eva.vn Open in urlscan Pro
125.212.247.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://eva.vn/
Effective URL:
https://eva.vn/
Submission Tags: tranco_l324
Submission: On November 01 via api (November 1st 2021, 2:01:07 am UTC) from DE — Scanned from DE

Summary HTTP 371 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 60 IPs in 14 countries across 51 domains to perform 371 HTTP transactions. The main IP is 125.212.247.2, located in Ho Chi Minh City, Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is eva.vn.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on October 12th 2021. Valid for: a year.

This is the only time eva.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	125.212.247.2 125.212.247.2	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	103.161.22.132 103.161.22.132	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
31	103.151.240.3 103.151.240.3	135905 (VNPT-AS-V...) (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP)
65	64.185.232.226 64.185.232.226	18450 (WEBNX) (WEBNX)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	125.212.247.127 125.212.247.127	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 3	13.225.87.89 13.225.87.89	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	125.212.247.143 125.212.247.143	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 12	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.136.143.222 18.136.143.222	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2 2	54.171.104.28 54.171.104.28	16509 (AMAZON-02) (AMAZON-02)
2	63.35.110.131 63.35.110.131	16509 (AMAZON-02) (AMAZON-02)
20 25	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
10 23	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
53	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
10	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 4	108.128.92.179 108.128.92.179	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 5	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2 2	213.155.156.183 213.155.156.183	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
13	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
4 4	34.248.204.54 34.248.204.54	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.139.115 185.86.139.115	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
3 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:d29... 2a05:d018:d29:3601:98f2:3ed0:65d:a543	16509 (AMAZON-02) (AMAZON-02)
2 3	18.184.28.154 18.184.28.154	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 2	52.46.133.124 52.46.133.124	16509 (AMAZON-02) (AMAZON-02)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 2	54.174.249.39 54.174.249.39	14618 (AMAZON-AES) (AMAZON-AES)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
371	60

2 125.212.247.2 (Ho Chi Minh City, Viet Nam) 1 redirects

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

eva.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.161.22.132 (None, )

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

cdn.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 103.151.240.3 (None, )

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)

cdn.eva.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 64.185.232.226 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-232-226.static.webnx.com

image-us.eva.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 125.212.247.127 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

thongke.24h.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.87.89 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-89.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 125.212.247.143 (Ho Chi Minh City, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

search.24hstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.33.221.13 (Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.143.222 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-143-222.ap-southeast-1.compute.amazonaws.com

api.pushdi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.104.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-104-28.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.110.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-110-131.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 142.250.185.162 (United States) 20 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2.18.234.21 (Ascension Island) 10 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.128.92.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-92-179.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.4.40 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.183 (Ascension Island) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-183.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.248.204.54 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-204-54.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.79.83.225 (Canada) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (Seattle, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.140.199 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:98f2:3ed0:65d:a543 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.28.154 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-28-154.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Sweden)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.133.124 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (Albuquerque, United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.249.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-249-39.compute-1.amazonaws.com

um2.eqads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	eva.vn 1 redirects eva.vn cdn.eva.vn image-us.eva.vn	1 MB
76	googlesyndication.com 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	461 KB
53	2mdn.net s0.2mdn.net	1 MB
50	doubleclick.net 20 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	312 KB
22	casalemedia.com 10 redirects htlb.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	20 KB
20	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	47 KB
13	adnxs.com 5 redirects ib.adnxs.com acdn.adnxs.com	42 KB
11	google.com ampcid.google.com analytics.google.com www.google.com adservice.google.com	3 KB
6	criteo.com 2 redirects gum.criteo.com bidder.criteo.com mug.criteo.com dis.criteo.com	7 KB
6	googletagservices.com www.googletagservices.com	210 KB
5	adform.net 3 redirects c1.adform.net	2 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
4	adsrvr.org 3 redirects match.adsrvr.org	2 KB
4	bidr.io 4 redirects match.prod.bidr.io	2 KB
4	demdex.net 2 redirects skydeutschland.demdex.net	4 KB
4	adsafeprotected.com 2 redirects pixel.adsafeprotected.com static.adsafeprotected.com	929 B
4	google.de www.google.de ampcid.google.de adservice.google.de	2 KB
3	bidswitch.net 2 redirects x.bidswitch.net	2 KB
3	onaudience.com 3 redirects pixel.onaudience.com	1 KB
3	openx.net 2 redirects us-u.openx.net	829 B
3	google-analytics.com www.google-analytics.com	21 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	criteo.net static.criteo.net	39 KB
3	24h.com.vn cdn.24h.com.vn thongke.24h.com.vn 24h.com.vn Failed	42 KB
2	eqads.com 1 redirects um2.eqads.com	563 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	892 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	748 B
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	indexww.com js-sec.indexww.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com	43 KB
2	exactag.com m.exactag.com	2 KB
2	teads.tv sync.teads.tv	344 B
2	facebook.com www.facebook.com	14 KB
1	deepintent.com match.deepintent.com	44 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	sitescout.com 1 redirects pixel-sync.sitescout.com	337 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	turn.com 1 redirects ad.turn.com	518 B
1	mookie1.com odr.mookie1.com	324 B
1	simpli.fi um.simpli.fi	611 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	pushdi.com api.pushdi.com	1 KB
1	24hstatic.com search.24hstatic.com	602 B
1	googleapis.com imasdk.googleapis.com	123 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
0	quantserve.com Failed pixel.quantserve.com Failed
371	51

	Domain	Requested by
65	image-us.eva.vn	eva.vn
53	s0.2mdn.net	eva.vn s0.2mdn.net 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
43	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
31	cdn.eva.vn	eva.vn image-us.eva.vn cdn.eva.vn
27	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com s0.2mdn.net
25	cm.g.doubleclick.net	20 redirects googleads.g.doubleclick.net
19	dsum-sec.casalemedia.com	10 redirects googleads.g.doubleclick.net um2.eqads.com
12	ib.adnxs.com	5 redirects image-us.eva.vn googleads.g.doubleclick.net acdn.adnxs.com
10	googleads4.g.doubleclick.net	eva.vn
10	googleads.g.doubleclick.net	414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com eva.vn
8	simage2.pubmatic.com	ads.pubmatic.com
7	www.google.com	eva.vn tpc.googlesyndication.com 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
6	414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	eva.vn 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
5	image2.pubmatic.com	ads.pubmatic.com
5	c1.adform.net	3 redirects ads.pubmatic.com ssum-sec.casalemedia.com
4	match.adsrvr.org	3 redirects ssum-sec.casalemedia.com
4	match.prod.bidr.io	4 redirects
4	skydeutschland.demdex.net	2 redirects 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
3	x.bidswitch.net	2 redirects ssum-sec.casalemedia.com
3	pixel.onaudience.com	3 redirects
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.google-analytics.com	eva.vn www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects eva.vn
3	static.criteo.net	eva.vn
2	um2.eqads.com	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	pr-bh.ybp.yahoo.com	ads.pubmatic.com ssum-sec.casalemedia.com
2	ups.analytics.yahoo.com	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	d5p.de17a.com	2 redirects
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	ads.pubmatic.com	image-us.eva.vn ads.pubmatic.com
2	js-sec.indexww.com	image-us.eva.vn ssum-sec.casalemedia.com
2	cdnjs.cloudflare.com	s0.2mdn.net
2	m.exactag.com	414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	static.adsafeprotected.com	414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
2	pixel.adsafeprotected.com	2 redirects
2	bidder.criteo.com	image-us.eva.vn static.criteo.net
2	gum.criteo.com	1 redirects static.criteo.net
2	www.facebook.com	eva.vn www.facebook.com
2	www.google.de	eva.vn
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	thongke.24h.com.vn	eva.vn
2	eva.vn	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	match.deepintent.com	ssum-sec.casalemedia.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	odr.mookie1.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	rtb-csync.smartadserver.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	acdn.adnxs.com	image-us.eva.vn
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	api.pushdi.com	cdn.eva.vn
1	mug.criteo.com
1	hbopenbid.pubmatic.com	image-us.eva.vn
1	htlb.casalemedia.com	image-us.eva.vn
1	search.24hstatic.com	eva.vn
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	imasdk.googleapis.com	eva.vn
1	www.googletagmanager.com	eva.vn
1	cdn.24h.com.vn	eva.vn
0	pixel.quantserve.com Failed	ads.pubmatic.com
0	24h.com.vn Failed	cdn.24h.com.vn
371	81

This site contains links to these domains. Also see Links.

Domain
shopee.vn
yoosun.vn
hanhphuccuabanmaugi.eva.vn
www.facebook.com
www.thaoduocgiatruyenvn.top
uxotucung.online
khohan.info
roiloanphattrien.online
baogia.eva.vn
www.google.com
www.dmca.com

Subject Issuer	Validity	Valid
*.eva.vn DigiCert SHA2 Secure Server CA	`2021-10-12` - `2022-11-12`	a year	crt.sh
*.24h.com.vn DigiCert SHA2 Secure Server CA	`2021-10-12` - `2022-11-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-10` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.24hstatic.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-24` - `2022-08-25`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pushdi.com Amazon	`2021-03-26` - `2022-04-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
um3.eqads.com Amazon	`2021-06-26` - `2022-07-25`	a year	crt.sh

This page contains 42 frames:

Primary Page: https://eva.vn/
Frame ID: FA011661B916AF2748C2E432F773BE03
Requests: 141 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fevavietnam%2F&tabs=timeline&width=460&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Frame ID: E6D3D7AAAE3AE7BAC8F106D5C514E80E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eva.vn
Frame ID: D71FA96DBB306831D429FA6BA3E7368A
Requests: 2 HTTP requests in this frame

Frame: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0017391BDBE446D8927D1786DE571342
Requests: 1 HTTP requests in this frame

Frame: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58A5C2E3B4ACDA24A2786AFC5BA9F893
Requests: 15 HTTP requests in this frame

Frame: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 81A4AE8BDCDDA7A594B0AD21CF16CFB1
Requests: 15 HTTP requests in this frame

Frame: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 89356FEBED5F1E520D217CC4439FD2C1
Requests: 18 HTTP requests in this frame

Frame: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0A4565EDEFD8D2197127ECE8B0DC6800
Requests: 15 HTTP requests in this frame

Frame: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BFCBE2B3CC0232270A07D53C80F1ED83
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6012C6E0025356FD0A64DB6393ADCA64
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC8D9C9C3C91039E9D9F2E61ED512EEC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNWgUevlXLvgqRJBA7-JEPkOMPTgQtYD7xelvNuhYLCPAj41muznr7ZPgnHecDmCGwGsRJ81hst2otmHO-80aQv4x8EvmL3EbHgSPqHS54mlAsI2KaAyk9ZgatkfIqHpREZZId2nPuH0EMp0naw7ulrJooSbHsb3rH-094jEslAwyDr7BI4
Frame ID: 6F9705C508FFE76A150F5C9D39E57F36
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSL-rQBMAE&v=APEucNXszRJ7QYe-YAyrz7Rfo7CKeNAweap_XIu72QsItDz0j3eSLfzdmWGM2aYJ4hMKCxVju4cagsnIaUnpkoKc-THVnkDSW1t8a1fFeGKEFC4BemHZCaHREFM-vqYXNC6RFI57MLaB8V8vH-0zkHkXZ4If_TlM2NLqR5yI20iKI_p05NELjZI
Frame ID: 1A610EA2A96B7CD747A80A6C278B5FDC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNUjYlVTTzLkp20cB4GreL452E4310kKZIs3HmZhcc77SCWdU7QjRmxWnigzIOCPSP_86V84NTToEVwaNTvXUlwbReph0zMHJhMheL_j9goFq7k3sIsK92yXU8jnWQzlLleOjef9-7sw2fzqr3e7SaleYq9bAl_nchhFVY0GkIO6WO4O_Wg
Frame ID: A4020A99428332817DE37003C3085654
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNVtYYXtnM6N9BdVPDVnZ84nrXx-rHa2T_BxGUkTAM2xUHMmPpgFO6f5ch2Ms2e6hAkHxCOkYqixovogqfm98ggNCLwiFZ3gHMagHMHwnUh5zv_ugT7Qq0p3alApyrt1rhxA9YDaDuBZBrZeLTV-ChXUprKK1810KmbcQkqo_jDGNoep-H0
Frame ID: 5389A1E0645BBCB56F7ED5BC21EC938C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNVq1WW8ecX1Mha5_07rbRjZ9jedddG-9C6aVvfF3G9jXP-hVvpuJPllOOfkzzBZsakfZXlrTWJVivC0FBwmHr8MBx3Kn6UpVmwcZADtpXBaMLC_LldhStCkDNU0RoW6vrDujqSA5kPWJnWLv_4gUD0_8WdJrqnCVtkbG0ffOCHvHV0_R5U
Frame ID: 53B75DE49B1C779DB3E2485C68A86BFE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
Frame ID: F93E53711118DB5BAB6078CC90DFFA84
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
Frame ID: 991918595D1A220947D75BEF6A6AE57E
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
Frame ID: 72233E3B2DBDC651C3F65E0A29F1D516
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
Frame ID: 729EF602ADE6FF790EA6FB45EAB0DD11
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
Frame ID: 110795B35853189C76540D47EC8FF3F9
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F36E279754DADA5C150D532B5C0E70B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 767AD7A6126081D61CDD84FA97854FA8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 251220194EC33D18EF24D9003C3921CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4F0453A13C70B7BFAFD95FFBAB980D90
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0637ED123683631E985D2B3BBB1E327C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Frame ID: C9C844349D0764C38968035CAE790CAA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Frame ID: 624F1ADF367B22DD3FA1B6F70DF66363
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Frame ID: A91A302E8054C18985DDF0E5F72F0A50
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Frame ID: A17DF3FBA9760957AF6A9E70D78750B9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js
Frame ID: 4DB18E4AA8A5E686EF42CF69F78200B5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DF1285AC3B3D6F9CA79AF59AF5C78E38
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 1CC76B7705673CA9DFD3B99B8B5BB1FE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Frame ID: B2455194BF77F07249AD0F0C94714F3C
Requests: 21 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1DD5C7488503810D338EF05494872926
Requests: 9 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C
Frame ID: B9B04E7CD9A88DDD2EF1145D166893CD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2307728982308196415
Frame ID: B9B5A7C3C62CCDDAB25706851BA5293F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B30868621178D0B3ECD445A54833A1FA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025415707019442317
Frame ID: E7CA7CC50E085219BE11388C31A691AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YX9KXQABKAMLMwBR&gdpr=0&gdpr_consent=&_test=YX9KXQABKAMLMwBR
Frame ID: EE3B23C5ADD66098E6E6D8FBF3F4695E
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL2yU7C_pUAABrB5bJB7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 7C4B4F73317DBD96FC138AF016703AEE
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: C0168D6424EFBCE605499E9BA52E88D9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tin tức PHỤ NỮ - Bà bầu - Làm mẹ - Làng sao - Thời trang - Bếp eva

Page URL History Show full URLs

http://eva.vn/ HTTP 301
https://eva.vn/ Page URL

Page Statistics

371
Requests

87 %
HTTPS

32 %
IPv6

51
Domains

81
Subdomains

60
IPs

14
Countries

4283 kB
Transfer

9912 kB
Size

78
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://shopee.vn/starkombucha?smtt=9&utm_campaign=s218106617_ss_vn_othr_eva&utm_content=&utm_medium=seller&utm_source=eva

Search URL Search Domain Scan URL

URL: https://yoosun.vn/

Search URL Search Domain Scan URL

URL: https://hanhphuccuabanmaugi.eva.vn/
Title: Cuộc thi: Hạnh phúc của bạn màu gì?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/evavietnam/videos/727962038598723
Title: Talkshow: Học sinh học trực tuyến & trở lại trường sau giãn cách

Search URL Search Domain Scan URL

URL: https://www.thaoduocgiatruyenvn.top/benh-li-ve-mat1

Search URL Search Domain Scan URL

URL: https://uxotucung.online/chia-se/u-xo-tu-cung-kich-thuoc-66mm-89mm-phai-lam-sao-de-cai-thien-xem-cau-chuyen-cua-nhung-chi-em-tai-day.html?utm_source=Eva-Tindungbolo2-MobilePc&utm_medium=CPD&utm_campaign=NPK-UX

Search URL Search Domain Scan URL

URL: https://khohan.info/nhe-nhang-vuot-qua-giai-doan-tien-man-kinh-khong-lo-boc-hoa-kho-han-lao-hoa-nguoi-phu-nu-u65-cong-tac-trong-nganh-y-te-chia-se-bi-quyet/?utm_source=Eva-Tindungbolo2-MobilePc&utm_medium=CPD&utm_campaign=SPC

Search URL Search Domain Scan URL

URL: https://roiloanphattrien.online/tre-cham-noi-tang-dong-bi-quyet-giup-con/?utm_source=Eva-Tindungbolo2-MobilePc&utm_medium=CPD&utm_campaign=VNK

Search URL Search Domain Scan URL

URL: http://baogia.eva.vn/
Title: Giới thiệu

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/T%C3%B2a+nh%C3%A0+Geleximco/@21.0187654,105.8219355,17z/data=!4m8!1m2!2m1!1zVOG6p25nIDE2LCBUb8OgIG5ow6AgR2VsZXhpbWNvICwgMzYgSG_DoG5nIEPhuqd1ICBQaMaw4budbmcgw5QgY2jhu6MgROG7q2EsIFF14bqtbiBE4buRbmcgxJBhLCBUUCBIw6AgTsO0aQ!3m4!1s0x3135ab799bb775eb:0xc7920b9cbacc3445!8m2!3d21.0191409!4d105.8242289
Title: XEM BẢN ĐỒ

