin https://googleads.g.doubleclick.net p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1
GET H/1.1	200 OK	S-160x600.gif cdn.contentspread.net/24i/content/soberfb/DE/ Frame 2059	40 KB 40 KB	116ms 40ms	Image image/gif	51.75.147.170 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/content/soberfb/DE/S-160x600.gif Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25254400118535004438272012584020&a=e026f910 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.75.147.170 , France, ASN16276 (OVH, FR), Reverse DNS ns3133977.ip-51-75-147.eu Software nginx / Resource Hash 4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c Request headers accept-language de-CH,de;q=0.9 Referer https://hal900020.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:05 GMT Last-Modified Mon, 23 Jul 2018 15:19:29 GMT Server nginx ETag "5b55f201-9f7f" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 40831
GET H/1.1	200 OK	viewability Show response hal900020.redintelligence.net/ Frame 2059	0 150 B	73ms 26ms	Script text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/viewability?s=25254400118535004438272012584020&a=8f7a0c1c&vb=m Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25254400118535004438272012584020&a=e026f910 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://hal900020.redintelligence.net/request_content.php?s=25254400118535004438272012584020&a=e026f910 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:05 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 2059	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	request_content.php Show response hal90006.redintelligence.net/ Frame 1574	4 KB 2 KB	72ms 25ms	Document text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/request_content.php?s=83794000117851504438272012584006&a=0022a19b Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request.php?zone=70so8an67my2&nw=20&renderingType=javascript&namespace=04aa4082b7&subid=&uid=4f0215fe56f2819a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3j0M0Lu3ZYPoBfbT5LcP1LKmIJHB0Jtps--DktwP8C4QASCJzoZXYPWVzoHgBMgBCakCLJT8cbwosj6oAwHIA5sEqgTsAU_QpxFj0Bi4Po1QhwmJOiCKyu-vC3ZTUrRM-_tD9ois1T5wc5QOPp5hizkda4aeyXfRsZUPt96FXqj9XoDZCsKSfFo01UOumJBToBKvSXgkfVJFmdMq44N7tyS5QQQ3qw9ZNGROoKP_QezeDudztqYq20oQl5lyf1ALtEfGiDSTzWHBrpvm0eScITvdeMkF77_aYzRfYIhzQGgH43KX2_6f0i0BrARA-RdIuUdCSkqJf9rgDZz9xJUalMH1IrxhPVqiwkXSf770dzU0wu0ssLsCrb3mnk4OoLZsKdhCSdCaMR8yxj_Q2jGb9WIJwAT6xouO_APgBAOIBcHeovg9kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKiLq-zsgoQDgAoBmAsByAsBgAwBogwIKgYKBKy6sQKqDQJDSLATlbXRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_1DuKO0cKaYDg4kFm9ihUj72mVVJA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BxiKAl7SZ-fVFBpKDlMFDRAqfsa7ZI806Z6rqHWbA57j0fBh3I2JrdkXkvYTkdlZ241w-5KbwADArlVashj7IXi3Ru6K6fLsBlibuMOUjckNH_E3FiXcqqbhS-SYC4PsFnxEGN47ob_3MDAe-9u8Z-SC2hadvGeSW4UOxVOJcJdHE5T0Y%26cry%3D1%26dbm_d%3DAKAmf-DsMZVgJfrVG-KfBzMRECx4xQAUjIofKlDQ6gVhfl1ltEZaDMb4SqwGgGt05wmo2XxvE8mdaoq2YN1s86jhOarAtYRKhzC-OVeyo0539FKi5YzVzlBqRNC9w0fyxaT1ueUMoIHN3ofkUQRy2U8jEg6b4HCYA3F7hcw8TCbQBq5Y1C9OsQdXSqxUyWcL1bl3C0NbUI7EL-6TtiFh3YD7o_BvcF4L0uUpri7ya3l17-YTrM3tyal1RwNYO0kiv4mTj3Gf_s26blSs0Qp21UuHOfe603qrSTqo5boE5ETBzVXmn5AhBgHL-jBrIFzj9-BSeoyOw3hZ0EAPXn6gzqgL6hl1olmL9h3gXUJADqqqIRCyzMp9Z1D7fucfbaW0y9TMPfphAlZ-s-BwH6vzqjbQscRjRBMKWYBaGDMzaszL1_ALWwJdZI-2QppWHgUNgWP4Qb2hiRdkvbaUY7p2DSjSAn5mvixblSzEvM-Bb0Tb1HFEONGYmFRc-i00_H98rL4wOYQOTvUjWH7z7e5DUdgeK9Nwoj0UJ3ZghhzUI1z1BAPzBU8ZTp6Dn-u96MDKB6YLUt9J3q0ATUZlZi266Vz03SWXK70sBQDzEAta6laTkaeWZgBi-l0%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20240122%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-9837065932233532%26fa%3D4%26ifi%3D7%26uci%3Da!7%26btvi%3D6&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fraovat49.com&random=9626712546942&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash 95419906c91217ce15ecadf3da580f078278a9cc322abc8a08daccfc7b2a38c8 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection close Content-Encoding gzip Content-Length 1498 Content-Type text/html; charset=utf-8 Date Mon, 29 Jan 2024 14:53:05 GMT Expires Mon, 29 Jan 2024 14:53:05 +0100 P3P CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Pragma no-cache Server Apache Vary Accept-Encoding
GET H2	200	14098847.js Show response s1.adform.net/Banners/Elements/Files/63577/14098847/ Frame 29B6	2 KB 1 KB	30ms 30ms	Script application/x-javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/Banners/Elements/Files/63577/14098847/14098847.js?ADFassetID=14098847&bv=257 Requested by Host: raovat49.com URL: https://raovat49.com/s/lien-minh-okvip-ho-chi-minh-5132649 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 1473edb1b1655ab40c82d4572b9445e62006f10475d29f327f3b3417d1b39d64 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding gzip last-modified Tue, 19 Dec 2023 23:01:39 GMT server nginx x-amz-request-id tx00000ba77b116263a8076-0065b7311e-329552a5-default etag W/"0c681096519c773be93eed3d05721654" x-cache-status STALE vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * access-control-expose-headers Content-Range,Content-Length x-rgw-object-type Normal cache-control public, max-age=604800