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/402+Nguy%E1%BB%85n+Th%E1%BB%8B+Minh+Khai,+Ph%C6%B0%E1%BB%9Dng+5,+Qu%E1%BA%ADn+3,+H%E1%BB%93+Ch%C3%AD+Minh,+Vi%E1%BB%87t+Nam/@10.771852,106.6849971,17z/data=!3m1!4b1!4m5!3m4!1s0x31752f23395e73d7:0xdbc7da126db3106d!8m2!3d10.7718467!4d106.6871858
Title: XEM BẢN ĐỒ

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=beadc7dd-b150-496e-948e-fdb97a8bf1f0&refurl=https://eva.vn/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eva.vn/ HTTP 301
https://eva.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://sb.scorecardresearch.com/b?c1=2&c2=9634358&ns__t=1635732054992&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&c7=https%3A%2F%2Feva.vn%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1635732054992&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&c7=https%3A%2F%2Feva.vn%2F&c9=

Request Chain 128

https://gum.criteo.com/sid/json?origin=publishertag&domain=eva.vn&sn=ChromeSyncframe&so=0&topUrl=eva.vn&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=D7EJqnw4aGJtRGhqRGRBcWJEenRWNFh1N1FRdWpManZ0YUZqTmUzczJUMmJWMTc1NzBLejJUa3pXN01IeWRveUlUNmdxZHN1eGtwcnIrSmVhMytGVjE0elhkaEpMc0FCTTRQVXBYS0xnaGRiZTBwcDloSXFDUTAxTmxuaE5rS2lsQzVlaGFMZEdlTEFCc1FhY2dJMGsyMEdvOXJ2SWp2aG9HM0x4TWYySTlpS29XUFR2SGkxbGxqZHBqTXp0RlBIMEYvUDJETTdNZDZ3WENjUWFRVFRnUkhiTTJsOHhUdnpZZ3hNYXJZY2kzdzNhUWk4aWxoajlYalJ2YnZ1QjhFeHJrZUYraThRd2RZd0szYnBDdis4MFBaUlNZUT09fA&cppv=2

Request Chain 162

https://pixel.adsafeprotected.com/rfw/st/826939/57461185/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 177

https://pixel.adsafeprotected.com/rfw/st/826939/57461187/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 189

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

Request Chain 190

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Request Chain 192

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1

Request Chain 201

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Request Chain 203

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

Request Chain 208

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

Request Chain 209

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Request Chain 210

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjRbWqZ4l4S2iPVDra_vIE&google_cver=1

Request Chain 215

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJiOWMxYzEtN2NlMi0yOWMxLWRiNmEtYjgwMzUxNmIxODhj

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFdwmFtKadDDcAcvGZae9sc&google_cver=1

Request Chain 233

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=314412467&d_campaign=26570076&d_bust=2647866862&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=314412467&d_campaign=26570076&d_bust=2647866862&gdpr=&gdpr_consent=

Request Chain 236

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=1128751116&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=1128751116&gdpr=&gdpr_consent=

Request Chain 340

https://c1.adform.net/serving/cookie/match?party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C

Request Chain 341

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2307728982308196415

Request Chain 342

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 343

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025415707019442317

Request Chain 344

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YX9KXQABKAMLMwBR HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YX9KXQABKAMLMwBR&gdpr=0&gdpr_consent=&_test=YX9KXQABKAMLMwBR

Request Chain 345

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMMnlVN0NfcFVBQUJyQjViSkI3Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAL2yU7C_pUAABrB5bJB7g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAL2yU7C_pUAABrB5bJB7g&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL2yU7C_pUAABrB5bJB7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 346

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7wZ4hfzVRe6p1z-LfIkkHA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 347

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0d68617f-4a5d-4600-844a-dcf48e180c0b

Request Chain 348

https://pixel.onaudience.com/?partner=214&mapped=EF067885-FCD5-45EE-A9D7-3F8B7C89241C HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
https://pixel.onaudience.com/?partner=147&mapped=e4a49dcc-049d-49d1-a46e-aa2c760eafe3&icm HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b372b3f9498e7f934c983321d0853e99 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=f40796b1f77e8e0f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=121c8b14-63f9-4552-4734-066cc8911c7c&reqId=1a125002-f806-4675-431a-daa79f94c3c7&zcluid=f40796b1f77e8e0f&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEJ2JTrd-GUmtfaiyQrv346k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=121c8b14-63f9-4552-4734-066cc8911c7c&reqId=1a125002-f806-4675-431a-daa79f94c3c7&zcluid=f40796b1f77e8e0f&zdid=1332

Request Chain 349

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUYwNjc4ODUtRkNENS00NUVFLUE5RDctM0Y4QjdDODkyNDFD&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMxljthDmBR43HkHNj5GhtM&google_cver=1

Request Chain 352

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&gdpr=0&gdpr_consent=

Request Chain 353

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e4a49dcc-049d-49d1-a46e-aa2c760eafe3

Request Chain 354

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2131934254887103755

Request Chain 355

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3835190029229782004&gdpr=0&gdpr_consent=

Request Chain 357

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2EIwBIRE2uUEWZOFImx7DP1VYY8GCJo-~A&gdpr=0&gdpr_consent=

Request Chain 359

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e3327bd8-a983-4f79-b0a9-3422758b2775&ssp=pubmatic&gdpr=0&gdpr_consent=

Request Chain 360

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7363570232606550533&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 362

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 363

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:44e6e0aa-aac8-48a0-a30e-07b991c3d630&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 365

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENUStkEInucmbfXLcPTyDg0&google_cver=1

Request Chain 366

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB&dcc=t

Request Chain 372

https://um2.eqads.com/um/cs HTTP 302
https://um2.eqads.com/um/cs&eq_cc=1

371 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
eva.vn/
Redirect Chain

http://eva.vn/
https://eva.vn/

526 KB
69 KB

846ms
418ms

Document
text/html

125.212.247.2
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 125.212.247.2 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Eva.vn /
Resource Hash: f2d8d67f44675c4810457429b1034974804e5715e2aba0c3f87d34c412b5c210

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: Eva.vn
date: Mon, 01 Nov 2021 02:00:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
srvid: 1
cache-control: max-age=0, no-cache, no-store

Redirect headers

content-length: 0
location: https://eva.vn/

GET
H2 200 24huidutil.min.js Show response
cdn.24h.com.vn/js/24hgatracking/fe/prod/ 111 KB
41 KB 965ms
279ms Script
application/x-javascript 103.161.22.132
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.24h.com.vn/js/24hgatracking/fe/prod/24huidutil.min.js
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.161.22.132 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9d2ec0598937938f36ae4e9d7985dc92bd509a1eac38bfae8373b0b2d96bad5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Sat, 09 Oct 2021 03:08:31 GMT
server: nginx
age: 597675
etag: W/"616107af-1bd74"
vary: Accept-Encoding
x-cache: HIT from da003.vn15.swiftserve.com:443
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Thu, 04 Nov 2021 03:59:39 GMT

GET
H2 200 open-sans-regular.woff2
cdn.eva.vn/css/fonts/2021/ 17 KB
17 KB 1115ms
326ms Font
application/font-woff2 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/open-sans-regular.woff2
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 7c67e3cbcf272fb7e468cca55016bfe23033fc1c78a51b6f3d99970437cc37e6

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320578
etag: W/"61011e9b-4234"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:57:56 GMT

GET
H2 200 open-sans-regular.woff
cdn.eva.vn/css/fonts/2021/ 21 KB
21 KB 1560ms
771ms Font
application/font-woff 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/open-sans-regular.woff
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9975ff0e6137c74a0053643791d89216fa075ac035a44382ed868098ac2f8fda

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320578
etag: W/"61011e9b-53a0"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:57:56 GMT

GET
H2 200 open-sans-bold.woff2
cdn.eva.vn/css/fonts/2021/ 17 KB
18 KB 1820ms
1032ms Font
application/font-woff2 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/open-sans-bold.woff2
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: ab139b7250a454933b83a295f629f6c56d44cf1ecac8f27c4327d167086ac9f6

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320668
etag: W/"61011e9b-4598"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:56:26 GMT

GET
H2 200 open-sans-bold.woff
cdn.eva.vn/css/fonts/2021/ 22 KB
22 KB 1685ms
897ms Font
application/font-woff 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/open-sans-bold.woff
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: d771abd4d88077f4ea515fdbbfc54c6a31280f435a362e94979a3d11a830ad65

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320668
etag: W/"61011e9b-5784"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:56:26 GMT

GET
H2 200 oswald-regular.woff2
cdn.eva.vn/css/fonts/2021/ 17 KB
18 KB 1820ms
1032ms Font
application/font-woff2 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/oswald-regular.woff2
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 62e71896e6cd8c61daf82ebf05d101d8116c95ad0fcc35dbf92edf826ec15e2d

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320662
etag: W/"61011e9b-4558"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:56:32 GMT

GET
H2 200 oswald-regular.woff
cdn.eva.vn/css/fonts/2021/ 22 KB
22 KB 1819ms
1031ms Font
application/font-woff 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/oswald-regular.woff
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: f49d026fc0dcc7589dd3558576031a8b0999e37d354be1a6e7edaaab50dc45c6

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320662
etag: W/"61011e9b-562c"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:56:32 GMT

GET
H2 200 oswald-700.woff2
cdn.eva.vn/css/fonts/2021/ 18 KB
18 KB 1820ms
1032ms Font
application/font-woff2 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/oswald-700.woff2
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 328688c89d02cf08d7c2405a2f1311ad7ca6120197ed6fee8dfa42840c9791f1

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320662
etag: W/"61011e9b-4644"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:56:32 GMT

GET
H2 200 oswald-700.woff
cdn.eva.vn/css/fonts/2021/ 22 KB
22 KB 1820ms
1032ms Font
application/font-woff 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/2021/oswald-700.woff
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: f78230b210b41eb72fe8d792d517b242ff7d9f809f262471867ac1e8d28668e0

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 09:08:43 GMT
server: nginx
age: 320662
etag: W/"61011e9b-57d4"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Sun, 07 Nov 2021 08:56:32 GMT

GET
H2 200 oswald-v16-latin_vietnamese_latin-ext-500.woff2
cdn.eva.vn/css/fonts/oswald/ 36 KB
36 KB 1820ms
1032ms Font
application/font-woff2 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/css/fonts/oswald/oswald-v16-latin_vietnamese_latin-ext-500.woff2
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: d8ba32cac09d18b1eeafd39bd4e29e3a0d077f333ed722d9df37a4e58a67c6fd

Request headers

Referer: https://eva.vn/
Origin: https://eva.vn
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
content-encoding: gzip
last-modified: Fri, 28 Sep 2018 18:01:34 GMT
server: nginx
age: 600147
etag: W/"5bae6c7e-8fb0"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 04 Nov 2021 03:18:27 GMT

GET
H/1.1 200
OK common_home_pc.min.css
image-us.eva.vn/css/ 66 KB
18 KB 781ms
303ms Stylesheet
text/css 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 398ef9e35222b839fbf95e1453c4f530d145ec2e46429c56310181235dad8956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 11:14:04 GMT
Server: 24h.com.vn
ETag: W/"61013bfc-107bd"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 68ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1030 / 750 of 1000 / last-modified: 1635545062"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27294
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 02:00:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 71ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3ET9718F65

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5fd1a25f402293e33942cbfc382bbc2d2b742b1b52138ef35b567dd2045b365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49580
x-xss-protection: 0
expires: Mon, 01 Nov 2021 02:00:55 GMT

GET
H/1.1 200
OK evaplayer_autoplay.js Show response
image-us.eva.vn/js/ 13 KB
4 KB 640ms
155ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/js/evaplayer_autoplay.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 1624661cbe512e74aa398930cc367d1c919949a4611ac909abdf9c80bb80672a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Dec 2018 06:57:04 GMT
Server: 24h.com.vn
ETag: W/"5c19ebc0-34db"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 119 KB
39 KB 72ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:53 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:27 GMT
server: nginx
etag: W/"615af4d3-1dd0f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 02 Nov 2021 02:00:53 GMT

GET
H/1.1 200
OK anh-69-1634099429-858-width640height360.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-13/extra_large/ 46 KB
46 KB 1104ms
312ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-13/extra_large/anh-69-1634099429-858-width640height360.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 226c9d8248be827fbcec15369aa01880a9747a1485ced265d8bcbfd6d2c30cd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Last-Modified: Wed, 13 Oct 2021 04:39:03 GMT
Server: 24h.com.vn
ETag: "616662e7-b626"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46630
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635724390-250-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-11-01/large/ 25 KB
26 KB 1053ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-11-01/large/1635724390-250-thumbnail-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 932e8d9d8faecf06bfa844fd478a2e09eb5eb1ddc59f2bcec782ecc793111e8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Last-Modified: Sun, 31 Oct 2021 23:54:07 GMT
Server: 24h.com.vn
ETag: "617f2c9f-65ae"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26030
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ava-1635688403-197-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/ 13 KB
13 KB 260ms
154ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/ava-1635688403-197-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 5c456738c2bcf7754ed3f680758ddfe0df21cbe2eeffc0eb3b8e3c87cdd06791

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Last-Modified: Sun, 31 Oct 2021 13:54:06 GMT
Server: 24h.com.vn
ETag: "617e9ffe-3356"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13142
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK hongdiem-1635696230-944-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/ 10 KB
10 KB 401ms
149ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/hongdiem-1635696230-944-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 77bb3dc523e7344767dfb134c5e340dcce88e381fccda8434ef44b4666d139aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Last-Modified: Sun, 31 Oct 2021 16:04:05 GMT
Server: 24h.com.vn
ETag: "617ebe75-27c4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10180
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK du_bao_thoi_tiet_pc.min.css
image-us.eva.vn/css/modules/ 3 KB
1 KB 153ms
152ms Stylesheet
text/css 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/css/modules/du_bao_thoi_tiet_pc.min.css?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 0bac27e00a2ce551658b7ff621ca93ff1a77dce92a3542a8c04bc4bd746df4ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Oct 2021 02:38:03 GMT
Server: 24h.com.vn
ETag: W/"617a0d0b-c4d"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 111.png
image-us.eva.vn/images/responsive/du_bao_tt/ 2 KB
3 KB 170ms
155ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-us.eva.vn/images/responsive/du_bao_tt/111.png

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),

Reverse DNS

64-185-232-226.static.webnx.com

Software

24h.com.vn /

Resource Hash

79a01fe77676046c41d12d7c93b16d33f1264a32bad083a515263840121aae61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Jun 2020 07:00:04 GMT
Server: 24h.com.vn
ETag: "5ef59cf4-9be"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2494
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Nov 2021 02:00:55 GMT

GET
H/1.1 200
OK 340.png
image-us.eva.vn/images/responsive/du_bao_tt/ 3 KB
3 KB 307ms
151ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-us.eva.vn/images/responsive/du_bao_tt/340.png

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),

Reverse DNS

64-185-232-226.static.webnx.com

Software

24h.com.vn /

Resource Hash

b8810362f5509e83db75bfb28196cbe078064603a802c1bc16ec4e76a69a014a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Jun 2020 07:00:04 GMT
Server: 24h.com.vn
ETag: "5ef59cf4-a2d"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2605
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Nov 2021 02:00:56 GMT

GET
H/1.1 200
OK icon_chuyen_gia_tu_van.png
image-us.eva.vn/images/2017/ 444 B
848 B 311ms
155ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-us.eva.vn/images/2017/icon_chuyen_gia_tu_van.png

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),

Reverse DNS

64-185-232-226.static.webnx.com

Software

24h.com.vn /

Resource Hash

dc4761d51d43cda5891e93dbed59f47d7409c78a6db7154ab46cb0deb941e1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 28 Sep 2018 18:00:05 GMT
Server: 24h.com.vn
ETag: "5bae6c25-1bc"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 444
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Nov 2021 02:00:56 GMT

GET
H/1.1 200
OK 1635677315-810-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/ 7 KB
7 KB 421ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/1635677315-810-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 1ce7b05ea51bce6b8a3cc3f70d37ab081aa99ac8f4b0254901056a2211f846e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 10:50:38 GMT
Server: 24h.com.vn
ETag: "617e74fe-1b1b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6939
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635672635-758-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/ 8 KB
8 KB 305ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/1635672635-758-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 0cfcb728de6c3963d8c51d5433a7ee13942e9bb2e5d3b6da3f45ba4cc6486685