GET H2	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 272 B	74ms 21ms	Fetch application/json	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash facc2dacbd7a71bb19c1bea3f8438089d77beb9255d5aadce6bae0afd4f146c8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin https://raovat49.com date Mon, 29 Jan 2024 14:53:05 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin content-type application/json;charset=UTF-8
GET H2	200	Adform.DHTML.js Show response s1.adform.net/banners/scripts/rmb/ Frame 29B6 Redirect Chain https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js	30 KB 14 KB	36ms 35ms	Script application/javascript	37.157.2.247 ADFORM
General Check archive.org Show headers Download Go to Full URL https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Server 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding gzip last-modified Tue, 21 Nov 2023 08:14:37 GMT server nginx x-amz-request-id tx000006566b37edd8b4e51-00655c671a-3295f919-default etag W/"d66b8df08256b7e89279e9f83d1d7c5e" x-cache-status HIT vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-rgw-object-type Normal cache-control public, max-age=604800 Redirect headers location https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js date Mon, 29 Jan 2024 14:53:05 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx content-type text/html
GET H/1.1	200 OK	S-160x600.gif cdn.contentspread.net/24i/content/soberfb/DE/ Frame 1574	40 KB 40 KB	106ms 40ms	Image image/gif	51.75.147.170 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.contentspread.net/24i/content/soberfb/DE/S-160x600.gif Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=83794000117851504438272012584006&a=0022a19b Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.75.147.170 , France, ASN16276 (OVH, FR), Reverse DNS ns3133977.ip-51-75-147.eu Software nginx / Resource Hash 4f4ed318db35c5f69af7305536516e10419a8a2ce9459ff38149fad2a5602c1c Request headers accept-language de-CH,de;q=0.9 Referer https://hal90006.redintelligence.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:05 GMT Last-Modified Mon, 23 Jul 2018 15:19:29 GMT Server nginx ETag "5b55f201-9f7f" Content-Type image/gif Connection close Accept-Ranges bytes Content-Length 40831
GET H/1.1	200 OK	viewability Show response hal90006.redintelligence.net/ Frame 1574	0 150 B	75ms 26ms	Script text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/viewability?s=83794000117851504438272012584006&a=81eb6cee&vb=m Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=83794000117851504438272012584006&a=0022a19b Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://hal90006.redintelligence.net/request_content.php?s=83794000117851504438272012584006&a=0022a19b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:05 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET DATA	200 OK	truncated / Frame 1574	43 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
POST H2	200	v3 Show response id5-sync.com/gm/	403 B 681 B	77ms 21ms	XHR application/json	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/gm/v3 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash b612fe0a1a185e526a1f170e4df8ce436615871bdfb2f5d6078ef0c267e06aa0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://raovat49.com date Mon, 29 Jan 2024 14:53:05 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin content-type application/json;charset=UTF-8
GET H3	200	davad_ad_ Show response fundingchoicesmessages.google.com/f/AGSKWxUjmHQQXFPBNJT4OBoLQJyvOPiMEnmim3LcUgr5DAXjR0HXtKwGcTsTeGGsPwKNgOKNblzfRkVCgTs5z8p1UPkJZh8uuPxLTenB9RPU5Nk1sGcO_nLu4ZkQCZS9XHS4Z_vIR2W5huWqcl3EMyHipREcQ7JKL...	54 B 110 B	36ms 36ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUjmHQQXFPBNJT4OBoLQJyvOPiMEnmim3LcUgr5DAXjR0HXtKwGcTsTeGGsPwKNgOKNblzfRkVCgTs5z8p1UPkJZh8uuPxLTenB9RPU5Nk1sGcO_nLu4ZkQCZS9XHS4Z_vIR2W5huWqcl3EMyHipREcQ7JKLuwCkobPNS19EGEsMBEhm3b0RRzl9S2S/_/adsecondary./pgad./ads/rectangle_/advision./davad_ad_ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwYguaqMDE6-xBWX4yxN0KelhKGPw/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a6977b31d472c8e7a6b9ee44f5c8a3557417d692e5ee3d8a528017134571e40f Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pwWSMpcEal6m4uMG9uKiwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pwWSMpcEal6m4uMG9uKiwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXF4KEhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gbistvnWOuAWIiH4-L3e2vZBBp-_3vDCACokl17" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	lidar.js Show response pagead2.googlesyndication.com/pagead/js/	86 KB 30 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwYguaqMDE6-xBWX4yxN0KelhKGPw/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c9cacd70ab308f607d941cc9728d034e189506e8d020820adb112d7ff148762a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:49:36 GMT content-encoding br x-content-type-options nosniff age 209 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31172 x-xss-protection 0 server cafe etag 8274047967244442607 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Mon, 29 Jan 2024 15:49:36 GMT
POST H3	204	AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Show response fundingchoicesmessages.google.com/el/	0 29 B	80ms 33ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-xvQ5RssChCfQD6SNsV05bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy script-src 'report-sample' 'nonce-xvQ5RssChCfQD6SNsV05bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-L3e2vZBG50zGtmAgDtvSCh" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://raovat49.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	6582205298bf295c2e8ec5a3 Show response c.bannerflow.net/a/ Frame 29B6	59 KB 20 KB	104ms 57ms	Script application/javascript	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/a/6582205298bf295c2e8ec5a3?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs%26cry%3D1%26dbm_d%3DAKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D70055959%3Badfibeg%3D0%3Bcdata%3DjHeoajIEDiKxea9xguXFWVqn4tJckDOjow8mNy3zXtCHNyGgc0sRziD3QGkiPGN4tvSr1DFS6FzJM82wqRMST08XAqjB5WhVC95tQX4SjUWNy-7h7Mj3N5TXNfn-BbUBGNg5wV6-Ge9Bh83C8QPb0sTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fraovat49.com%3BC%3D1&domain=https%3a%2f%2fgoogleads.g.doubleclick.net%2f&targetwindow=_blank Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd85484544bc1e2f64de88626808c8c3b882f3f0a80f76d3192aa7198639728f Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 29 Jan 2024 14:53:05 GMT server cloudflare vary Accept-Encoding content-type application/javascript cache-control public, s-maxage=10 cf-ray 84d24d7daf5f35ed-FRA request-context appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
POST H3	204	AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Show response fundingchoicesmessages.google.com/el/	0 29 B	52ms 32ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wzRRFxTuBUyh9veI0ck3PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wzRRFxTuBUyh9veI0ck3PA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-L3e2vZBBa8_9LEBADv3SEn" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://raovat49.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame FB13	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e642f7d4fcd7f7f7727783979f5aa500eb4cda2ddf1d27f8dfc3b3083b7ad34c Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
POST H3	204	AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Show response fundingchoicesmessages.google.com/el/	0 29 B	50ms 39ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-79kbfzWpOliC3Y7sy0i9MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-79kbfzWpOliC3Y7sy0i9MA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-L3e2vZBBouvGthAgDyDSDv" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://raovat49.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Show response fundingchoicesmessages.google.com/el/	0 29 B	45ms 34ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MGHWGc0ezdDTx_ogUbcV-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy script-src 'report-sample' 'nonce-MGHWGc0ezdDTx_ogUbcV-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-L3e2vZBB50r2pmAgDuYyC5" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://raovat49.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxUH1lKFrzUvjK0jLjvZ6k-i9EIrUTCbWZkQYLsUToSFalyL1cIrVW8KtUtGsCZK2Sm_J2R_k-42OHcE8Dn7T6hnDyQDlmcszF6-r7jxCSE79gD6AQRCylpkF7WxpLF5-vlQ_0D07A== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	47ms 47ms	Script application/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUH1lKFrzUvjK0jLjvZ6k-i9EIrUTCbWZkQYLsUToSFalyL1cIrVW8KtUtGsCZK2Sm_J2R_k-42OHcE8Dn7T6hnDyQDlmcszF6-r7jxCSE79gD6AQRCylpkF7WxpLF5-vlQ_0D07A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NTM5OTg1LDUxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yYW92YXQ0OS5jb20vcy9saWVuLW1pbmgtb2t2aXAtaG8tY2hpLW1pbmgtNTEzMjY0OSIsbnVsbCxbWzgsIll0a3ZVdnIwS2hJIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8abfe77f3339b423b770516ce8dab5e674566fc8338a805e72bd17aaa871b6aa Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pTkjHxQLy-Xz9pAWWdZQfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-pTkjHxQLy-Xz9pAWWdZQfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHECcU__S6YpQPzuy0smjq8vmSSAWA2I30m-YvoGxDt8PFjehE9nZYuYznq6YDrrZSBmq5jOygfEcXXTWXOAmG_ddFbN9dNZt5yZzroHiGOeT2dNAeLFrDNYVwPxlMAZrHOAuCV6BuskIHZKn8EaAMSfM2ew_gbistvnWOuAWIiH4-L3e2vZBFYcu9_CBACu4Fzx" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVNWSJegH3SoeCVyJnqkT7KxjlTKosaupRMVwOe-tow80pR-1s6B3VcDhQCrwDkl1mUpLaNDpUS86YUIawawle6LZJGhgxB2t59QK8Xj0TNN2WHDrJFx-ViylCoGpYpu3ZUAC6KOg== Show response fundingchoicesmessages.google.com/el/	0 29 B	32ms 32ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVNWSJegH3SoeCVyJnqkT7KxjlTKosaupRMVwOe-tow80pR-1s6B3VcDhQCrwDkl1mUpLaNDpUS86YUIawawle6LZJGhgxB2t59QK8Xj0TNN2WHDrJFx-ViylCoGpYpu3ZUAC6KOg== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-BR7QcXNg4SC0olWXp-IKzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy script-src 'report-sample' 'nonce-BR7QcXNg4SC0olWXp-IKzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-L3e2vZBHbs_D6FCQDz7iEs" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://raovat49.