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 09:32:05 GMT
Server: 24h.com.vn
ETag: "617e6295-1e33"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7731
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635664383-110-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/ 8 KB
8 KB 300ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/1635664383-110-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: edd461e6527d473ce3438ac1bec54192670aa3256dee05514a81eb674807f7b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 07:14:04 GMT
Server: 24h.com.vn
ETag: "617e423c-1f01"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7937
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635659863-193-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/ 8 KB
8 KB 169ms
156ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/1635659863-193-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 964e86255a32a489c8cbe788740b0c5d63fc932a6588ebe680d470990b3ae797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 05:58:38 GMT
Server: 24h.com.vn
ETag: "617e308e-2070"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8304
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635659528-848-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/ 10 KB
10 KB 157ms
149ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/thumbnail/1635659528-848-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: d25a7dedadc4c94d42538bd31a5df7bdaf8924a637fa70cc6b2cd82af066657b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 05:52:39 GMT
Server: 24h.com.vn
ETag: "617e2f27-27cd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10189
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635106185-269-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-25/thumbnail/ 10 KB
10 KB 160ms
160ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-25/thumbnail/1635106185-269-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 22111c2e71374c2e178d66ca40ba9c2a97a0c0f092bdd486a77d4ad64b289aca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 24 Oct 2021 20:23:17 GMT
Server: 24h.com.vn
ETag: "6175c0b5-27db"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10203
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635582617-16-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 8 KB
8 KB 154ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635582617-16-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 14932cba017679b8431406b01671159782890f6953eb37ebf78d4d2dd45d2a38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 08:32:38 GMT
Server: 24h.com.vn
ETag: "617d0326-1f94"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8084
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635582699-987-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 10 KB
10 KB 152ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635582699-987-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 00dfda55da56681fd3d29df521696909a3ececbdc763890abb314fb86a9ae082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 08:32:38 GMT
Server: 24h.com.vn
ETag: "617d0326-274a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10058
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK video-1635594513-501-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 9 KB
9 KB 153ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/video-1635594513-501-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a0b0cff4bae393a5b94efb1c91f993736f339333e16bb6edcb9bcfd14f7269b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 11:48:40 GMT
Server: 24h.com.vn
ETag: "617d3118-22ef"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8943
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635583372-87-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 6 KB
7 KB 149ms
149ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635583372-87-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: caeaa6ccd0b218c39a5f0641be9aa26295385751fd0428c89e86141087a2aefd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 08:44:05 GMT
Server: 24h.com.vn
ETag: "617d05d5-192e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6446
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635582823-780-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 8 KB
8 KB 155ms
155ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635582823-780-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: b3e700020820fde9e293f3e87e16007297e0a180ab709c71e0b16ee2e988ba9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 08:34:38 GMT
Server: 24h.com.vn
ETag: "617d039e-1f4b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8011
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635581872-243-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 6 KB
6 KB 159ms
159ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635581872-243-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 249613eac2c65b7e1270724d79de0e03882a03ea555bf98e159d2b87ece31741

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 08:18:38 GMT
Server: 24h.com.vn
ETag: "617cffde-177a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6010
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635574627-500-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 8 KB
9 KB 154ms
154ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635574627-500-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 2edef65105d38b45e2b13a402864e8550bbb3e294b1e0e11123aa595548f451f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 06:18:05 GMT
Server: 24h.com.vn
ETag: "617ce39d-20bf"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8383
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635573981-135-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 8 KB
8 KB 152ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635573981-135-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: ac42041ccb3443e77a059d17c8a9a4c76ac3ef9a3a2d35e89d522ad59a62f7bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 06:07:56 GMT
Server: 24h.com.vn
ETag: "617ce13c-1f3b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7995
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635491499-593-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/ 9 KB
10 KB 153ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/1635491499-593-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 7b4412c5a0647a80bad307acc2ef1b8d358a421b9a58d1e43d14e16a68377708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Fri, 29 Oct 2021 07:12:38 GMT
Server: 24h.com.vn
ETag: "617b9ee6-25e9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9705
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635491760-269-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/ 7 KB
7 KB 148ms
148ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/1635491760-269-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a0a3ebab6da33110881c71f2f3c83a4bf38ccbfe420ebf826bc1c6f0270e470b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Fri, 29 Oct 2021 07:18:05 GMT
Server: 24h.com.vn
ETag: "617ba02d-1b3f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6975
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635491916-352-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/ 7 KB
7 KB 156ms
155ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/1635491916-352-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 878e13c0e0412cc5cbf28d7808487697bf3554cd91832a901702c7ba9eaddc4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Fri, 29 Oct 2021 07:20:40 GMT
Server: 24h.com.vn
ETag: "617ba0c8-1b86"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7046
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635491396-760-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/ 7 KB
7 KB 160ms
160ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/1635491396-760-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: f1c66f438abd7f8ca6dfa1e780fcf4d708e88ddfd8074636e7b05f7878884c36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Fri, 29 Oct 2021 07:10:38 GMT
Server: 24h.com.vn
ETag: "617b9e6e-1b5b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7003
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635491627-359-thumbnail-width400height224.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/ 5 KB
5 KB 153ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-29/thumbnail/1635491627-359-thumbnail-width400height224.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: b1965205fda1e8257cfdc4dd61dc2517362249fd4fc2812efa0a138523425917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Fri, 29 Oct 2021 07:16:04 GMT
Server: 24h.com.vn
ETag: "617b9fb4-1334"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4916
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found logo-eva-1634042106-671-width168height100.png
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 598ms
148ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/logo-eva-1634042106-671-width168height100.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 404
Not Found logo-star-kombucha-1634042106-837-width100height79.png
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 158ms
155ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/logo-star-kombucha-1634042106-837-width100height79.png?xcv
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 404
Not Found logo-partner-1634042106-468-width118height48.png
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 622ms
156ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/logo-partner-1634042106-468-width118height48.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 404
Not Found image_dai_dien_giftext_su-kien-1634042106-331-width183height90.gif
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 294ms
149ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/image_dai_dien_giftext_su-kien-1634042106-331-width183height90.gif
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK hand-ico-thdbl.png
image-us.eva.vn/images/responsive/ 2 KB
3 KB 152ms
151ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-us.eva.vn/images/responsive/hand-ico-thdbl.png

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),

Reverse DNS

64-185-232-226.static.webnx.com

Software

24h.com.vn /

Resource Hash

b343bd580282a92cb70e7331cc98c4b62d93645bc001ecd5b4ba9010833e6318

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 29 Jan 2021 11:00:04 GMT
Server: 24h.com.vn
ETag: "6013eab4-991"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2449
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Nov 2021 02:00:56 GMT

GET
H/1.1 200
OK icon-bell-header-eva.png
image-us.eva.vn/images/responsive/ 257 B
661 B 152ms
151ms Image
image/png 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-us.eva.vn/images/responsive/icon-bell-header-eva.png

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),

Reverse DNS

64-185-232-226.static.webnx.com

Software

24h.com.vn /

Resource Hash

4a9eb52e1d73d6b2edc0aac01bf5fa9f52cf74ecdc6117315a6947b9da8a0bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 27 Aug 2020 04:00:04 GMT
Server: 24h.com.vn
ETag: "5f472fc4-101"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 257
X-XSS-Protection: 1; mode=block
Expires: Tue, 02 Nov 2021 02:00:56 GMT

GET
H2 200 footer-logo.png
cdn.eva.vn/images/responsive/ 3 KB
3 KB 1515ms
850ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-logo.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 3cefc5095d970c07ec75fc2a1e0761424d3698c44a68ac476026ef62fee69e8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:42:59 GMT
server: nginx
age: 320652
etag: "5d075293-c6d"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 3181
expires: Sun, 07 Nov 2021 08:56:43 GMT

GET
H2 200 footer-map-icon.jpg
cdn.eva.vn/images/responsive/ 1 KB
1 KB 1722ms
1058ms Image
image/jpeg 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-map-icon.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 294f0ae5923dd66d94f0d74c7556237bf550b2b341071ad8094ac1be0c363fed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:42:59 GMT
server: nginx
age: 320652
etag: "5d075293-523"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1315
expires: Sun, 07 Nov 2021 08:56:43 GMT

GET
H2 200 footer-mail-copy.jpg
cdn.eva.vn/images/responsive/ 1 KB
1 KB 1395ms
731ms Image
image/jpeg 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-mail-copy.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 50993e08dc0e237255e82ba2f3861da255753d3f48511f745abe605fba26ee95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:42:59 GMT
server: nginx
age: 320652
etag: "5d075293-52f"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1327
expires: Sun, 07 Nov 2021 08:56:43 GMT

GET
H2 200 footer-phone.jpg
cdn.eva.vn/images/responsive/ 1 KB
1 KB 1723ms
1059ms Image
image/jpeg 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-phone.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: edf5fedbad94ac6046aace9a3b873f6db378d6085dfcaeef481d6440385ec81d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:43:00 GMT
server: nginx
age: 320652
etag: "5d075294-51c"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1308
expires: Sun, 07 Nov 2021 08:56:43 GMT

GET
H2 200 footer-24h.png
cdn.eva.vn/images/responsive/ 5 KB
5 KB 1515ms
851ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-24h.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 33c8ce27047cd637889b270e93eddb2a09c227811b9bac5d7a1cb1c02c14c9d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:42:59 GMT
server: nginx
age: 320652
etag: "5d075293-132e"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4910
expires: Sun, 07 Nov 2021 08:56:43 GMT

GET
H2 200 dmca_protected_sml_120m.png
cdn.eva.vn/js/js_outsite/ 1 KB
2 KB 1721ms
1057ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/js/js_outsite/dmca_protected_sml_120m.png?ID=beadc7dd-b150-496e-948e-fdb97a8bf1f0
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 7aa3edd457d03ef9369a8500e6ce97a95e33f66e4de8ba161763cf75a5adf01d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Fri, 28 Sep 2018 17:49:04 GMT
server: nginx
age: 320652
etag: "5bae6990-5b3"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1459
expires: Sun, 07 Nov 2021 08:56:43 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
cdn.eva.vn/js/js_outsite/ 465 B
563 B 1721ms
1058ms Script
application/x-javascript 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/js/js_outsite/DMCABadgeHelper.min.js
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Sat, 22 Jun 2019 19:01:02 GMT
server: nginx
age: 31
etag: "5d0e7aee-1d1"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 465
expires: Mon, 01 Nov 2021 02:01:24 GMT

GET
H/1.1 200
OK eva-analytics.min.js Show response
thongke.24h.com.vn/eva-analytics/ 797 B
787 B 1671ms
211ms Script
text/javascript 125.212.247.127
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://thongke.24h.com.vn/eva-analytics/eva-analytics.min.js?ver=2021
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 125.212.247.127 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: 24h.com.vn /
Resource Hash: 46ab3931903617bedce67bb2693579a9a066840c7ab21e2c3993caa4150d2490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Dec 2019 11:27:57 GMT
Server: 24h.com.vn
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: private
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 21 Dec 2032 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
cdn.eva.vn/js/ 95 KB
96 KB 1521ms
851ms Script
application/x-javascript 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/js/jquery.min.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Fri, 28 Sep 2018 17:49:03 GMT
server: nginx
age: 51
etag: "5bae698f-17b8b"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 97163
expires: Mon, 01 Nov 2021 02:01:04 GMT

GET
H/1.1 200
OK prebid5.17.0_eva.js Show response
image-us.eva.vn/upload/eva_js_library/ 272 KB
94 KB 302ms
301ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 4c405f393d832e78171dfa6789d334bdce0fc5050aeae89d2a744e175184ae97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Oct 2021 04:39:06 GMT
Server: 24h.com.vn
ETag: W/"616662ea-43f31"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK common_pc.min.js Show response
image-us.eva.vn/js/ 85 KB
22 KB 311ms
307ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/js/common_pc.min.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: c183acc0fe31e248080dbdcceaf797afb4991eab6b7c24569d96fc3a9c85884e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Oct 2021 08:43:04 GMT
Server: 24h.com.vn
ETag: W/"61654a98-1525d"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK swiper2018.min.css
image-us.eva.vn/css/ 19 KB
4 KB 453ms
150ms Stylesheet
text/css 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/css/swiper2018.min.css?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: d81da5b3c89c04ce12944b1c8b9d90ebf9534584e9686107637d5ca3024d3733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jul 2021 02:26:04 GMT
Server: 24h.com.vn
ETag: W/"60ff6ebc-4c76"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK evaplayer.min.css
image-us.eva.vn/css/ 153 KB
65 KB 608ms
305ms Stylesheet
text/css 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/css/evaplayer.min.css?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: d332cf2622397c38b7a63514e9760827517e286efbf93dc50a8f87f5b5054f7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 03:44:03 GMT
Server: 24h.com.vn
ETag: W/"5ffd1b03-262fe"
Transfer-Encoding: chunked
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 370 KB
123 KB 77ms
25ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js?v=20211014

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125402
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Mon, 01 Nov 2021 02:00:55 GMT

GET
H/1.1 200
OK videojs-ie8.min.js Show response
image-us.eva.vn/js/ 27 KB
10 KB 157ms
156ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/js/videojs-ie8.min.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a406e8da06f4cb11d23b86b3008959537ae6c1635aba5de32799b88f747bd56c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Sep 2018 17:49:04 GMT
Server: 24h.com.vn
ETag: W/"5bae6990-6a8e"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK evaplayer.min.js Show response
image-us.eva.vn/js/ 736 KB
226 KB 172ms
172ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/js/evaplayer.min.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: f4e390e1275c1057bcb8017a260f2d987a1e3f1055f4c8108383a89695dae1e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Jan 2021 09:35:03 GMT
Server: 24h.com.vn
ETag: W/"5ffc1bc7-b8042"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK swiper2018.min.js Show response
image-us.eva.vn/js/ 117 KB
34 KB 305ms
305ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/js/swiper2018.min.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a0eaf6cd9f09e0ed12e3fa8bce37a345ac9b9dfa28d5d330c6b30eb85c93a0b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Sep 2018 17:49:04 GMT
Server: 24h.com.vn
ETag: W/"5bae6990-1d2d4"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK eva-js-load-sau-pc.min.js Show response
image-us.eva.vn/js/ 39 KB
12 KB 154ms
154ms Script
application/x-javascript 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://image-us.eva.vn/js/eva-js-load-sau-pc.min.js?v=20211014
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 21891456b45b77575e0a1d0eef66ee886e003e6d38fdea264aff2a4ea51571a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Oct 2021 08:43:04 GMT
Server: 24h.com.vn
ETag: W/"61654a98-9a28"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 46ms
9ms Script
application/javascript 13.225.87.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-89.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 02:31:10 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 84685
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: P0c4C7W1kBcGeM4ipJ-3S3TQqq_HiX0nmWDGkeeegjwEWLqWd73PdQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 7189
date: Mon, 01 Nov 2021 00:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 01 Nov 2021 02:01:06 GMT

GET
H2 200 sdk-https.js Show response
cdn.eva.vn/upload/pushdy-sdk/js/ 145 KB
40 KB 1721ms
1059ms Script
application/x-javascript 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/upload/pushdy-sdk/js/sdk-https.js?v=20210907
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 7a35807b49f1e32a552dd3f7c27306f9ba809a230fc02cee2b0ee4e057808447

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 06:49:32 GMT
server: nginx
age: 51
etag: W/"61370b7c-245ac"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Mon, 01 Nov 2021 02:01:04 GMT

GET
H2 200 bg_pc_sn_2021.jpeg
cdn.eva.vn/images/responsive/ 11 KB
11 KB 995ms
333ms Image
image/jpeg 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/bg_pc_sn_2021.jpeg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5b5283f3cb47f04b15a1627f5a3f39a48d57540d7a877deb4b73050b6cd050f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 04 Oct 2021 03:21:31 GMT
server: nginx
age: 320643
etag: "615a733b-2bca"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 11210
expires: Sun, 07 Nov 2021 08:56:52 GMT

GET
H2 200 sprites_pc.png
cdn.eva.vn/images/responsive/ 37 KB
37 KB 1512ms
851ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/sprites_pc.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 9f759b9c210247f8b7d1abb09779090a64611c23b4fd0f6897403a304c4a2918

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Wed, 08 Aug 2018 03:38:54 GMT
server: nginx
age: 600156
etag: "5b6a65ce-9312"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 37650
expires: Thu, 04 Nov 2021 03:18:19 GMT

GET
H2 200 logo_pc_sn_2021.gif
cdn.eva.vn/images/responsive/ 10 KB
11 KB 1358ms
697ms Image
image/gif 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/logo_pc_sn_2021.gif
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: c7043713e8183c7163ff0d6a918150cbf11949db40ec467caf15b5d25d61f2c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 04 Oct 2021 03:21:31 GMT
server: nginx
age: 320643
etag: "615a733b-29cd"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10701
expires: Sun, 07 Nov 2021 08:56:52 GMT

GET
BLOB 206
Partial Content 5e88d96c-28ca-4f67-a3ec-4d29f1db7604
https://eva.vn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eva.vn/5e88d96c-28ca-4f67-a3ec-4d29f1db7604
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 8148e0ff-8981-41bb-b102-d9d94227fb22
https://eva.vn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eva.vn/8148e0ff-8981-41bb-b102-d9d94227fb22
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 19ms
18ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 27 Oct 2022 02:00:54 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 20ms
20ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:54 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 27 Oct 2022 02:00:54 GMT

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c7fc7b2339c77b969ee3e0b5740e7498f23ad9e7dddf25a88dc6398a5dc92b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 hot-icon_35x21px.png
cdn.eva.vn/images/responsive/ 864 B
975 B 1026ms
392ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/hot-icon_35x21px.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2ca6e060292ca5ec33cfeed40de0c12dd9e40a1ea6a0a6e2bf237496f3d8c2d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Tue, 07 Apr 2020 09:12:19 GMT
server: nginx
age: 320580
etag: "5e8c43f3-360"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 864
expires: Sun, 07 Nov 2021 08:57:55 GMT

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 54ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 02:00:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 310 B
785 B 53ms
18ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=eva.vn

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

07d0db28ce844283e1926f4045ba132ad454c41577428cfdca3f746814dea479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
expires: Mon, 01 Nov 2021 02:00:55 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=9634358&ns__t=1635732054992&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%...
https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1635732054992&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-...