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Show response fundingchoicesmessages.google.com/el/	0 29 B	34ms 33ms	XHR text/html	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxW7Z8Rylt79vkCgq4pefFPGtzEyW_wR3Y0HTBk3k5Xtz1VtpvMnS_cU3riLM5DFozrWvcmC2GZSLb4E-i9Px8iM2cljZfdC948qy1uM7y5nA1JnqGTdWR7DA9Zc545i0mt9q_vxxw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.YtkvUvr0KhI.es5.O/am=wA/d=1/rs=AJlcJMzE1BcWevsRDsR0j0ow8Hwoup2wJA/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h1z9QduT28XbDWUYFfjYHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://raovat49.com/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-h1z9QduT28XbDWUYFfjYHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIiH4-L3e2vZBCY8Oj-VCQDxMiD_" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://raovat49.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	67ms 67ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4b6e79628e3a42594db08aee1c88b1354d25c31e47268800bc9417048592966b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12062 x-xss-protection 0
GET DATA	200 OK	truncated / Frame 14DC	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8c20fba65c890fdbd766e13eaf71932478d428ade20b40ef410005627cbcefb7 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	widget.1d687e5d4234c1df1bd2.js Show response c.bannerflow.net/scripts/ Frame 29B6	24 KB 9 KB	34ms 34ms	Script application/javascript	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/scripts/widget.1d687e5d4234c1df1bd2.js Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/6582205298bf295c2e8ec5a3?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs%26cry%3D1%26dbm_d%3DAKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D70055959%3Badfibeg%3D0%3Bcdata%3DjHeoajIEDiKxea9xguXFWVqn4tJckDOjow8mNy3zXtCHNyGgc0sRziD3QGkiPGN4tvSr1DFS6FzJM82wqRMST08XAqjB5WhVC95tQX4SjUWNy-7h7Mj3N5TXNfn-BbUBGNg5wV6-Ge9Bh83C8QPb0sTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fraovat49.com%3BC%3D1&domain=https%3a%2f%2fgoogleads.g.doubleclick.net%2f&targetwindow=_blank Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1831a61061755bd651fa9266e19ae59f678d40edf903fd10e9dc2d01df384594 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 29 Jan 2024 14:53:05 GMT content-encoding br cf-cache-status HIT content-md5 Zz6snzwZ/ErQxvTa8ANH8g== age 3546762 cf-polished origSize=24360 x-ms-lease-status unlocked cf-bgj minify last-modified Tue, 19 Dec 2023 10:41:49 GMT server cloudflare etag W/"0x8DC007F1B05445E" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 4b315e72-501e-0022-1d80-3210cc000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public,max-age=31536000,immutable x-ms-version 2011-08-18 cf-ray 84d24d7dffbe35ed-FRA
GET H2	200	document.000000A7B320E6.js Show response c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/published/6541672/8326298/ Frame 29B6	45 KB 10 KB	30ms 30ms	Script application/javascript	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/published/6541672/8326298/document.000000A7B320E6.js Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/6582205298bf295c2e8ec5a3?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs%26cry%3D1%26dbm_d%3DAKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D70055959%3Badfibeg%3D0%3Bcdata%3DjHeoajIEDiKxea9xguXFWVqn4tJckDOjow8mNy3zXtCHNyGgc0sRziD3QGkiPGN4tvSr1DFS6FzJM82wqRMST08XAqjB5WhVC95tQX4SjUWNy-7h7Mj3N5TXNfn-BbUBGNg5wV6-Ge9Bh83C8QPb0sTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fraovat49.com%3BC%3D1&domain=https%3a%2f%2fgoogleads.g.doubleclick.net%2f&targetwindow=_blank Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84d70aad09af0f9f724d75bd98052f353b75204ee51ba2df8d21bd7fe1a3f9f4 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 29 Jan 2024 14:53:05 GMT content-encoding br cf-cache-status HIT content-md5 D42EZrMChnjzsgIUiouHyg== age 2195947 cf-polished origSize=51435 x-ms-lease-status unlocked cf-bgj minify last-modified Thu, 28 Dec 2023 14:34:52 GMT server cloudflare etag W/"0x8DC07B2271304D8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 5fd9709a-e01e-0018-03ca-3e0ab4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public,max-age=31536000,immutable x-ms-version 2011-08-18 cf-ray 84d24d7e0fc235ed-FRA
GET H2	200	animated-creative.1e96afe3686db1758781.js Show response c.bannerflow.net/scripts/ Frame 29B6	156 KB 53 KB	51ms 51ms	Script application/javascript	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/scripts/animated-creative.1e96afe3686db1758781.js Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/6582205298bf295c2e8ec5a3?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs%26cry%3D1%26dbm_d%3DAKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D70055959%3Badfibeg%3D0%3Bcdata%3DjHeoajIEDiKxea9xguXFWVqn4tJckDOjow8mNy3zXtCHNyGgc0sRziD3QGkiPGN4tvSr1DFS6FzJM82wqRMST08XAqjB5WhVC95tQX4SjUWNy-7h7Mj3N5TXNfn-BbUBGNg5wV6-Ge9Bh83C8QPb0sTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fraovat49.com%3BC%3D1&domain=https%3a%2f%2fgoogleads.g.doubleclick.net%2f&targetwindow=_blank Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c60bbc9708905d9d7ec8eadbe5b0f3039c9e38f6ef74b8324c25217b90ddf83 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 29 Jan 2024 14:53:05 GMT content-encoding br cf-cache-status HIT content-md5 7swcr1pWErNv6pGvFtdj/A== age 2762870 cf-polished origSize=159482 x-ms-lease-status unlocked cf-bgj minify last-modified Thu, 28 Dec 2023 13:29:37 GMT server cloudflare etag W/"0x8DC07A909E90385" vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 9441ef9c-601e-0006-4da2-39e66c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding cache-control public,max-age=31536000,immutable x-ms-version 2011-08-18 cf-ray 84d24d7e0fc335ed-FRA