64 B
329 B

11ms
11ms

Image
image/gif

13.225.87.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1635732054992&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&c7=https%3A%2F%2Feva.vn%2F&c9=
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Server: 13.225.87.89 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-89.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 5akhmj89P_beEhWEzz2UtVJGSfGiE4TbCl1cT4mEszVUKDBElqv1cg==

Redirect headers

date: Mon, 01 Nov 2021 02:00:55 GMT
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=9634358&ns__t=1635732054992&ns_c=UTF-8&cv=3.5&c8=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&c7=https%3A%2F%2Feva.vn%2F&c9=
content-length: 319
x-amz-cf-id: DAKz2djjqRT-3nf15e2oJ9VFnoKnxgTdbONzZ9bhB0wHp8O1Qo4JMg==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:41:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 01 Nov 2021 02:41:26 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
526 B 130ms
66ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eva.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
341 B 73ms
24ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3ET9718F65&gtm=2oear0&_p=1471385205&sr=1600x1200&_gaz=1&ul=en-us&cid=1343591147.1635732055&_s=1&dl=https%3A%2F%2Feva.vn%2F&dt=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&sid=1635732055&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ET9718F65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eva.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
341 B 75ms
29ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3ET9718F65&cid=1343591147.1635732055&gtm=2oear0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ET9718F65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eva.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
17ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3ET9718F65&cid=1343591147.1635732055&gtm=2oear0&aip=1&z=1987348195

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon_map.png
cdn.eva.vn/images/responsive/ 3 KB
3 KB 1566ms
1059ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/icon_map.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/modules/du_bao_thoi_tiet_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 1e5716e347b96c5b4362afe694147ed30101487b1f0f88db95914c464a9f76ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 08 Mar 2021 09:10:34 GMT
server: nginx
age: 320493
etag: "6045ea0a-a0e"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2574
expires: Sun, 07 Nov 2021 08:59:22 GMT

GET
H2 200 icon-box-lich-van-nien.png
cdn.eva.vn/images/responsive/ 3 KB
3 KB 1565ms
1058ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/icon-box-lich-van-nien.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2302bf13e70e95fb01e6732bdc208f806f755fc8db8df846277ac6ccdc9cf395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 08 Mar 2021 09:10:34 GMT
server: nginx
age: 320493
etag: "6045ea0a-b41"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2881
expires: Sun, 07 Nov 2021 08:59:22 GMT

GET
H2 200 ico-video-box.png
cdn.eva.vn/images/responsive/ 302 B
397 B 1554ms
1058ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/ico-video-box.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2f8fda8dfbb8fc73dfef6d634e2140feffe9c905154588a7095cfed2c3d21917

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Wed, 27 Feb 2019 07:40:02 GMT
server: nginx
age: 320642
etag: "5c763ed2-12e"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 302
expires: Sun, 07 Nov 2021 08:56:53 GMT

GET
H2 200 box4T-bg.png
cdn.eva.vn/images/2017/ 118 B
219 B 811ms
392ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/2017/box4T-bg.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 122baa57c81db213f8508c0fbe8ed7ac5f7c1a0acd5ca7930aed057546998080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Wed, 08 Aug 2018 03:38:53 GMT
server: nginx
age: 320642
etag: "5b6a65cd-76"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 118
expires: Sun, 07 Nov 2021 08:56:53 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
455 B 67ms
16ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eva.vn
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 404
Not Found bg-box-event-hp-cua-ban-mau-gi-1634042106-558-width625height1129.jpg
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 163ms
156ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/bg-box-event-hp-cua-ban-mau-gi-1634042106-558-width625height1129.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 404
Not Found icon-ngoi-sao-dm-1634042106-391-width23height23.png
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 155ms
152ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/icon-ngoi-sao-dm-1634042106-391-width23height23.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 404
Not Found icon-cham-tron-dm-1634042106-869-width11height11.png
image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/ 0
0 289ms
148ms Image
text/html 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/icon-cham-tron-dm-1634042106-869-width11height11.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET utm-androgyne-1634042107-49.ttf
image-us.eva.vn/upload/template_hot_event/4-2021/other/2021-10-12/ 0
0

GET
H2 200 ico-magazine-tab-w.png
cdn.eva.vn/images/responsive/ 869 B
966 B 1044ms
720ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/ico-magazine-tab-w.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 61f033e7006c37d6a0f040b158ce4582cb92aa7cefda8d6ea2f9465704581a38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Wed, 13 Mar 2019 03:30:02 GMT
server: nginx
age: 320642
etag: "5c88793a-365"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 869
expires: Sun, 07 Nov 2021 08:56:53 GMT

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame E6D3 14 KB
8 KB 65ms
40ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fevavietnam%2F&tabs=timeline&width=460&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ff97edb7570e5714791d77d428f8851dc48f9923f121e9eba756af9671aa171

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net ;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com ;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com ;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: ;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net ;worker-src blob: .facebook.com data: *;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *;worker-src blob: *.facebook.com data: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *;worker-src blob: *.facebook.com data: *;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: PmVwcqKxjIHlxMgw+NtRGiR0qvVKGOoyeE/rT07J15JWWnmfq8zrFKu3sPCna0htye/vp/4cgH7JVoPLEy6GLw==
date: Mon, 01 Nov 2021 02:00:55 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 footer-mask.png
cdn.eva.vn/images/responsive/ 1 KB
1 KB 1374ms
1058ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-mask.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: 04fabe9d4c345b51d6cf2debc008a2ff02c2344717589a78d6db9c1d2575c6a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:42:59 GMT
server: nginx
age: 320651
etag: "5d075293-586"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1414
expires: Sun, 07 Nov 2021 08:56:44 GMT

GET
H2 200 footer-mail.png
cdn.eva.vn/images/responsive/ 1 KB
1 KB 1374ms
1059ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/responsive/footer-mail.png
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/css/common_home_pc.min.css?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: d70f2920926a72a408af0727c80a4549b91a5a82c359ceb62282b27e77846118

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://image-us.eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Mon, 17 Jun 2019 08:42:59 GMT
server: nginx
age: 320651
etag: "5d075293-48c"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1164
expires: Sun, 07 Nov 2021 08:56:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 22ms
22ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-24343520-1&cid=1343591147.1635732055&jid=1187744995&gjid=1657556804&_gid=106100947.1635732055&_u=aCDAgEIhAAQCAE~&z=1816852368

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Nov 2021 02:00:55 GMT
content-type: text/plain
access-control-allow-origin: https://eva.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1471385205&t=pageview&_s=1&dl=https%3A%2F%2Feva.vn%2F&ul=en-us&de=UTF-8&dt=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEIhAAQC~&jid=1187744995&gjid=1657556804&cid=1343591147.1635732055&tid=UA-24343520-1&_gid=106100947.1635732055&cg1=Home&cg2=None&cg3=desktop&cg4=home&cd1=Home&cd2=None&cd3=desktop&cd4=home&z=1790908740

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Oct 2021 13:43:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44233
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3-1635561092-224-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/medium/ 16 KB
16 KB 300ms
299ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/medium/3-1635561092-224-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 014b9ebe33b44c59d0c40327b6fea321cc650dfbe32f39dff160078e96ba07ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sat, 30 Oct 2021 02:32:06 GMT
Server: 24h.com.vn
ETag: "617caea6-3f20"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16160
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK avttra-1635699921-258-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-11-01/medium/ 13 KB
13 KB 157ms
157ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-11-01/medium/avttra-1635699921-258-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 560ab17914d1a011a45e4427ef7f7588c76e33977cecf125aec25a424afce0bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 17:06:05 GMT
Server: 24h.com.vn
ETag: "617eccfd-33e8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cover1-1635666942-225-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/ 15 KB
15 KB 154ms
154ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/cover1-1635666942-225-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 432cddd652b062d1c863b686bba50d4c64ce8d80ca717cb5fed9ba886af6481f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:56 GMT
Last-Modified: Sun, 31 Oct 2021 07:56:06 GMT
Server: 24h.com.vn
ETag: "617e4c16-3a84"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14980
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a-1635686411-736-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/ 11 KB
11 KB 157ms
157ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/a-1635686411-736-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 86ea2f96b8ee04e5726366f08e4ce176133398d686fee8915c169c6f92139d8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Sun, 31 Oct 2021 13:20:32 GMT
Server: 24h.com.vn
ETag: "617e9820-2c9d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11421
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1-1635701674-67-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-11-01/medium/ 15 KB
15 KB 154ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-11-01/medium/1-1635701674-67-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: bf35a972d564037b51aca92c22ec60826e399860d0533beaa010e0e9e7deced4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Sun, 31 Oct 2021 17:34:41 GMT
Server: 24h.com.vn
ETag: "617ed3b1-3bb8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635689762-bg4-16354120573741452288735-0-502-423-1179-crop-16354193743681774031488.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31//medium/ 9 KB
9 KB 153ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31//medium/1635689762-bg4-16354120573741452288735-0-502-423-1179-crop-16354193743681774031488.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 8ece0a41e4b07278fd6ecc829a05e3d3b411dba94624d07a0d6a0685b74d4c30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Sun, 31 Oct 2021 14:16:40 GMT
Server: 24h.com.vn
ETag: "617ea548-23f9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9209
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635690521-431-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/ 13 KB
14 KB 162ms
162ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-31/medium/1635690521-431-thumbnail-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 30e99a6af661711347e61623fe457da64c931f031f55c3baccf4ada1a3dae308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Sun, 31 Oct 2021 14:34:05 GMT
Server: 24h.com.vn
ETag: "617ea95d-34ff"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13567
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635724495-683-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-11-01/medium/ 14 KB
14 KB 154ms
154ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-11-01/medium/1635724495-683-thumbnail-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 8e99df1dde496a9b1d527f42ebad1326daf87f9f02916f3eeaf5a15cb4c2a75c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Mon, 01 Nov 2021 00:00:05 GMT
Server: 24h.com.vn
ETag: "617f2e05-36d4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14036
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635387659-218-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 7 KB
7 KB 155ms
154ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/1635387659-218-thumbnail-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: f616abdc029b424aef85b23c59e8f4779bb26f618f44b0d2aeef4dbbc6022646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Thu, 28 Oct 2021 02:22:06 GMT
Server: 24h.com.vn
ETag: "617a094e-1b95"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7061
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635416750-618-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 6 KB
6 KB 153ms
152ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/1635416750-618-thumbnail-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 3517f8080c38eaef285fb6d5ad682cb4a7adc52309953717ea7b62a6db2482f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Thu, 28 Oct 2021 10:26:06 GMT
Server: 24h.com.vn
ETag: "617a7abe-1839"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6201
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tang-cuong-av-1635413417-49-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 5 KB
6 KB 159ms
157ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/tang-cuong-av-1635413417-49-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: eb87ebdef2f4bdce4010d701c1ddaa7502d34a7842f1d51230bad3f3a0a90624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Thu, 28 Oct 2021 09:30:40 GMT
Server: 24h.com.vn
ETag: "617a6dc0-152a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5418
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK van-trang-av-1635408279-280-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 7 KB
7 KB 149ms
149ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/van-trang-av-1635408279-280-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 20c106ddccec0feed95beef9fc81f90d074d8540ae16c70522cdf78ec27a0769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Thu, 28 Oct 2021 08:06:07 GMT
Server: 24h.com.vn
ETag: "617a59ef-1a97"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6807
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1-1635701674-67-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-11-01/thumbnail/ 7 KB
8 KB 154ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-11-01/thumbnail/1-1635701674-67-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: efd743d520e77a15a13c9ba3998858b507bf5cd33eaf2de4684c326222b06603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Sun, 31 Oct 2021 17:34:41 GMT
Server: 24h.com.vn
ETag: "617ed3b1-1cb6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7350
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635416408-379-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 6 KB
6 KB 152ms
151ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/1635416408-379-thumbnail-width640height480.jpg
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: a2b1102425c38f778aee8043d2062db8fb678999fec013d753dfa9f06d25a361

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Sat, 30 Oct 2021 10:23:20 GMT
Server: 24h.com.vn
ETag: "617d1d18-1898"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6296
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_search.png
cdn.eva.vn/images/2017/ 509 B
583 B 1348ms
1059ms Image
image/png 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.eva.vn/images/2017/icon_search.png
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: b52ca543407fc590f39c962ede5c47ac114aef5be7cd2f981a6670aa0a367776

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:55 GMT
last-modified: Wed, 08 Aug 2018 03:38:53 GMT
server: nginx
age: 320642
etag: "5b6a65cd-1fd"
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 509
expires: Sun, 07 Nov 2021 08:56:53 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 60ms
24ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-24343520-1&cid=1343591147.1635732055&jid=1187744995&_u=aCDAgEIhAAQCAE~&z=2040448749

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-24343520-1&cid=1343591147.1635732055&jid=1187744995&_u=aCDAgEIhAAQCAE~&z=2040448749

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 won-skRAYEd.css
www.facebook.com/rsrc.php/v3/y0/l/0,cross/ Frame E6D3 21 KB
6 KB 9ms
8ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y0/l/0,cross/won-skRAYEd.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fevavietnam%2F&tabs=timeline&width=460&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00d26efe5242062473837e902512285e251adcf24a0c7874db846685bc495411

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fevavietnam%2F&tabs=timeline&width=460&height=130&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 16:44:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ARnWFs82k4hngnhXrdVDzw==
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 5253
x-fb-rlafr: 0
x-fb-debug: faFp+1lYUT/GBReDGrq1OlhaFYlycDACxSjBqOhMGzOxqhJo+/MU+pCZX8oButInRKSQmGztt7ca6alIupzwsA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 31 Oct 2022 16:44:57 GMT

GET ip.php
24h.com.vn/ 0
0

GET
H/1.1 204
No Content eva-analytics.php
thongke.24h.com.vn/eva-analytics/ 0
320 B 213ms
213ms Image
image/gif 125.212.247.127
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thongke.24h.com.vn/eva-analytics/eva-analytics.php?rand=0.5270269723901768&user_agent=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/95.0.4638.54%20Safari/537.36&url_tracker=https%3A//eva.vn/%3Fserver%3D%26region%3DUS%26device%3Dweb
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 125.212.247.127 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: 24h.com.vn / PHP/5.5.38
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:57 GMT
Last-Modified: Mon, 01 Nov 2021 02:00:57 GMT
Server: 24h.com.vn
X-Powered-By: PHP/5.5.38
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: pre-check=0, post-check=0, max-age=0
Connection: keep-alive
Expires: 0

GET
H/1.1 200
OK get_class_by_cliend_id Show response
search.24hstatic.com/v1/recommend/ 226 B
602 B 6647ms
216ms XHR
application/json 125.212.247.143
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://search.24hstatic.com/v1/recommend/get_class_by_cliend_id?c_client_id=1343591147.1635732055&b
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 125.212.247.143 Ho Chi Minh City, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: Hello World /
Resource Hash: f834375863424641f06c2ccc1dbab13ff684d8d5a1b4797bbb63cc82eef4e830

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:04 GMT
Content-Encoding: gzip
Server: Hello World
Vary: User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D71F 11 KB
5 KB 45ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=eva.vn

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2992
date: Mon, 01 Nov 2021 02:00:56 GMT
content-length: 4683

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
367 B 113ms
79ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=360781&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22173b938b0a9df8%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Feva.vn%2F%22%2C%22ref%22%3A%22https%3A%2F%2Feva.vn%2F%22%2C%22domain%22%3A%22eva.vn%22%2C%22publisher%22%3A%7B%22domain%22%3A%22eva.vn%22%7D%2C%22keywords%22%3A%22eva%2Ceva.vn%2Ctintuc%2Ctinmoi%2Cphunu%2CFacebook%2Cngoisao%2Cbaophunu%2Cgiadinh%2Cthoitrang%2Clamdep%2Cbabau%2Cnauan%2Ctinhyeugioitinh%2Cphunuvietnam%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%225.17.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222afc42378c3cfc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22360781%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.masthead.1004x250%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22360781%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.masthead.1004x250%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A980%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360781%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.masthead.1004x250%22%2C%22sid%22%3A%22980x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223b1fa4edb0e76%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22361396%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.hotbanner.300x450%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A450%2C%22ext%22%3A%7B%22siteID%22%3A%22361396%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.hotbanner.300x450%22%2C%22sid%22%3A%22300x450%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%224dac69389f1e23%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22361397%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.largerectangle2.300x600%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22566594e1acb4dc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22361398%22%2C%22dfp_ad_unit_code%22%3A%22%2F214571812%2Feva.pc.trangchu.stickybox.300x600%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1b740a8559a272d9836bf28741c8c4f4aae7139cdbcdef12356ddace5ff3a263

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.182], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://eva.vn
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Mon, 01 Nov 2021 02:00:58 GMT

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ 63 KB
18 KB 129ms
83ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: bdd5179721d94a91a6e111283b0ad6bdf100a8bee572e7aaea06c6bccc76355b

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://eva.vn
date: Mon, 01 Nov 2021 02:00:56 GMT
content-encoding: gzip
x-openrtb-version: 2.3
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/json

POST
H2 200 cdb Show response
bidder.criteo.com/ 559 B
489 B 73ms
29ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=114&profileId=185&av=34&wv=5.17.0&cb=47660276228
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 785df1f0941bbbf398f81344e1db19d6dcdb6b505d694e86d168caf42c5f1396

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 01 Nov 2021 02:00:57 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://eva.vn
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 257

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 43 KB
15 KB 182ms
147ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

3808c4eabd7a52375db4ea2f0c9f316fe48c1800da4a4957300407dd95eb3a2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Nov 2021 02:00:58 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 31d16360-d0f1-4f4e-b078-47db8453944b
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://eva.vn
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK 1f8cde7e-a7f4-4f9c-bf34-300c2011adb3
https://eva.vn/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://eva.vn/1f8cde7e-a7f4-4f9c-bf34-300c2011adb3
Requested by: Host: eva.vn
URL: https://eva.vn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2

200

sid Show response
mug.criteo.com/ Frame D71F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=eva.vn&sn=ChromeSyncframe&so=0&topUrl=eva.vn&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=D7EJqnw4aGJtRGhqRGRBcWJEenRWNFh1N1FRdWpManZ0YUZqTmUzczJUMmJWMTc1NzBLejJUa3pXN01IeWRveUlUNmdxZHN1eGtwcnIrSmVhMytGVjE0elhkaEpMc0FCTTRQVXBYS0xnaGRiZTBwcDloSXFDUTAxTmxuaE...

433 B
623 B

63ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=D7EJqnw4aGJtRGhqRGRBcWJEenRWNFh1N1FRdWpManZ0YUZqTmUzczJUMmJWMTc1NzBLejJUa3pXN01IeWRveUlUNmdxZHN1eGtwcnIrSmVhMytGVjE0elhkaEpMc0FCTTRQVXBYS0xnaGRiZTBwcDloSXFDUTAxTmxuaE5rS2lsQzVlaGFMZEdlTEFCc1FhY2dJMGsyMEdvOXJ2SWp2aG9HM0x4TWYySTlpS29XUFR2SGkxbGxqZHBqTXp0RlBIMEYvUDJETTdNZDZ3WENjUWFRVFRnUkhiTTJsOHhUdnpZZ3hNYXJZY2kzdzNhUWk4aWxoajlYalJ2YnZ1QjhFeHJrZUYraThRd2RZd0szYnBDdis4MFBaUlNZUT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

32e39e3ede302dc9f14b802b443bf3328b781033d0bb4a51ea6ca91d50c8bf5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 01 Nov 2021 02:00:57 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2166
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 01 Nov 2021 02:00:57 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=D7EJqnw4aGJtRGhqRGRBcWJEenRWNFh1N1FRdWpManZ0YUZqTmUzczJUMmJWMTc1NzBLejJUa3pXN01IeWRveUlUNmdxZHN1eGtwcnIrSmVhMytGVjE0elhkaEpMc0FCTTRQVXBYS0xnaGRiZTBwcDloSXFDUTAxTmxuaE5rS2lsQzVlaGFMZEdlTEFCc1FhY2dJMGsyMEdvOXJ2SWp2aG9HM0x4TWYySTlpS29XUFR2SGkxbGxqZHBqTXp0RlBIMEYvUDJETTdNZDZ3WENjUWFRVFRnUkhiTTJsOHhUdnpZZ3hNYXJZY2kzdzNhUWk4aWxoajlYalJ2YnZ1QjhFeHJrZUYraThRd2RZd0szYnBDdis4MFBaUlNZUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4317
content-length: 541
expires: 0

POST
H2 200 subscribe Show response
api.pushdi.com/v2/ 1 KB
1 KB 538ms
178ms Fetch
application/json 18.136.143.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushdi.com/v2/subscribe
Requested by: Host: cdn.eva.vn
URL: https://cdn.eva.vn/upload/pushdy-sdk/js/sdk-https.js?v=20210907
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.143.222 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-143-222.ap-southeast-1.compute.amazonaws.com
Software: awselb/2.0 / Express
Resource Hash: e89d9d1551b6ddc146678adcccf15197fde8abcd4e2133b8f12b9e641cf7e304

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 01 Nov 2021 02:00:58 GMT
server: awselb/2.0
x-powered-by: Express
etag: W/"517-MIMYfd45lBiH25dF5jxge8/0J6I"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-token
content-length: 1303

POST
H2 204 events
bidder.criteo.com/csm/ 0
179 B 15ms
15ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://eva.vn
date: Mon, 01 Nov 2021 02:00:57 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK tang-cuong-av-1635413417-49-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 5 KB
6 KB 162ms
161ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/tang-cuong-av-1635413417-49-width640height480.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: eb87ebdef2f4bdce4010d701c1ddaa7502d34a7842f1d51230bad3f3a0a90624

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:58 GMT
Last-Modified: Thu, 28 Oct 2021 09:30:40 GMT
Server: 24h.com.vn
ETag: "617a6dc0-152a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5418
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK van-trang-av-1635408279-280-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 7 KB
7 KB 153ms
153ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/van-trang-av-1635408279-280-width640height480.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 20c106ddccec0feed95beef9fc81f90d074d8540ae16c70522cdf78ec27a0769

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:58 GMT
Last-Modified: Thu, 28 Oct 2021 08:06:07 GMT
Server: 24h.com.vn
ETag: "617a59ef-1a97"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6807
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635387659-218-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 7 KB
7 KB 155ms
154ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/1635387659-218-thumbnail-width640height480.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: f616abdc029b424aef85b23c59e8f4779bb26f618f44b0d2aeef4dbbc6022646

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:58 GMT
Last-Modified: Thu, 28 Oct 2021 02:22:06 GMT
Server: 24h.com.vn
ETag: "617a094e-1b95"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7061
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635416750-618-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/ 6 KB
6 KB 148ms
148ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-28/thumbnail/1635416750-618-thumbnail-width640height480.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 3517f8080c38eaef285fb6d5ad682cb4a7adc52309953717ea7b62a6db2482f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:58 GMT
Last-Modified: Thu, 28 Oct 2021 10:26:06 GMT
Server: 24h.com.vn
ETag: "617a7abe-1839"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6201
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1635578869-871-thumbnail-width640height480.jpg
image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/ 5 KB
6 KB 156ms
155ms Image
image/jpeg 64.185.232.226
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-us.eva.vn/upload/4-2021/images/2021-10-30/thumbnail/1635578869-871-thumbnail-width640height480.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.185.232.226 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-185-232-226.static.webnx.com
Software: 24h.com.vn /
Resource Hash: 97b23f4bfc212fa1929927a02b7f7c6000c0e98afb07baea81ce3c535e5a84cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:00:58 GMT
Last-Modified: Sat, 30 Oct 2021 07:30:04 GMT
Server: 24h.com.vn
ETag: "617cf47c-151f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5407
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 101ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=eva.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
23ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=eva.vn

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 90 KB
31 KB 345ms
344ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2575024255638047&correlator=2188263018192684&output=ldjh&impl=fifs&hxva=1&scor=3784642437829838&eid=31063282%2C31063344%2C31063139%2C31063167&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211101&iu_parts=214571812%2Ceva.pc.trangchu.backgroundleft.220x900%2Ceva.pc.trangchu.backgroundright.220x900%2Ceva.pc.trangchu.masthead.1004x250%2Ceva.pc.trangchu.hotbanner.300x450%2Ceva.pc.trangchu.largerectangle2.300x600%2Ceva.pc.trangchu.stickybox.300x600%2Ceva.pc.trangchu.balloon&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=444x1040%7C160x600%2C444x1040%7C160x600%2C970x90%7C728x90%7C980x250%7C1016x100%2C300x450%7C300x600%2C300x600%2C300x600%2C120x300&prev_scp=content_groups%3Dtrang_listing_no_ads%26id_div%3Ddiv-gpt-ad-1543992722792-0%7Ccontent_groups%3Dtrang_listing_no_ads%26id_div%3Ddiv-gpt-ad-1543992822424-0%7Ccontent_groups%3Dtrang_listing_no_ads%26id_div%3Ddiv-gpt-ad-1479472234645-4%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D247211df6f4fe5d%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D247211df6f4fe5d%26hb_bidder%3Dappnexus%7Ccontent_groups%3Dtrang_listing_no_ads%26id_div%3Ddiv-gpt-ad-1479472234645-2%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x600%26hb_pb_pubmatic%3D0.01%26hb_adid_pubmatic%3D21b4292c56c310a%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.01%26hb_adid%3D21b4292c56c310a%26hb_bidder%3Dpubmatic%7Ccontent_groups%3Dtrang_listing_no_ads%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D253e5f243a17c53%26hb_bidder_appnexus%3Dappnexus%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x600%26hb_pb_pubmatic%3D0.01%26hb_adid_pubmatic%3D22e14fb555385a6%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D253e5f243a17c53%26hb_bidder%3Dappnexus%7Ccontent_groups%3Dtrang_listing_no_ads%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.26%26hb_adid_appnexus%3D263cc2b6e118d73%26hb_bidder_appnexus%3Dappnexus%26hb_format_pubmatic%3Dbanner%26hb_size_pubmatic%3D300x600%26hb_pb_pubmatic%3D0.01%26hb_adid_pubmatic%3D2369114278efe3e%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.26%26hb_adid%3D263cc2b6e118d73%26hb_bidder%3Dappnexus%7Ccontent_groups%3Dtrang_listing_no_ads%26id_div%3Ddiv-gpt-ad-1594350672674-0&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1635732058&dt=1635732058228&dlt=1635732053451&idt=1665&frm=20&biw=1600&bih=1200&oid=2&adxs=-151%2C1307%2C315%2C1001%2C1001%2C1001%2C-9&adys=50%2C50%2C50%2C79%2C543%2C2046%2C-9&adks=295051662%2C3756495028%2C2827293712%2C890421378%2C232553499%2C1045298216%2C4081722029&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Feva.vn%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=444x-1%7C444x-1%7C1600x0%7C300x0%7C300x0%7C300x0%7C0x-1&msz=444x-1%7C444x-1%7C1600x0%7C300x0%7C300x0%7C300x0%7C0x-1&ga_vid=1343591147.1635732055&ga_sid=1635732058&ga_hid=1471385205&ga_fc=true&fws=512%2C512%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGOvg6cnNL0UAAAAA&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f1fe1159b7cc7333925fc190d7ac0d3451f3f4529c9ef663aa0f2688895f3a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31264
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-2,5815457227
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-2,138368447422
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://eva.vn
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0017 6 KB
4 KB 86ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 02:00:58 GMT
expires: Tue, 01 Nov 2022 02:00:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 notification.css
cdn.eva.vn/upload/pushdy-sdk/css/ 11 KB
3 KB 334ms
333ms Stylesheet
text/css 103.151.240.3
VNPT-AS-VN VIETNA...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.eva.vn/upload/pushdy-sdk/css/notification.css
Requested by: Host: cdn.eva.vn
URL: https://cdn.eva.vn/upload/pushdy-sdk/js/sdk-https.js?v=20210907
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.151.240.3 -, , ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
Software: nginx /
Resource Hash: aed0d9fb93de57a64102d6371c83b90be512539ccfcfd3d7cdb4d8fc52c06c20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 08:14:46 GMT
server: nginx
age: 54
etag: W/"611e12f6-2ba6"
vary: Accept-Encoding
x-cache: HIT from da02.vn11.swiftserve.com:443
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Mon, 01 Nov 2021 02:01:04 GMT

GET
H2 200 container.html Show response
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58A5 6 KB
3 KB 318ms
15ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 02:00:58 GMT
expires: Tue, 01 Nov 2022 02:00:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 81A4 6 KB
3 KB 317ms
19ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 02:00:58 GMT
expires: Tue, 01 Nov 2022 02:00:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8935 6 KB
3 KB 314ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 02:00:58 GMT
expires: Tue, 01 Nov 2022 02:00:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0A45 6 KB
3 KB 311ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 02:00:58 GMT
expires: Tue, 01 Nov 2022 02:00:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BFCB 6 KB
3 KB 303ms
17ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 02:00:58 GMT
expires: Tue, 01 Nov 2022 02:00:58 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 105ms
36ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07a9e09b4a0a4e9b039d8e9c7428e32315fe8c70803a15a7ded9a2637103db7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9285
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 80ms
34ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 02:00:58 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6012 12 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 01 Nov 2021 00:56:24 GMT
expires: Tue, 01 Nov 2022 00:56:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC8D 783 B
967 B 26ms
24ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

42660c39f7751ff78c974dc5c1fda55d37dba7ccc76b2ab50679656590db375d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T/51wNsqOQ2sB2Oo8iQJcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 01 Nov 2021 02:00:58 GMT
date: Mon, 01 Nov 2021 02:00:58 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-T/51wNsqOQ2sB2Oo8iQJcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6012 35 KB
14 KB 334ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC8D 0
0 360ms
36ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021102501&jk=2575024255638047&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6F97 624 B
612 B 19ms
18ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNWgUevlXLvgqRJBA7-JEPkOMPTgQtYD7xelvNuhYLCPAj41muznr7ZPgnHecDmCGwGsRJ81hst2otmHO-80aQv4x8EvmL3EbHgSPqHS54mlAsI2KaAyk9ZgatkfIqHpREZZId2nPuH0EMp0naw7ulrJooSbHsb3rH-094jEslAwyDr7BI4