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	59ms 59ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 29 Jan 2024 14:53:05 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A62	13 KB 5 KB	34ms 33ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers accept-ranges bytes age 6161 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 13:10:24 GMT expires Tue, 28 Jan 2025 13:10:24 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 594B	829 B 1 KB	88ms 35ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6fecdae8747c2a915b241e914a76eb0f1705d7b2ab7eeab25ed163630d80a824 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-p1GXIg457w8S7jrUaePXJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://raovat49.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-CH,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-p1GXIg457w8S7jrUaePXJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 29 Jan 2024 14:53:05 GMT expires Mon, 29 Jan 2024 14:53:05 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 8A62	39 KB 15 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 09:45:49 GMT content-encoding br x-content-type-options nosniff age 18436 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 28 Jan 2025 09:45:49 GMT
GET DATA	200 OK	truncated / Frame 29B6	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/webp
GET BLOB	200 OK	7eba1090-a362-4f0c-8a03-635df8f6f418 Show response https://googleads.g.doubleclick.net/ Frame D34F	668 B 0		Script text/plain
General Check archive.org Show headers Download Go to Full URL blob:https://googleads.g.doubleclick.net/7eba1090-a362-4f0c-8a03-635df8f6f418 Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/scripts/animated-creative.1e96afe3686db1758781.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 668 Content-Type
GET H2	200	font c.bannerflow.net/fs/api/v2/ Frame 29B6	6 KB 6 KB	85ms 47ms	Font font/woff	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F0199f10e-a165-4afc-8226-a0a984273a21.woff&t=%0A%20%2C-.03JNTaehmnrsu%C3%A4%CC%88 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d2a36e4a02b02ae54888da1af070a1b634c69b4dbd8540aa75611f4bb5bac3a Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT cf-cache-status HIT last-modified Wed, 03 Jan 2024 23:00:05 GMT server cloudflare age 2217180 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400 content-disposition attachment; filename=0199f10e-a165-4afc-8226-a0a984273a21-subset.woff cf-ray 84d24d7f89d39b3d-FRA expires Thu, 02 Jan 2025 23:00:05 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 594B	0 0	167ms 167ms	Image text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=1162273600596718&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 8A62	0 10 B	34ms 33ms	Image text/plain	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?gTRJ7Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	font c.bannerflow.net/fs/api/v2/ Frame 29B6	4 KB 5 KB	35ms 35ms	Font font/woff	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F03480b17-eaea-4da9-b6f8-becf6c19a9b5.woff&t=%20%25BISTacehimnru Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1184d4170894dc48d2e432ee89ce4c7ecfb4bfbf93ed550629d9440f3577061 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT cf-cache-status HIT last-modified Wed, 03 Jan 2024 23:00:11 GMT server cloudflare age 2217174 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400 content-disposition attachment; filename=03480b17-eaea-4da9-b6f8-becf6c19a9b5-subset.woff cf-ray 84d24d7fda5d9b3d-FRA expires Thu, 02 Jan 2025 23:00:11 GMT
GET H2	200	font c.bannerflow.net/fs/api/v2/ Frame 29B6	3 KB 3 KB	29ms 29ms	Font font/woff	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F32812fa8-3a3f-485f-ba63-a5ce35dc9294.woff&t=%20Bisuz Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 394278e9f7acfbfe3a6641f69879036245a5887a5b7ca75636ee7d3369b7d734 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT cf-cache-status HIT last-modified Wed, 03 Jan 2024 23:00:12 GMT server cloudflare age 2217173 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400 content-disposition attachment; filename=32812fa8-3a3f-485f-ba63-a5ce35dc9294-subset.woff cf-ray 84d24d800aa89b3d-FRA expires Thu, 02 Jan 2025 23:00:12 GMT
GET H2	200	font c.bannerflow.net/fs/api/v2/ Frame 29B6	12 KB 13 KB	27ms 27ms	Font font/woff	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F59c910d931ae9c0318638256%2F28fa068d-650f-4cfc-916b-5142cd8bc797.woff&t=%20%2a-.1BDKMPRabcdefhiklnorstuwz%C3%A1%C3%BC%CC%81%CC%88 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bde63a8a8b3e689ff44a7f15317b798e1a84abab07cb5be244808d55fda88df0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:05 GMT cf-cache-status HIT last-modified Wed, 03 Jan 2024 23:00:13 GMT server cloudflare age 2217172 vary Accept-Encoding content-type font/woff access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400 content-disposition attachment; filename=28fa068d-650f-4cfc-916b-5142cd8bc797-subset.woff cf-ray 84d24d803ae19b3d-FRA expires Thu, 02 Jan 2025 23:00:13 GMT