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Nov 2021 02:00:59 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 58A5 72 KB
29 KB 44ms
44ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC_FHEyaHSG4XWGgmMPGv3Ct9c7MvI3F5tRpfcRR8U55LchOpDCTNrjzFTPDt3vm3o027h1_BDmWsK7hxLcfgMA8JAQt6vLORa0MtLCeCPB_YKxoR7krSycRobHS0Nk3apQLq-hEa_wHwwBAyUymknJVgS1g&dbm_d=AKAmf-Cq40ZVhU6FvOIPXlrVbqQydAipn4H44ANV4feDa8d1qaf4cZyYCPCPX32e4JHiwdZDR2PxSORodlcbYYDWK9Jz9UTMbFFbN_gG8DurrXkqPr6bF5WEeGkqAZmSr1zEUymiKw_ArpXaCAZ8O9ArHKyIc2m0iyXEh6W0WaoxolCpswCOWJ3EfmuYPf-WB0gZmi9JZCigJTI86Li9nBKJvaaRnwATj5giPT945ucx5r8M1crXTDLfIsNjhZCJNNzLnJP65OL2K7DH0qWTTSLeZzJn3ko7jyZ5fm_UMqkipnX6GB1VJoKYUE5myqy0WN-fVDiS8V6JECKbLt5-sdYygiE4acCW4j4aa_nB1KC5s_qXYQztoau-PDiHnnR3Co-AT48oB1WeT5EdHeynd0aJvZQ52sicR0lgYltcQyc0XiPubLPcoTs1v-TvEDYezCDBqvJLl7bUJQM_AUNAa2LRzoaLiXB16I27Z4NEoX8ON346LIvBNwOqvtGsaERBXmPctthK8xNDy8tPjJV6eP-cl_pfe51Nflb_nGmxxU1k97iDYzBxJRrNsUeqY5uWhzKvhHaYEgDXr8gbWvvDslsLWKC8M9k5hqRKY8Iy2rUqnT3GKyAMJaB50yqzUR643zZfJltIUBiYqSqn-7Q3A2beMe-lJz63wL6QtXfQ0ofHoiutebK4cTFUfi-AeD0zcS1AnFyqKwsoKcfJR_aA3FOvFI59WWLAAj5HZZpjvuuGn2euxSPR_fqWtx139i6qSEyWistfxZEjBfwSR-c-0zFy-pBb0mU2DEF3nLtMHQDnAcLUeF_FYka7LrgmZwuLlDaZj6eHbI96i7STnCoFpFC5V6JsFer-yr7W1tNvnBIVK3-_aGjxyAp511u9dkQXT7RgS3Mg3_n4vTEmPaMlSBf-C65AwOeJgjIZwVOKQTpLTH7ViHiBiephFQjBopYkf6So4gfpy9Eci4DTQv9I7vMMKzE19ya4dylMkYp6l2oFH6HHvXnh74TTWWA3Z5tvPEA3hLPLEM7cVRuYSJTMiVvw7s6LAvfEGpYO6OOYNZ50S0lm8Rf7cjDQFwDvZXSR8xjFjKE5W660Azn5DlTa7KIPjQu7nMQjIOnd_eby_BMoaK6RAGqYXTlUoTKA6mIftjslBiQzLJxBgD6rCIPgKEJzJGYRiorjtQVovFa8R5UUW7jr18z1aVkp3STW2Ly8aKfBsYPJnmiZuOte673yCBcq9_x1gDI6mtECRgIBtby9_Qm5nRXnuxJL7je0ivMgdUzmaaOH3mKCTKqNb-iD5yEaPjq62zZfhaYa2rAcAe6N1xG8umlb6slKgiQeoj9eCrQniC1mw_WNhU0HA7m8U2ucczmCUg3_B7pxlLWc3wGObTuQdX_GAfEN-lj5NTAKH-lwErqsGfPlJ1pvCtHzP2gpWwptqgtlZxlFqG5gyOHl6ak9WBoewY_lQ_3esPX01dKPfw8AyEL-_Bj_LeU5tsn-QD4hsVunCLEoywQV4rJRljzACaHUBPx_wFa7y-LVkUbVr6x5UC363NWK2trJnn-2Osg5hODoWu2F1JFZid2GtTF44dEKjQnHbJ7dTZ2IVs4Jw-xGAMVGlFQrVn3WPsg265Ctn7pyYtovIe-8_PG_EU5ikSlXflW--lYpIpRWTqmqz4e79zuNCRxIwEiOxev4oTV_b8OOFoI4Xxgk_2RkRJ4_dlOYRFBX4Sk2tMrs6nHbExHiNKE12L_sqPo4SNZ7FfTXYzsrs4X65qnjvCzgXD5WkF6D24B_58chjvuPRXpzob78qkkiRME1tXwxnW7QzhJqYavN9lhxRA3ai3DEJB60JdpOJqxtmlE_6soD13zeV-tUEg2E6uc-h4-LEX6vSQw8rDUjRd3lepb5GLdmBEf8F3Yah8gMUIa74OoD1blwvoAUhrn78jVFRQV857T2Cjfun-ZPDZhGFIu98Te5VjbmRdoGKPJ_B7rj4ZAuFIQ0HbJDmF0huZOtuqi0n5jOPIxiGo2ONX7epParHr3WjnMxhTv5kUnXgxxxOQcrEjODpgUXgLmicYQ1NqbhVfncSi0ozqo4V4Uvm1lpXxJhOkfPyUIa_XjXL_GqaSTBK2GnlHttwuC17cHalT4aBZhn3pseSH27xro5JcKOp5uIwVi6O_h2TxgqcTmnYlUcDyxN3tq6vV0rlFkhZoazyO7z0KxLNF36-ywQEB4fS2r7kCtbTlu162RWPC-XylI-2U4haF2wBJgSKJmUknu1hV4xwjseflRh9xBmoxPfr3254Iq55b6mRpZgrEjxNPAP9NQKgJ37aku51AHMWZ9ROUq42vrEW9glV_O9C9Ml5FCVjcdDGRWMFVC64iqV8CfPZ-CSSobF3p7j7uVAazXyjX1NpfZsOXMKWOyjB-A1m_iY4XNKFvtuMtiyXJ2GMDf7n3Phc1N7Vnit9GAz2KTlzPQNQpjbgZnLs4nzebAEgzainW_I20rHlR9793nQYov_WbeSG0sxvujPEvjRC6kFXoaRig5PxVBF7e0pAVxT5a1d2cbhIIrXos4ergmwHpO0wu8GTJ4urRk8FiWrpsVDV8DgMX09DEZbdaXgnw5bpV0D3G-7yqDZQBvSAKunFHoC6ZBkVBpSIzyoPdgm249RiYOsajeZYE9NSDdmCbZqhWtsUGK7VGfZZCOPcEwKEL1BZUNpTUKWJsV-BNhHKRApr4NShWUOuPiWRAcHofpSCIOAO_XYT-5l_fTlqDhsNuKj3oK-NBtHx_I7x0LAuYLypZfIvFto5ftRDmhgZGHubDOLnvOowCMmQ8sNs_M8My-5DtU1eNstoiL-Vc9bHuyePee-MryCuGUpvKU58tiwghd3TtY9oA0glfGYQ1oBitClTZoUqSI5BEUM9-vJ9KpCV3U2-qWB8NkImOYWcnbnwX1wZIkrdLig5y6X7_PCo-VWTgT4-Uqf3z90ajI5inB87ZjlBD3LzWAqwpVWW7xDStMobc4MEizY1M4HXOlG85xbKot-eQFK6Q3wXmnIZEG4I1G8M_IgUYkVPEZXr7i6qVOLUlPkuKVbw5Jfy6ZH9QYPEJuT9HeQAFVRT-AvPVw-g02tPPSCDUhx_Tft5ATMDZ2p5Y9o440TD9esqIAR-TxQr_HVfCDcEciq4fncFzzqRDWDV6OwZLkrMCMA_MAQbCqURWWdFLfcgTs&cid=CAASFeRopSBsPEpTE_84jiL80t0oYlTDOQ&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f87c7ed961f6b8eb75e95c29cff268ff1ce227b8564fbf2905e5935b314b53fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29569
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58A5 42 B
107 B 255ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Br0lRB9gc6NRFi0QsaU54P5HpbhQeibUEVeb7IEoBA6CQFFV0oeCl-bUPxr9j12yknFKEOblRNx8jeKrHQ9fGoTCrNzvf0xMpWHpR9_Pz3A7wFwjM

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 58A5 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:39:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58A5 120 KB
37 KB 334ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 58A5 14 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:49:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 58A5 0
0 23ms
23ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNJBjniLF6yKpy6OH2sqWm_GGz7Tf2aNbp0GP8jJnZBPJitIyHmdAyX0MF7Nt9WHHX1hfYqne_m1QsytWgdwuisrJqtg
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A61 624 B
559 B 20ms
20ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSL-rQBMAE&v=APEucNXszRJ7QYe-YAyrz7Rfo7CKeNAweap_XIu72QsItDz0j3eSLfzdmWGM2aYJ4hMKCxVju4cagsnIaUnpkoKc-THVnkDSW1t8a1fFeGKEFC4BemHZCaHREFM-vqYXNC6RFI57MLaB8V8vH-0zkHkXZ4If_TlM2NLqR5yI20iKI_p05NELjZI

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Nov 2021 02:00:59 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BFCB 88 KB
33 KB 53ms
53ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dsw4Q4RJ_yCpkRclJ7ZKRTdYEpzZPkkFxSo7Re3rPHFg6kPnFe5oDw8cfQfu_KUHs7r5t_WoxsrBPISvEyNR5I-dhzeiRC5LxO6vDGDJfBCQyEbfkO2dEXOwRBJBsxz9fNsaM1vXIgZV7sG4zyWbSHxHKI2A&dbm_d=AKAmf-BDZbYBmlXdaYIg7M_9eu_7rpbb7V5RGrFhaUtKvPtNT72VTT5NbfFeCfnNqSi9q7BFR3gNgGiG0hZbqgw267lLDUJfHfpYn8gMNmUlrwdhmXfr8Urj_1r1cFUeILGPrhPtWvS-Rftr2y7ILIHstBOyIVnodAshrDJDWLhrTa2GCLEOPQKjx_fL4FQM3HDfuuMUA68vPwBsZXQlYKzVpxCL6F090liDSvVaAD_xNS9HBrzthyPC-UdFDDhajhFbni5KNfb8tsorGT8iTyoHOqDTnQvK0hyd7dKjWEDpA1kCEeITBCFb6vde5Zcg2HMxdI-HFFX7isHDCjQ8vOqbGa4BJBX0noSWPksdCVKSPtp6BXbs4nqK-EemYcTuWEyliem-gQFbJDnSOMZ6-ssyri7JdLNMe-2AmxqhEoo7X80TZDWxK6n1n-5eYhLM5pItPTY9FlAb2TtlMRAnA_dE_wZFIt461qZA7qUGg8RwJopxwoHRRu28pSCsmtNTTxKvTgEmY22phhieK_JXX1y03IsJWP-G-jPoBTf9Mh9SA5S34JggAci-Q2YP6QQwW-gbTvEBBZZ1eX7WKm6hq2q7Rv9o1pwc-mDkHqviKMp7vqMMOOlxSRqWhRqd4eYSBl4U1DfR_MhIZT3chN4QGcuDR9cOHo-L-JNpnhZRpwA3VaIpkjMxFRDuGFJho412pH1hHiUPlcYoED5BSpHqzmJyVMq_waDpbZwQCI5FCUp-xmV48IyovUOLcGoWHUm9KYiYJjgiwKoODt-BMtw2N6KE_5xfylb5dBqdi_m_47Z6_MUuXNIgLu2eWBM3yvwTGUhyZMbW59RuI_qhpvTXBPjO0N5rGOGVaeKoN3YE0968JtuQono6VkyVy3UK06k1emXRCfDcW6wTSDEnDpuMWboGBXxXlTKDUScSAdyedFF4YGt7YSzBRYhqPxITTXYPKJ7evRBWxhPRU4UuEiokiCJfA1XJ-uzaCpQw4rtrHlRUs8zQB1TgG3ARD-4Ep1ojDCD7a3d1RBanlDd9-p6huMKSDs9XUPls8R1VRtfaNC32-mTzdOmB58d6GZ6hQ2MsAU_BkYTTCJFRzOE7tGL4Ofxc1R21fuA3ekVhl95vYhNEdwJVZBQcwtFS9cEKkQb-uUTR-yAU-y8uNFG6PqFMlxVN4KRq0Xz95CadioY8r-MvkmPBVIFXl2Xf0vkYIGut7kKVRwTq4aN_Ff3XLUcga_8T-tkaqvpueeaIWKlNE81SL8ewuE2jMnSKoTCP9LaQy5f3HjzD0nUDFkFMJjIm43y_AgzzYeRzMNHtJWwci50vcdYROs-E-GQlVVJdjkL69MdJQCRzo6JR42L7KcH059wdytl1-Hv8nhgp19Gn_qlkFhNBE6L--UBnAaMSQGHHXQ_JXFhIo_qxuj6f0MtwkRvO4EhO0TS_UWU0afurtin8Ka4D6oTyNHCR7MjAXtCNj8THoJm4KqFY-GsLlBe5Hsq-wPrUteLVpMQhood-HsOUGcda8cTSLvkoULI14R3mu4LeZOJQinx6eS4LnuDRx0eoqdSIv49aSX2YxaT6pfqBmhvVu8xd25c7w-dpIWrpu0_znDMeJ8F_SMLbLPr7Rttl6hWNhDPmfmw4gNioEfrpccOjDg1QIdidFf2MFG1l-aVnJLTuz-Oc6ZmFuxPd2aIznkR4OFowjd_LLLgoHxpP5jZtvhbV15eMP4MQGxkMYZiz7gl-Bl__AyFlBaCK8Z7fH2V1krXcu1G1Hy-yeC6jPTCR9vl6eHQk0B_nSWXCBTaWgKc_ygsH4v4gyyTf6b1gd9sQevM4l76BGyb394x5Tb1VmHbRbPzRSZSSt43ZvHQzKhTGKo6NDBWf4qOYvZ43mFBJNSljwtbr9LS6j8pOazYA5CjSOKVgAvqbNZLncCvBfdeG8GGHAbl2GMBwF4C37OmdK4YbPNkTHCP5K_EveLIdrpwpF20zqKpl9VtARmLbynHW5aZyhikkijYYRfHX9zV4DwsjIxS1QreT24o4vmbRU0pHJ6mSLIsJfrut4kRdO8T27H5mdvZFFlwbBnO1KnnLnGoenYwlFlzkBRgWAM6FWQfDnGskMCE-tmFWpRu-kW_JAF-Q0JE2Wsx7bhhZSY6cpYkbmnIvOjLDMe6QI3xhjlDhWaE6XjZwSOOz5C-OOBtg804px0k4uROL9nQ7uJ938mnHw9tA3ph778TrGt4d3lQwfR7AvXXPijsN_bqONlVmfDHZPV2I5T2bYJw3e-EHwlhLAvTOWuO2bRkrN6IhvLDzSrw432Ft1xAgDuRM_F87VN_KybCEpGh3BWqCL0na_RnUmOJ73O8iqQsEPzsqzBMYqOB_JPpMU7njHE3VuAQ8kw1_x35_HF0RHa2hiJHijoKHdMwbZ_VLHU-4sSxnv_g4VHFPxxDkPKCEnaHmiXj8QI_YsFKOemep9bv6OrM-Jt06dQXVpEPQDfswmLIDShoz5yx9eUPVH2n1muyRJzFDhcOqL4_8NcK6FKWz1oL5fQiDplTgfqxyj_dtpzDNCadt-3xYqeHU0Q2RyJTroJNa_vZP0XhMqEsnnaBqdndoMJc5ZgUuNr6XK984TIHflpAe2DwnK6BfJXBJGlcIa2kmFhO3K4ynmoY6JkbBW1OaPj6AoWbkvGj2eFT1sQTctFwJmryDYZWKP-dGBE5vXTNG1r2SrpCbxXlfKhs5Ob3WN298MTv7wmZrUvWo2Ty3D-KVDzprtl4KN8rw01hqkd8b5-tYNhkI8E7N-vBy00zXo-WNQ_oWTJoRU3fL8c36-JDXQtIGV-lIsKzmiO55AzcX7Pe-2dU3Gxj2XRZK_Sb9lDRMeNdl6vklEWZ0zJCUkwib6UArOveRMN_8yD7cfcBL1uJgtVtPqKy--5Vde7mapKL8RJGkQ8_Lh5XSzcoIIgvcnv6W3mscLFQDVDhjhxJhgfI7gp9I9mMO5TJieMlUzZ9h-Gr27EN6VYQQFlXA_19LNcuTBSUguhw0wrbDxpL6j9Vd_I7VB-8fTtI_-NvMyvmX9JSqrc1fah0UonGMtQalvAcTp8o8g-GpX1dfxuDeRozBdPG0qwfpJZmKSQZc_mBtNvYgxF3vrj5P6Hu24pM7-QRuMgySTl4zQt2IIUzIIFYReHleeYDXpFPV1RIIFfxilaSfeAhMsI9mpkSECFDsjftHqM5i-nheiAJcWMmeVMd-&cid=CAASFeRop5icYE0soIJlP4hnEERnf4zvvw&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

12728e13c1f80cde6d56b920a8339a7113b3f14bb919bfa3866076c14002fd63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33594
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFCB 42 B
107 B 254ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CnbxtqQmffS14A_emwzP7JwRGOlX27azibQb6kL2lG4AznSqMZYKHFt0Kw_kLG2uLnjfO9Nxn9j9fAbLgApGK-E0H1LmvDwV89vaAgMcK116Ais6s

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame BFCB
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/826939/57461185/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
258 B

99ms
27ms

Image
image/gif

63.35.110.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 63.35.110.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-110-131.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 22616030
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-server-name: app11.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame BFCB 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:39:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BFCB 120 KB
37 KB 332ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame BFCB 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:49:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BFCB 0
0 24ms
24ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQJ_DNjIuNxMrBEIC9aXnOuf9OclY-pKPb3MEfY5UfvNhy_ikLT9MVVGpHYSRv-atUCjphXcgMZAjrH2QG5McqwBhPkg
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A402 624 B
559 B 18ms
18ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNUjYlVTTzLkp20cB4GreL452E4310kKZIs3HmZhcc77SCWdU7QjRmxWnigzIOCPSP_86V84NTToEVwaNTvXUlwbReph0zMHJhMheL_j9goFq7k3sIsK92yXU8jnWQzlLleOjef9-7sw2fzqr3e7SaleYq9bAl_nchhFVY0GkIO6WO4O_Wg