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	15 KB 15 KB	27ms 27ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2F716466db-02d0-47ad-bfa0-65a28de7a8e3.jpg&w=744&h=92&q=85&f=webp&rt=cover&x1=0&y1=710&x2=2363&y2=1002 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5a6ecf77cdc2985b1a4cd67738ed02089382dca22caf8535cd997c1e9eff947 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:49:24 GMT api-supported-versions 2.0 server cloudflare age 29022 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d807a9935ed-FRA content-length 15546
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	57 KB 57 KB	28ms 27ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2Ffc1e808e-ba8c-4fa8-92b5-adb3c11087d5.gif&w=269&h=132&q=85&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92ef602cb2219774d0994b4ec09879da4949dd27e669c961bce04caf84938f88 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:19:08 GMT api-supported-versions 2.0 server cloudflare age 30838 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d807a9d35ed-FRA content-length 58034
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	8 KB 8 KB	29ms 29ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2F3d71a9e5-f7c2-40e8-b2de-720f12ae107c.png&w=83&h=166&q=85&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24625fa5b7fe32c272118c19162ed1c09498466f030fb564cad632d38496ee52 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:25:56 GMT api-supported-versions 2.0 server cloudflare age 30430 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d807a9f35ed-FRA content-length 8252
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	9 KB 9 KB	31ms 31ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2F8a29c905-2f3f-479f-aee6-a78c899e3891.png&w=83&h=166&q=85&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0e760b0461bec5c0e7c7ca5da9ffcc7408cb45c2e0757bb91cf30e008a3a601 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:25:56 GMT api-supported-versions 2.0 server cloudflare age 30430 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d807aa035ed-FRA content-length 9030
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	11 KB 11 KB	30ms 29ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2F606872fb-6eec-4b31-9173-d4bc50b45fce.png&w=180&h=180&q=85&f=webp&rt=contain Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 913038890331e54915731b8bde3b467654e9c9f3720a9893ad2b68b2b8fa3f7e Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:49:24 GMT api-supported-versions 2.0 server cloudflare age 29022 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d807aa235ed-FRA content-length 11276
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	17 KB 17 KB	30ms 30ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2Fd6ff207d-2d5b-4bb2-984a-8f4deb57e338.jpg&w=755&h=93&q=85&f=webp&rt=cover&x1=0&y1=217&x2=6040&y2=961 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adb050661f4016e83dfdd4217593afe1bb6ebb46f9d2e5cc9ecd327b40851f58 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:41:33 GMT api-supported-versions 2.0 server cloudflare age 29493 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d807aa435ed-FRA content-length 16918
GET H2	200	optimize c.bannerflow.net/io/api/image/ Frame F179	19 KB 19 KB	36ms 35ms	Image image/webp	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fmelia-hotels-international%2F5b1e7460bb093f129c2d2c03%2Fimages%2Fae0fb4b8-39aa-4c1d-90e6-1133f72700e4.jpg&w=743&h=92&q=85&f=webp&rt=cover&x1=0&y1=340&x2=3652&y2=791 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8e20e1815a3e68d3789fb02bc652dbe9290da009179803fe8c9c1b75cf2d436 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status HIT last-modified Mon, 29 Jan 2024 06:49:24 GMT api-supported-versions 2.0 server cloudflare age 29022 vary Accept-Encoding content-type image/webp cache-control public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400 accept-ranges bytes cf-ray 84d24d808aa735ed-FRA content-length 19640
GET H2	200	8ff4477a-a0d7-4397-9d76-6d338d2bb9ff.svg c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/images/ Frame F179	4 KB 2 KB	31ms 31ms	Image image/svg+xml	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/images/8ff4477a-a0d7-4397-9d76-6d338d2bb9ff.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e154239a1dea3256910e5c5f0e47d64c9f61b447ccfe30f2464ee1655640aee Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 29 Jan 2024 14:53:06 GMT content-encoding br cf-cache-status HIT content-md5 Pp6+/dCwVQ9ev1rsOtWJSA== age 583 x-ms-lease-status unlocked last-modified Wed, 06 Dec 2023 17:50:54 GMT server cloudflare etag W/"0x8DBF683E4D4FAF9" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 03729d27-f01e-003b-7191-409077000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding x-ms-version 2011-08-18 cf-ray 84d24d808aa835ed-FRA