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Nov 2021 02:00:59 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 81A4 71 KB
29 KB 40ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXjRr7eSyZWbPi1wDXeacJynmCXXJUZCZSWbsXbpmEMEgAMCKMW-kP2bwv04x7nGufV1alSy3gsVzf-e9WiZ5-Ws3hwWurmiclRghCapcoEo0wcIB2VrF4mn0X2801abbGKyDYlR96_WA1Ul_5tpXsDJ9cFw&dbm_d=AKAmf-CQnc9FT3VhqwaHxJIfqtClCQxE7SLNn5uOpbANLeh72msebCoLG1zF1cXinioQ0mOxRHwulseIWctBpR8miZ37jRumhTf59CtxRJMB4URyWZ6T_zMK9Y5iXI-je33GSe9emBoi-RdwuM0MucH8AeC2eNCHFvWraWIggbjY4jjgD-L83fCmWpKRdW9sd02JTk160Qy7jEOnmXgFCvidgEorDcOdpVlIa2cmnzma50gx0Ww8_Zv7NzG0uVPipLOJXkDyMcEdJjzdmd126-gbsf1UGN-lcu9z1OLSi8JiXbbMiPVLtzAuENGMaM7VznUjCqdGES86YvueEI5UDzeSJET95-VheDtd-AOvi23eyEgLtHkBBgFrqI2WxLRq2Tq3RWL6uRM16ty9tpn7sngptlQCvUZu5GBF8BUFWdjMW8cB8ZkEFNMxgyJcnQEZwXlSW6yAGlEOGDKCGyGAWYVr2n1Mf5gSMjldmCCMmMgmmlHMBwlg6LPVaLxlpQpkMP_wusH6gAgZCVb9omt6nBB4_e2JF7z8NXlikDN3f1bmdD55gdfEIFVC1X-01yv__vmExkBFhS5Xh2bLxCRzjLGdQDjefuQZdMQXX90aCc82G_9hGeZhqX8mAj_KaECDQDRKVcwXkVVZLaHrTK9BmhZFquKnlF9ugdHsqdk8XXWgDUM_QEi5pkxg0sil7Mz5PTaFCsA8Z_Kxay-GIpbB3C0A2wFh2MmB8_0-psGcv7dmNTLDcMPNAKIhEmWxMq52Jj_d-oJOUvRfloApEi5gbSxpwzVFknt-EWSqReix5wCgXcUA4I13QkjMkXP1SwQANG5BNgIceVBVpIL4-eQ_noC8wSZANSfG1poAdet3mBAfbjdePfa1jxM_xKrSWix7SzCHsXoFcA_GJTJT_QTtBf0bxfqHUcnQ7gUekf4MCFzataRQ8EcDH1rD3pY_OJhWDVxs6VTSvPOcNPlZ4DXEcCSEtlygh7Btn5TRlwCD0dziNpgm68wJIX4dgrCrwrpPocIwgWEzwwaOPugy9xc6Vg7f-pENPgh1zY2TwEecPp4Ul4SWHN0h1JyvPdhdP-dILJ0jweuRwoAtrHPdKEhvKqFGeVgPKo4aex4Up3tm8tktwf1fsOQ03x6KFZd9h9vR8iXVb7LzezqOYmOI4XrPFLzi8x6tA8ygAZjJ8Zuqc6KgxkuOt3to8r8V0QoLDOc2sQdT-GExtmuRaRDVnHhgGDBqhHli836_qMqxhWWE02ZxmCiWwMfjtUeRNCyas_sdl4132lrcFAJxl9rgkfq4sSgSh7mH39ufnn9F9R-GA5t_oZ9yTFYZKYQ7wat8g253WdBjwcuyMdFxJlleFencSJV2pLGgjxpQInKqhY3ZzTpiRWcH4U_JVjxcqqJO8Es56CodRa2YEYP86sIps_AA8Rv5yHVGpe6SkA7IRM_kNKYQna2WTbMZelC53qxAtx-QVMu8yyAirZ0sEeBcMW0fPmMFsitKs8R8BZFjfcHKScDNKB0-U_SNF-AgssZg4QHAX7s9FlrfIDeCLWto3jnkXXxx6k7OV0Rmm_8f45uPM9K_tIOjzEbkv4QcAmSeNtUDdwvn2GbVREEVW54l9azb3CKVZZcLib6vfxeFQDpqWNBwGQyD93cq5wGiha1dNx0FFUQdzlluU4HNYi_cIK49o4bd9hFHyJM-TMtH6v06LPOLNwdREOR2FCUfEp60QCLNd_igF4XYQZ5nkzAS-75K8tWdG0e7GNr9fD1q-Jt_BrtifYEZmagS0sWjJBBSczjGlbieCqsoyvky8dfwq134L4mrubXGe88n3LBiE0m6ZXuyyfOqZ7AMcHz8cukV05oHHcd1t1C57MKZxJ3CvJQMORtWi0fevLc8_Zyy3GZV-xVqSi8IeQZ8OEHG4Td9eSsxXv9LzZ_qw2Lg5-tjDR48qaAPCZyjHu68dkTSPv6TjcPvJ8Ep0ZwhGg3ADebXJ4mSpJx77Gn9bbLHjX6u5oEpvsOsrGqhrtbkGThhrMYXNLW-eIXQMST-H34svjU6AKPEyewmRQrXluQ1m8Z41WMG0sUOSYaZ2h2MUp6RykoDNiHfUAVbAO2t-zsvyLYMelqhUJwOuSteGgy1GQiqodf4hre6HQK_jjE0gcmlg-v7ayQzYWwjAmGX5LuPneVS9W1gLm4wYRGT9BFk0EJlqiTQ9hYzFGeTAdjxnJTERz1b2BNDZbnTETvUhZF6EJPKcg6rCw2bru3j8CskiHs2GYyxN7jnp89bnaVkqVi9KOataBEXdSb83n5yvCKtQFLeAjZx6X9iKLFCYInfXD7U1NZhA199U6GHrSkV-aZrzxlqqa4EEKN10vuHOas-kV-Gi3D3GtBJCemrhOURrhDBZU5HT-NemhidUpLKI2QSY3btzJuEphxyIkS1M6f7GZ6EumF5FLtH-6h7RxH_BfbDsN_cFAzyYcnrhEuGHKNOrD4KMBpzYUP29Qdn_Vcp1X_wzPho9hkt7KtLYjkOJigmxf5p2erjR_q3TPGICE6FkMhZ6LKa-EiNpA9SwjbmesDh0dXkPKfoqza-hyobjAXjfIoLnhSCiCVk4KtALofv6sSRN6n0ZK7xzpmS4V_7TRLAJYLsXLJoih6A_9thyQ-nqLje_-mBZHGG7YPRJptQ70V5Lc8mizG0PzvrUa48Bp7GtAicWgw3jTTTTtoJ0_-0vbT9WPUsoWhZDb5ykUQ6X3-_bpSuo8OryVWXeIMVXXKMjiLIDJTcALe86AtsAv-oUadnXTl40kjFwOe8rSVX-ko86e4XW7jiY1wHBNyOGo2ujt7hQXpHrkitb5puj32Qt2wc6Osu68U_7AAQhMmKu2SGAXDjW2g3zlaVPibS7TEWczj7hAgHx1vw57IlES8BTm1ggK9rHdBnb06ExjRzkBQH6JDllkZSzs_hlNeBdvYgBlijm0M6vus8djUknvBAxxSEMRPCNLn3Jz8RkmH3HSJ_1M_CeAjI4ENYw2-iqGrFsgj859KnKzzpSjlzASV8yDpf_g79xruylWqIDxdnbyFkjHqJQaMGAT0cD6AJ-eJzUj2_AB9TQreRHxvzZbEwJQ-0ucE8PYJhuQ2OTg&cid=CAASFeRonS3qChWC6AX20ckC9IhQJVNhvg&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

592efe1cf1a16ffd98bf860661b2eb45d0c05d0f6566ec946c122cdd620eade1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29420
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81A4 42 B
173 B 245ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Col0o-dBilq8_ptfZ9pTo7MPasCNdrAGIynOMxpOoD4VBzjelSP5eNLDy9EAWjUo1Lkc_VPsFCs8lwbaYeaA3Zonfib7rCOT4hG7pM2YfxNjeePKI

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 81A4 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:39:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 81A4 120 KB
37 KB 332ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 81A4 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:49:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 81A4 0
0 25ms
20ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTV9F0X5p8cKWU1jtX3qdVUhkBb42nrxXWLdHERIg9d8L1paUnLNoCfwL_vtQNP3EiL-WiBBxW69ec6xvnD0dB6R7LSvg
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5389 624 B
559 B 23ms
17ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNVtYYXtnM6N9BdVPDVnZ84nrXx-rHa2T_BxGUkTAM2xUHMmPpgFO6f5ch2Ms2e6hAkHxCOkYqixovogqfm98ggNCLwiFZ3gHMagHMHwnUh5zv_ugT7Qq0p3alApyrt1rhxA9YDaDuBZBrZeLTV-ChXUprKK1810KmbcQkqo_jDGNoep-H0

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Nov 2021 02:00:59 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8935 88 KB
33 KB 52ms
48ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoXV7iYs93qQ3ZiVhw2ODlJMzXPuhPOJsX2de260wxuks1obP68m_axnGB5-0Zjp9O1fF18oia4k1Is-IVzfFGgoE2DiOwGXaYNwCLUsczLTcRICH5Gzb7rqJnnzUZzs7rfro9fHJ2RvsHbNPtcgzDjeUW_A&dbm_d=AKAmf-AklL5YFchgKBOh7esFTP2yxe1atHciA-CFb3ThvYHFjJbupWhpaV05JTE8DghdRby3Ip1ob2Go8ge_Q16Jgo_-8g-eqXpuz9Ov8QJA-SKCpbV2Z-YCfDIQ5kpb8G4DDSiUH8ZCNHoiYpJ81SKPrHWePDm6ZZFNEWMFxzxZZbfseqU5NFZBhWCuXO3IjwePXPP_n5bJUfveD0buvLF-cHmv7qFhSRr-UwYY4DPDnolT0V1GfCWsOIBNBV5E3_vEzWDzpapJx57czGT2rCsTmWbPgyUPs9BqzyWOF-qeKYfwrM0mccRyt1gxdVLFhygH8QQuOJz-LnxwlhuRHUT2iyvLknM1S4FueKkluxQiSNbAuLsVGq5A1K4VJXsQDvn8HFkMlgerqAZcK-VeV2XTxTs1n6pwJK_9j0T-FVCcMcwdoG8Xmp5-A3Q-SJIvIsaTnkOitw6cFxk2QbQrfCCX2WdF5dYkEMBai7yk6KmMAWgAjYHxcgtLEJ4baLGMFFpNsr5PXgLgBpEfwJMDmydHC8tCgd7Nw4YQjRLr4gXph0xaFcrHTC4Ssu1BxNB7AGeehvRFeQygC8qnc3V7vwMpUpm0I3cwi7XdcClFZDuU8-uEK6eUFItqKEA-y0np4meq02OkmXFJqn8gSNXTWDeMuIyKJL2qM1ZZTp-YPE7U0uUbirLvPOejX8R4H2c-XkbadyaScfoQFoWAdIPXlYHyP_zX7qHmK7UtUGKd-PVqTfWK3oNzr3SWP1l3ClfuIDXftRP_fBb6Nowc3IHQwrJLeeQUWGWF5MPD4v83L6PjSmuIdbw4E_u7uCj8vuw5aI9Sb_3ytBH6ei9bXnBIxKaUsUk_IOOl1iX57xvT5Lp9ieB62LH0yheVy1tJ2lGrN98Zbs9tt-7QXLaXd6CMgCsCqYxHkqvx1dGzO4i1ZHDOaQhroPlJQ8JGPp1HhutsFox0rrDr6bzE5V7tbkN3iIY5MwS_ptuqILQIxAMtDuR2RZlex83ilAoxcuTA0Cdjemqkv0klgLANAnPQSKG7mjZheWrCyvZiQ1yF1HbqE6BSERrxLCEiANCod03wFgGW_e9t8GJuvtf4cad8KIiHzwINjRUGHPPQhizdPJaurvO6jhpcugMc1NpoYGNBFdbtT3WrhKYoQ3nT-443nWq12P0wjdFg3RZK8PUEtgtrM0HWLwh-1ZI4ICnBoQ5WN4hKIEhhz6eDcPj2yle4b5mE8XEE33Vdr_iaTLh4EA3Ney7Navksyda16fAv_r0UklzlETlUJDQhFN6H6k-THB8_991FCcOmt1e_sJOxOn6K9w4zacLiOEFpLkID_c1saQeegOOvOC2Be5emndgCMG_jxzhxzqvN4fA1wD2KaWxGk96v-zwfkmV3gFQlT2s0yokf3GvIt2cRJmxBT0T3tBFDw3qH90h4eDfDsbfwVine08azxOdRh417D-ayIbs2ZSawPoAzdXgoQE3jagdUDoAr0MEyuvkUwewl2BhYgk2a7gx2woG9ZbfggnYehW-r9l9Ii2TjigOFGApt79TafXFDxUh_trXCTFd4MNOoeAAzyzlW0zbDn84ORiZZhDNvMkQru9DcRWmpw3MlEHWh8W1aUvCrh2iGPREhwWckYM1gT_KT9Xdtw6BpbNPGKIG-O_NrgtzbSj5ZPwlxhWaTjsbr4NhQ-fCIGhTrUYe6yV1nnj7wjxlEzwVbbfRVwXD4mMQELbEnvOC7hrZDdrFoBRU5yPEUV3vCz_jOAIji8Zq58Brl2LoQstS-bpelp0ihk-P6zqmVRixmChhzojOcgPgxkcuYt_WY0T9ogU1M-cPG30SHdMBOapDPHVt1g8YZWT3L8cJBYeEebhszMXtlcYawLHKthDk0rRs_t00bYV4MUqiWHpi_4_qhmkCoF1EdVhgkeGc3M06k8gXI930qQTrlWgBt1RdPIARgVO9zFdVsXPbu00ZaxgZsjROAooNA-zsDzp7ke81xnnla6FWEDleURj9uxgTYjm-2wGJmqOq76eBXPIb9r-5-VVyKEzVZrRMaPGlWJO-0wh7_C2Fgz3IDvXdkKDKL2bbuiw6aD7CVGIRBG-8IzZUBY53fZVAxtXJMNf4E0y1c0FqxjySfDHTAnGMwZB-ojOIvX4RinTCsHtGjqm9x7PkuTQELn6anZn2bGqRjhQTVT3gPn5Y88RKHL2Y747Erhk9-7rbBo0qX6B5NcG7uTeFX95_-I7rXPj072hsb438qV3PDuIJ99gLYzK2sniy3nJvqsPUxvCUg44a47FynZD8j1rOKE5hJQrSeHBDoLMD67pGIVxljO-j_ZkG32ObgK0k-NfpyxDx4FwX-qg0aA0Zm2Or9o4HbqYkhfS42GytYlq1ARABEfZEbeEMnLDR2VMm12kzBaIAqFko_jzrAoJiOLzpSpFTKxQh4iV1G35q4COPOJ3lv6hUgMy9vhEK6JUhgoBkyLvK_AMspd5KBZ6yxXrOT3McyTUCHe2BDEmsQFkPV3fxyX3QftIi5D115K20MwiSqf23fd57t_snWME5XYnSpUUS77zfe6rKvhCL6E9F2oFoYj7WT90XfDnvsok5a51Mc0wIToban32opDd8KY2FCH1JV8L-XJORRMT_O3W5GzgAiheHucmvUvoENNt2PZ_mUOqYbRNqC4yrppch5yjAzWRfBmjjJLkUu79kiif8vz8DNfvRlFtuF5fhTycXEV1lkFtIP4L2nLsdqA3soYelNJZ5X6FxEkfrZC1o80TGCsFQJZgas5d89uoENUt2S7Q_oWJZPIw4oqWH8QuvyDGtsnU_PivbBA71jOWLC11PA6e5CSQ0zcCbXILXzOBIxNstLgqtsDsqlGP8B37MQ57EQ-JF_upoHnE-1XYSuMB9ADzU_4i9-wNSx_E9fmckqfW02LLr_GpeBrcolpcX_O1MF7WzHnwhDruGDW1Qxlamu64-nlBf6IT2DKlgSuwZWTGLe0W88yl4WahDPK3phEdH6GKLj5k8QdxliuOMMJMxoV9-RqggfWFGFkjVjhoYlV1Zk6xBTRkH32W0lbH7kAts3W2z5UjojtQdWEWL-xWmvhu-CFq_laGJtjh1aSFNtgADTJ11wVzt1Hxkbrph9gR7fYg-MMmf7tbaruIoVuKbdw--31Ye4afTwCX0RUgu4VtW5CHyS4idEYjTh4o9aYVohbcMgvEfJbHnMMBEN9ORa&cid=CAASFeRoc7pRIG4q9L0KC7nrtUA0Yfa89w&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

52c322a7b9f57f22f6fe4f59ceb0abec1cf7f79a69d4ee70f014e192fe787af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33723
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8935 42 B
107 B 243ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C0b1a7gOAuFpnYeoC7S8xaQJQYtsLP9HaRUDFcxUJVnuCFIhGjXGX7SJePHrduQQbf35fGdTuRQ1HKlEEjXoWutOvR16Ky-NgtZgUGfSTfvfeSqA0

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 8935
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/826939/57461187/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
259 B

112ms
26ms

Image
image/gif

63.35.110.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 63.35.110.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-110-131.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: nginx/1.16.1
age: 22615560
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-cache-status: HIT
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 8935 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:39:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8935 120 KB
37 KB 330ms
42ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 8935 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:49:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8935 0
0 25ms
20ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXhoDteifJHYs2V24nqskIPd-s3Wq0kslm-fgzpBZWkgph_7ocdv6U6rcVjUxrCUS3iHHVGHJurIphnQgrshm6pO0yYg
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 53B7 640 B
316 B 19ms
17ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNVq1WW8ecX1Mha5_07rbRjZ9jedddG-9C6aVvfF3G9jXP-hVvpuJPllOOfkzzBZsakfZXlrTWJVivC0FBwmHr8MBx3Kn6UpVmwcZADtpXBaMLC_LldhStCkDNU0RoW6vrDujqSA5kPWJnWLv_4gUD0_8WdJrqnCVtkbG0ffOCHvHV0_R5U