GET H2	200	1cbba13a-83dc-4644-bf9b-addc3f14ec91.svg c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/images/ Frame 9A6A	4 KB 2 KB	30ms 30ms	Image image/svg+xml	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.bannerflow.net/accounts/melia-hotels-international/5b1e7460bb093f129c2d2c03/images/1cbba13a-83dc-4644-bf9b-addc3f14ec91.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2be3a01d31bb0ce7870e8bae9f983bd4468082ddece4af160de6e2bab3f2eba4 Request headers accept-language de-CH,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 29 Jan 2024 14:53:06 GMT content-encoding br cf-cache-status HIT content-md5 zQpUlnc7DnnF/a0KM7HgJw== age 5706 x-ms-lease-status unlocked last-modified Thu, 14 Dec 2023 11:51:32 GMT server cloudflare etag W/"0x8DBFC9B0416FBE3" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 0ff75589-501e-0050-6693-401783000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding x-ms-version 2011-08-18 cf-ray 84d24d809ab635ed-FRA
POST H2	200	/ c.bannerflow.net/tr/v2/pixel/ Frame 29B6	0 92 B	45ms 44ms	Ping text/plain	2606:4700::6811:c96e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.bannerflow.net/tr/v2/pixel/ Requested by Host: c.bannerflow.net URL: https://c.bannerflow.net/a/6582205298bf295c2e8ec5a3?did=5ced02fe0fd60d000186f5ac&redirecturl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCA0xw0Lu3ZYToBfbT5LcP1LKmIJP5s6Zw3PDkwI8S9L_r8cgvEAEgic6GV2D1lc6B4ASgAZOmj74DyAEJqQIslPxxvCiyPqgDAcgDmwSqBPIBT9DJD-RLSKnLCHQwlKoaLzILLoviun2SZFH9dbBYc2Ktf9zuQMU1DwtUGyTX-4E9YeZ2AZYF0DZzjI5ZFKA3iRmaHnxqxFVVIO53Tkt4a7bVm8gjIPJzTuU0GRruIEmNfNIR3FYVNz3tKU37KfxTa9dqugOTM76-9fG0mWmRITdmVYmuGmo__2OZjnta5cZGQX4UWNTZIcvkZ1ZZHgMHQDyRNdjpXEKdIrSnU_KnyLwwnP7NpeNkQ3Y8Lnr4aOq_Mml2EnQ94LPOzSqFC6gfUxq-kdhGzi0KSsSVaUaLONMZIo2QglCh15MmAr4AzsUXCnrABJfkpuScBOAEA4gF3ZW1p0iQBgGgBk2AB9XZ8EGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlioi6vs7IKEA4AKAZgLAcgLAYAMAaIMCCoGCgSsurECqg0CQ0iwE8TUrRbQEwDYEw3YFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB%26sig%3DAOD64_360_MB7WbP6mJJ_bsAKt-AMxEbLA%26client%3Dca-pub-9837065932233532%26dbm_c%3DAKAmf-BGOw9S1uNJEIduLlNtPOqIFNAAwNApmeH9jBJ4cHt5Ez32KXWH15XMUYFpmIwedBlzFPpuqDgkqf4TXBeASpPVzbYuGeM0SIXx83RyYbf7S2GuD3zp7t5fPsDqmcaMwlCKhqqmbBYIcYZJM_DnUuOf1odHfSHOt1knVHMIHOnaAkBkkTs%26cry%3D1%26dbm_d%3DAKAmf-C-rNdpwUOXGSgXwEwZyJyF1dJpiAl-HHnWFtD8f6SCsYkezoPvr59Dr2nd_vbN3gLRUA6sEaijClOKBDvXYtJM5Gh5xgNTy_wCarsj1GizqtVaYG0tRN35LLytWTGboFv8ac-kIiE2efp6plByZdj2gyn_C2h680dJU9FG1l0vy6zKWySBErMLhyTZvX3yyk2aWAeMQVr9hfcqdgwMiwTq0wQ1VtULupoB0pOG_euG2kpzGpBF4BlF0r6frKW7oFAhrZLvgT3ldg1r3RteGtAsWZbtMziFFfthzYLyWPeFsv1JZUXJLVKiI8YqUowzyvYW-jyIqZaWQrKMsJ3deZSINVDD-3fHe3pjblCZDpnYow6oMMlZisiKxYHdhrsGn8CG75bl5C3AFB4kYal-ZkcnB-R-Gc0k1brsMiuRl5Qyjj1edJltUMsyN2GRTOUWvVEfb79khtYGAxxeYulQSB3Yg8hNX0jS3-_HKYqxyTxw_IYPjCIYqCx6Ec1VU65uBg2AwSAHJ8a_1Vv4IoiP69MVTcTX8l0WxsaRIe_u-7bSeKhiykzynJB2ttiIQx--spXTi5j_MZfLbtjpteXBcbLJq6k3rHhOPixdZv_IzDSiSPXbAXk%26adurl%3Dhttps%3A%2F%2Fa1.adform.net%2FC%2F%3Fbn%3D70055959%3Badfibeg%3D0%3Bcdata%3DjHeoajIEDiKxea9xguXFWVqn4tJckDOjow8mNy3zXtCHNyGgc0sRziD3QGkiPGN4tvSr1DFS6FzJM82wqRMST08XAqjB5WhVC95tQX4SjUWNy-7h7Mj3N5TXNfn-BbUBGNg5wV6-Ge9Bh83C8QPb0sTj-xBkZCCo0%3B%3BCREFURL%3Dhttps%253a%252f%252fraovat49.com%3BC%3D1&domain=https%3a%2f%2fgoogleads.g.doubleclick.net%2f&targetwindow=_blank Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:c96e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 29 Jan 2024 14:53:06 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 84d24d80caf235ed-FRA content-length 0 request-context appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1B04	42 B 64 B	176ms 175ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucx9kXErIJ7nfIU8nQ_OYyBafv1iwRzkDLcI9Qld-E2ojnqQrrDLk8xnjsGjlZPkWNfC7Ty2W2YyplXyqdijrdbyVDpUELgswavxvDHve9X_6SsNRS8e34sA4AkqnGaBGCJGd9QAkFW38TFSa-NvTFRuFy&sai=AMfl-YSQHWQXNmd7ANSPWqMwi0Uf-zsPt1g6MQQ50CfqaViz3ODLKGJ0LPqrJ2VCP-OnyuPUAjpu0SnjP_xTvQsqmvET1FJ13CUpfQO8Cm7yoZca13m8Ohdb7fCZHUyFLLv36mjYK7ENG8Pb3Q3pfMHe&sig=Cg0ArKJSzJP2V_FmV-ZYEAE&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&id=lidar2&mcvt=1004&p=0,0,94,728&mtos=0,1004,1004,1004,1004&tos=0,1004,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170653998500&rst=1706539984767&rpt=467&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1B04	0 20 B	167ms 167ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3820036480581&version=m202309260101&ct=77&x=1&cor=6841829248467980000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	174ms 174ms	Image text/html	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=1162273600596718&bg=!3N-l35DNAAa8BdJLnAU7ADQBe5WfOI1nfoxPYiFduX_sO2BEUCf1O00600ZJgtG4D8Z84isamGU3dZa_jwMhCHZzwKGGAgAAAE5SAAAAAWgBB5kCwnuOTL3k5Xnu2ZWCCAFMcXBWMGEyuC3OOzql_ZhF2_Ll-kP6_VdwJOqvT-CM5ggYjs1tDaaJw37DHHXM9Kt7-UxaX7HUZPivoYgwnBjKz2Z9uSpeFTYK9CjZvGsoWtRQhKVZNaAW-GLpxtXJTEij5Wqc9z4uPHNCvEQ-2LUemMnSK3r2-Q59V17To-Jc55eF3fziCDL6otafcG4KvKJkJ5v2VhE1jFlo4T-AQZLUQkCQZB8JRlzibYqm6jIKpQNsgvyss-C6wB-UmHb5j0SWlUbPBIVADua5bj2BVPiJHVUYju9BhXkBgD91lOMsnqC8iPYRTQM6C79AyDbYBLgPZlp28urFQfwvSgMV9Hdf1W6YPj7fhy78jifBkeielvL6T_EJBqH3cNhzW0Hu2u3XcEvprxuf5i5UZG7Lo4CHhOIqisaiEXw83c6RVErX5al5gcKBxlaPBlRj63hP_E9hl8McMrKH8nzuW-feiUj2PVFY4kO52YpISEgpGHoWtTNTolOjzm3vEYenbvCBeOCeXIKf06E9JJl0dnjCetj_Rl17bPz5VVd-D9koCEsj14uHoLCQDcjqTdogQ9i5odfz8CbTjdf9LdBWMvapt7PER5pVNQ36x9gLR60RXNRdlJqoRALH6SgKwkapSjmMdiw1eZh23UAr6C3Yjzrq2nheLqlbWcRBkM0w0lRtx4X4EcgdQk6LicqqKbOljPCyDPfQdkfYiTe6uA-_lyqXjsQXvOkzDUlmXGFWenqoPd_4iDdihyMGpf-u5Ueok1yEFgJ-7ma2qbjIeL49p8QrPw8aqnPwhrU6Cvge_3OFk_-xnE5guUBDkiseO74cWSDWvHvLbsXvWmr9Uq3wWWYP-a9e3nf4KwYXytMocjUDrZfHoNBLhWjeJn2SMki6SR7uSa9Qxzj4tPRXPCG1QUR9MtNt62R8aU4 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://raovat49.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame FB13	0 20 B	168ms 167ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=935096077948&version=m202309260101&ct=77&x=1&cor=11344637135888734000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame FB13	42 B 64 B	175ms 174ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuofvMP-HnfYHPWmRv5b_ngQKxFsCt3rfA8cUGC7ZEVb_XrMHvw7aYIY5Zih5XhvJF7-KgLQeUrY3RjX6DrkRvgddTsoDXRWjV78GX2myIefHwJWy6nCsXoMsEmjHXvkGmHUHE3aKnQBNE&sai=AMfl-YSHnnfen52lNqv54UqiOWuTGPmxyXvEV-1a_nCah0AuYJLuD_pvwie0B9r8pHYGNzu3OismDr-pAAuJzA4Jw_1wBbJTf2RLePvXy-M-T8SfWYDq3jw3c_GnJj6Qr767wTR4acYYRydtfvgHwZFm&sig=Cg0ArKJSzGia9iSf2R1-EAE&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170653998500&rst=1706539984740&rpt=536&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 14DC	0 20 B	168ms 167ms	Ping image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6825033459227&version=m202309260101&ct=77&x=1&cor=4333941170271662000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:06 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 14DC	42 B 64 B	175ms 174ms	Fetch image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss68ryfnBi4W1ByrT2H-gGQKz2HFRavmfaY-LJ_MOla70RD7TdTDQLA_Q2_TF149QvoCCtu_8aAsc3t5hX62W4_C2q-FLeAm5dHl_0PUYLipnNQ2iGwEIwmizo8Gc2ZxCjr-glk34MCpY8&sai=AMfl-YQ47bHrgJR1-OoBO_W6hKGUI_LMkzRVv8fLyPbfwrIDpudyip9kPIFc2ulxJoRiX4Zr_MTODitKGF2_feOUZ5TiHMd9lw8wpgQPF9c4EF7kNyMDaH0idmTM64FCI4hgomk311DRlumC0tCGAZu2&sig=Cg0ArKJSzEa9URKqhP0XEAE&cid=CAQSTgAvHhf_MpzlmVUf76Y5YEOHHT_fdn1CFTNz8dIxd97K6bdkJhCnRZsp9HLD59JfyRMjzi94NkuENhuKgDq1LpIGFzLKlSy2_svq15AzMRgB&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170653998500&rst=1706539984758&rpt=613&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-CH,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:06 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	viewability Show response hal900020.redintelligence.net/ Frame 2059	0 150 B	74ms 26ms	Script text/html	178.63.52.121 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal900020.redintelligence.net/viewability?s=25254400118535004438272012584020&a=8f7a0c1c&vb=v Requested by Host: hal900020.redintelligence.net URL: https://hal900020.redintelligence.net/request_content.php?s=25254400118535004438272012584020&a=e026f910 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 178.63.52.121 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.121.52.63.178.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://hal900020.redintelligence.net/request_content.php?s=25254400118535004438272012584020&a=e026f910 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	viewability Show response hal90006.redintelligence.net/ Frame 1574	0 150 B	72ms 25ms	Script text/html	138.201.63.164 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://hal90006.redintelligence.net/viewability?s=83794000117851504438272012584006&a=81eb6cee&vb=v Requested by Host: hal90006.redintelligence.net URL: https://hal90006.redintelligence.net/request_content.php?s=83794000117851504438272012584006&a=0022a19b Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 138.201.63.164 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.164.63.201.138.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-CH,de;q=0.9 Referer https://hal90006.redintelligence.net/request_content.php?s=83794000117851504438272012584006&a=0022a19b User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 29 Jan 2024 14:53:06 GMT Server Apache Connection close Content-Length 0 Content-Type text/html; charset=UTF-8
POST H2	200	/ a1.adform.net/serving/unload/ Frame 1B04	35 B 600 B	31ms 31ms	Ping image/gif	37.157.3.26 ADFORM
General Check archive.org Show headers Download Go to Full URL https://a1.adform.net/serving/unload/?version=15&unload=1889972886217193987@@70055959,622305259076678580,100|1199|0|0|0|0|0|0|0||41|1|||||1|0|0|rJMaf4uTukdcPlakbYq96Q9PU-rAh3nLIxjkLMAwuQVu1plCDXbWh655XJEIBmke0|||11||0|0| Requested by Host: s1.adform.net URL: https://s1.adform.net/stoat/631/s1.adform.net/bootstrap.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.3.26 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS Software nginx / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://googleads.g.doubleclick.net/ accept-language de-CH,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 29 Jan 2024 14:53:07 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET, POST content-type image/gif access-control-allow-origin https://googleads.g.doubleclick.net p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type, Cache-Control, Accept-Encoding, X-Requested-With expires -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

news.google.com

URL

https://news.google.com/swg/_/api/v1/publication/CAows8OlDA/article