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Nov 2021 02:00:59 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0A45 73 KB
29 KB 43ms
39ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYB6fKFNpmGFMYjEn_pqgNXXs0tAAoVVGTnZ_WzJYjczf4Vi7vJVKbNOc--sJRBfRg5bSvf-HY9X72ZhhqmEKKgkxKZw6F8Tvr98-ZNo0QDyw2BN6zQ1wIkn_co8QbylOTGyGLRBr5MAJ_EtyN-AodcHGO5g&dbm_d=AKAmf-B1r3_GxHQT3KET_jTEm3iUxzbBa07sv1Ja3ExGW1kGzcyM26Mdgud8urSQkArZsrYyzGdn64ufLT6UYHyaqrX0imBkk7EZTNGDazNmx9-TtxyDxFSl4hib-I7Q1jMXb-83MaFFVwED3sZIMAo-iqE4IaVFxhgTLkBxEO9Z0vH6w4qiSJyGRqI5YjtR4ozp_RriXPj6frONIy5THu-x4u89jqfM_6pkxFLS5klIdMLH_N-jvDmTqEeh-pdaAhZDP-ydnt6FvE6L-KPXqBiZu2UDsDroSF7nJdOIxYSA72n_rTjkiH_9CGoS9AQbvQBUhPKXMT_pG1rRXHhRkpe8woyX5GiG-ILa7cQzaPbyBdn1VQsH_sQsoR95pz09JblJ1RPX1cPmW-9MgGS-9pEeGOVFLCmffQyJ67LVcci-f5z2ePacvdKzewFJQ0Dz4ElcVJ9jtiWd-Q7g2HYZS09L0NnA71swBhXAE_oGbsqYoEQiTrjtXGcwxLYpxEoQcGJpvvo7nBy_2x1pgCG1K94JDFW7vPL0qTcRW-RBmgvg4Ve1g2vgsi17nbAmv2aDfbyz1Yp88QZ6fc7HqXi7trCS18-BaZW5f4qD3kj3yIeMrV-H28wtpoqG4Z-HrGLIH3lQTSF2PBL51tzGXu0S1sgaf52NaJPEXlr9t6XLkU-WzIlzX5Z_Mn8zZV6UzLdqevrqtahOTgEj13ci6ssvOdVrl4T_rXJl2-JwBTgmieltLf0nPX1L3BB1dF3mGMLaTWYHCqL6_iqjPDPdPYYqP2AZ1jY9vBv6em5WhVr2l7DM9WBxkvUJ5AYQ4Yp01oQTUTLg0YZirOdtxSkTw9F73NguAYNhcqxKavePDOxhOt7z3Km7oz28qSq6BCWRWLO5yEfV6V-BWVpnH0kIFfjSNOra_38m44VOC2Na_bFucR7BNmmAjMscksEjP1tm2dpl9xnpt1b2yYmF9NtsYlULlsLkzQPLjSF2s2v4AXBN-4kw4bh4RTDzPdAmSqtfp5dB4BaFgzBq94HCMXqiCOADMUQ9O5DHo3pFCzEmKWyrjU-_kUWxOR1a8fRRQUisulu5V0txeClXQL_1Q2nT85m3hj5MBM6Zcc9Bj5UPd-fhs9DkE6mzgjCkwRMtALebro_JzajPmb3eq0pl3oNpIzhHDQ_BhrJ4cnIY2oeqDpzNLwP9_WT2xht3C7BVrx3O3yK_15ZpH8O15nr93dJw1L-S9B6y3VCKXFxbbL1TaC5ZQCcs94pYQoC33tJxEWYgTpMyp5g0HWBkIClZX7pUw46j2Zcw7YwmwctkaX-SiLGYwPR9vZxCTxMgWzABkL3HAg0fx7n1Of1wWbURgOJWb2VzcVtJwD6Z38dXVfdJc_Czo2uQvzNytXu--l3U0KheSa6oEozXPl6Ub0GpUkGgQB4mIK2DhUTYk8sm4M6QBMS_IzWQlYUyMwNT-WoD4vzIDGU52eceXxGmub2GpDK0QymiB-nFVkQS_8uhUqSJ8H4hnBPlLgmUpdaN3EqTDSOXje7bEgKuxgi76ilY3PmYeHwrvwxEK60Xrq2XNE1wdFHCCLblGIriasbLblstpZDE31LiTtlobO0-HkqnSNU5B6AhQlYR3xS1kHZsvksR2HwoWA3pQEzFiRERNvGNm3VNP40TKoHw1KFh8d1oWkAnIFrnH_YSHqaIKkikJYIw6JS1cJ3umGA_lR61ynNg06ETut8VmgWXQpMoAsv38YzyznjwHKcJ0F7Li-qDuQbYMCLP_QTZGOcT_pxQCoZr7NooLSfjkHu8qSc2WQHBxdHv_wIZPssEWQmAW3bJLhGLye6mdHqiKo5hfMZxRhhC0cjmC0UmhsqGaDRQwBfRHaFAL2RHUO6PKvNWT1D0AsEZVbJr2j72CFctdNCLhF6t4U9loWMtmKr6ylpt_MihqG6A1jv8Dn9HRet1RcXZWNV_ZbZCxmZzuHGUxl0k018kqvTqmRa_peVJZWX1MR4fJLkRh65WPgpVu0E3sJ84nys8iNlMP_ZCU8otX7QnyN10WA2cH6LCeISZXya_Ykn4eS4eDnlb3okx-Mg01XPvJrRndFnidcZ-jxwTJL1VwYpGeKpQr1kgjfcMayB1h_F38f9AoBm8-Xf3HOLazyhLu9wlSve4c53P4_23SBu9FMYfrNNQAOWmwjBXoNQKyKACEbM_V15hZFPtskK7MuNqr8ut607OUPu0lGZbwIhhTAMngRtaglsF5kUZtpi6fiTPU0W9QCqpkvP3_nrKNnT89HIoojBeigG7Yq7cFtD0fVvW7YxDNwdhQ4brwh3MqPpBW8OOLgav1sg60nuRRyuH1NSFNhO9Q2X5rgkT0AdagHfRtA8R73IH-AC1Z8B_WnxlPZyVHdoevugTf_eu1sEckTHNizsyiNrY2laSEX4WqnOfehRQKLB3rcACDD78w5Ay1IfLQEtn4GvBqKXgvLiv4NQuyKh7xnI-3wKK_VLbfNvFIRIRdnGdgnXbN6qoQLtqhTT1vBNYrA1M4X9WWkVHGTt1oCnLb2x7s2eCxZ27XtWAlp5rmdG85QQ2Ha4kPZ0rz0BK-H2-Qr-ArxpqohdtC6feTA6cVSeS9zSMotjomnNVQAZNCWGPWaYY184-KMKMa_S8LRqo67lMnF-yIe_Q_ELhhQFeSVOsFtN4rwyxGulDEYMIXd03YPlMsKmWwaUe4kNe6Kr6XPtWlj2m_IsYOW57lRiab3ZdxgBKveP7puEz3BsYaIaWGjFe9d_wM5WU8O27k59LuZmXSk5fFMmCrEI0bZZjBUe0sUxKWjnHX7tWb9judzVOibEQTKTdD7DUNMOdRINbOU-LWmaWqjGQ03KtlJQ5_ZAYMabdcmWdHERQx24-gKAg__Duc6IztEsICY6p9DHVk3fao-9GFI1BriZcwCbycOc2YWcHyWAvfWwIf1KN8tASiYLlF7-el8jb_lMoirc_IPsn-n4ZZqzeD-tanPaGEzrO-bOR61K9fpKAWjcnalqJ10y_2K53jP5Z1_8LeQmAqlOCd266rcTB91HXp8YXjwiA7CL3m_HPokt6_9D7UkFAraEhEfy7oj3uUVaW34o9NbQBKsdp3w2PqOwG50L_aoQZq1Mf7pvjHAXH1uJzUtWjAeollhZ5XUAOiX6qlBQ1ahZEkSTPA-Fw1Qa7j2T1aHg3sBvRFP3PLTI&cid=CAASFeRoDvNzERo0angUAoyCWVXzwxAVGg&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

3c69dbba26c960886214d87c0dedda98a0b3c2e56e40c83dcb85ab68509dc9e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29624
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A45 42 B
107 B 240ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AqGlxG0t4XF4PQbPGApfLxmDvan1clbEmvgVRdp4g72avb4fkyrVBjHPXXVRmh3-BwbFC5ki9jHmWS7G29vW8CXGea--_usv-YbS6jg2XBtgVLQSs

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 0A45 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:39:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A45 120 KB
37 KB 316ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 0A45 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:49:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0A45 0
0 22ms
22ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTql5W2UH0oVSaCtp-Q-mnIGmNM97ghMvvnMeTjVbeCBDnwTRDCY7glHniOBgeM9xyMwvRFLrXzlE_SCYqs0GLyP7bTrA
Requested by: Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6F97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

43 B
1014 B

36ms
25ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNWgUevlXLvgqRJBA7-JEPkOMPTgQtYD7xelvNuhYLCPAj41muznr7ZPgnHecDmCGwGsRJ81hst2otmHO-80aQv4x8EvmL3EbHgSPqHS54mlAsI2KaAyk9ZgatkfIqHpREZZId2nPuH0EMp0naw7ulrJooSbHsb3rH-094jEslAwyDr7BI4
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6F97
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

43 B
894 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNWgUevlXLvgqRJBA7-JEPkOMPTgQtYD7xelvNuhYLCPAj41muznr7ZPgnHecDmCGwGsRJ81hst2otmHO-80aQv4x8EvmL3EbHgSPqHS54mlAsI2KaAyk9ZgatkfIqHpREZZId2nPuH0EMp0naw7ulrJooSbHsb3rH-094jEslAwyDr7BI4
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6F97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

43 B
1006 B

18ms
13ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNWgUevlXLvgqRJBA7-JEPkOMPTgQtYD7xelvNuhYLCPAj41muznr7ZPgnHecDmCGwGsRJ81hst2otmHO-80aQv4x8EvmL3EbHgSPqHS54mlAsI2KaAyk9ZgatkfIqHpREZZId2nPuH0EMp0naw7ulrJooSbHsb3rH-094jEslAwyDr7BI4

Protocol

HTTP/1.1

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 68bcf372-1e8d-4ec0-aae1-dbeee87132d6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6F97
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

170 B
188 B

24ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e75d3bc3-b19d-4b66-933b-43fb8da9ba7e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1

43 B
1014 B

44ms
28ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSL-rQBMAE&v=APEucNXszRJ7QYe-YAyrz7Rfo7CKeNAweap_XIu72QsItDz0j3eSLfzdmWGM2aYJ4hMKCxVju4cagsnIaUnpkoKc-THVnkDSW1t8a1fFeGKEFC4BemHZCaHREFM-vqYXNC6RFI57MLaB8V8vH-0zkHkXZ4If_TlM2NLqR5yI20iKI_p05NELjZI
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A61
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

43 B
894 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSL-rQBMAE&v=APEucNXszRJ7QYe-YAyrz7Rfo7CKeNAweap_XIu72QsItDz0j3eSLfzdmWGM2aYJ4hMKCxVju4cagsnIaUnpkoKc-THVnkDSW1t8a1fFeGKEFC4BemHZCaHREFM-vqYXNC6RFI57MLaB8V8vH-0zkHkXZ4If_TlM2NLqR5yI20iKI_p05NELjZI
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1A61
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

43 B
1006 B

26ms
17ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSL-rQBMAE&v=APEucNXszRJ7QYe-YAyrz7Rfo7CKeNAweap_XIu72QsItDz0j3eSLfzdmWGM2aYJ4hMKCxVju4cagsnIaUnpkoKc-THVnkDSW1t8a1fFeGKEFC4BemHZCaHREFM-vqYXNC6RFI57MLaB8V8vH-0zkHkXZ4If_TlM2NLqR5yI20iKI_p05NELjZI

Protocol

HTTP/1.1

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d684f1d5-e976-4929-b6f6-c2dea7c84066
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A61
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

170 B
188 B

17ms
15ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 31e650b4-ea27-4f89-b32a-aebdbfbd2799
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 58A5 169 KB
59 KB 94ms
10ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:14:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame 58A5 8 KB
3 KB 163ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CC_FHEyaHSG4XWGgmMPGv3Ct9c7MvI3F5tRpfcRR8U55LchOpDCTNrjzFTPDt3vm3o027h1_BDmWsK7hxLcfgMA8JAQt6vLORa0MtLCeCPB_YKxoR7krSycRobHS0Nk3apQLq-hEa_wHwwBAyUymknJVgS1g&dbm_d=AKAmf-Cq40ZVhU6FvOIPXlrVbqQydAipn4H44ANV4feDa8d1qaf4cZyYCPCPX32e4JHiwdZDR2PxSORodlcbYYDWK9Jz9UTMbFFbN_gG8DurrXkqPr6bF5WEeGkqAZmSr1zEUymiKw_ArpXaCAZ8O9ArHKyIc2m0iyXEh6W0WaoxolCpswCOWJ3EfmuYPf-WB0gZmi9JZCigJTI86Li9nBKJvaaRnwATj5giPT945ucx5r8M1crXTDLfIsNjhZCJNNzLnJP65OL2K7DH0qWTTSLeZzJn3ko7jyZ5fm_UMqkipnX6GB1VJoKYUE5myqy0WN-fVDiS8V6JECKbLt5-sdYygiE4acCW4j4aa_nB1KC5s_qXYQztoau-PDiHnnR3Co-AT48oB1WeT5EdHeynd0aJvZQ52sicR0lgYltcQyc0XiPubLPcoTs1v-TvEDYezCDBqvJLl7bUJQM_AUNAa2LRzoaLiXB16I27Z4NEoX8ON346LIvBNwOqvtGsaERBXmPctthK8xNDy8tPjJV6eP-cl_pfe51Nflb_nGmxxU1k97iDYzBxJRrNsUeqY5uWhzKvhHaYEgDXr8gbWvvDslsLWKC8M9k5hqRKY8Iy2rUqnT3GKyAMJaB50yqzUR643zZfJltIUBiYqSqn-7Q3A2beMe-lJz63wL6QtXfQ0ofHoiutebK4cTFUfi-AeD0zcS1AnFyqKwsoKcfJR_aA3FOvFI59WWLAAj5HZZpjvuuGn2euxSPR_fqWtx139i6qSEyWistfxZEjBfwSR-c-0zFy-pBb0mU2DEF3nLtMHQDnAcLUeF_FYka7LrgmZwuLlDaZj6eHbI96i7STnCoFpFC5V6JsFer-yr7W1tNvnBIVK3-_aGjxyAp511u9dkQXT7RgS3Mg3_n4vTEmPaMlSBf-C65AwOeJgjIZwVOKQTpLTH7ViHiBiephFQjBopYkf6So4gfpy9Eci4DTQv9I7vMMKzE19ya4dylMkYp6l2oFH6HHvXnh74TTWWA3Z5tvPEA3hLPLEM7cVRuYSJTMiVvw7s6LAvfEGpYO6OOYNZ50S0lm8Rf7cjDQFwDvZXSR8xjFjKE5W660Azn5DlTa7KIPjQu7nMQjIOnd_eby_BMoaK6RAGqYXTlUoTKA6mIftjslBiQzLJxBgD6rCIPgKEJzJGYRiorjtQVovFa8R5UUW7jr18z1aVkp3STW2Ly8aKfBsYPJnmiZuOte673yCBcq9_x1gDI6mtECRgIBtby9_Qm5nRXnuxJL7je0ivMgdUzmaaOH3mKCTKqNb-iD5yEaPjq62zZfhaYa2rAcAe6N1xG8umlb6slKgiQeoj9eCrQniC1mw_WNhU0HA7m8U2ucczmCUg3_B7pxlLWc3wGObTuQdX_GAfEN-lj5NTAKH-lwErqsGfPlJ1pvCtHzP2gpWwptqgtlZxlFqG5gyOHl6ak9WBoewY_lQ_3esPX01dKPfw8AyEL-_Bj_LeU5tsn-QD4hsVunCLEoywQV4rJRljzACaHUBPx_wFa7y-LVkUbVr6x5UC363NWK2trJnn-2Osg5hODoWu2F1JFZid2GtTF44dEKjQnHbJ7dTZ2IVs4Jw-xGAMVGlFQrVn3WPsg265Ctn7pyYtovIe-8_PG_EU5ikSlXflW--lYpIpRWTqmqz4e79zuNCRxIwEiOxev4oTV_b8OOFoI4Xxgk_2RkRJ4_dlOYRFBX4Sk2tMrs6nHbExHiNKE12L_sqPo4SNZ7FfTXYzsrs4X65qnjvCzgXD5WkF6D24B_58chjvuPRXpzob78qkkiRME1tXwxnW7QzhJqYavN9lhxRA3ai3DEJB60JdpOJqxtmlE_6soD13zeV-tUEg2E6uc-h4-LEX6vSQw8rDUjRd3lepb5GLdmBEf8F3Yah8gMUIa74OoD1blwvoAUhrn78jVFRQV857T2Cjfun-ZPDZhGFIu98Te5VjbmRdoGKPJ_B7rj4ZAuFIQ0HbJDmF0huZOtuqi0n5jOPIxiGo2ONX7epParHr3WjnMxhTv5kUnXgxxxOQcrEjODpgUXgLmicYQ1NqbhVfncSi0ozqo4V4Uvm1lpXxJhOkfPyUIa_XjXL_GqaSTBK2GnlHttwuC17cHalT4aBZhn3pseSH27xro5JcKOp5uIwVi6O_h2TxgqcTmnYlUcDyxN3tq6vV0rlFkhZoazyO7z0KxLNF36-ywQEB4fS2r7kCtbTlu162RWPC-XylI-2U4haF2wBJgSKJmUknu1hV4xwjseflRh9xBmoxPfr3254Iq55b6mRpZgrEjxNPAP9NQKgJ37aku51AHMWZ9ROUq42vrEW9glV_O9C9Ml5FCVjcdDGRWMFVC64iqV8CfPZ-CSSobF3p7j7uVAazXyjX1NpfZsOXMKWOyjB-A1m_iY4XNKFvtuMtiyXJ2GMDf7n3Phc1N7Vnit9GAz2KTlzPQNQpjbgZnLs4nzebAEgzainW_I20rHlR9793nQYov_WbeSG0sxvujPEvjRC6kFXoaRig5PxVBF7e0pAVxT5a1d2cbhIIrXos4ergmwHpO0wu8GTJ4urRk8FiWrpsVDV8DgMX09DEZbdaXgnw5bpV0D3G-7yqDZQBvSAKunFHoC6ZBkVBpSIzyoPdgm249RiYOsajeZYE9NSDdmCbZqhWtsUGK7VGfZZCOPcEwKEL1BZUNpTUKWJsV-BNhHKRApr4NShWUOuPiWRAcHofpSCIOAO_XYT-5l_fTlqDhsNuKj3oK-NBtHx_I7x0LAuYLypZfIvFto5ftRDmhgZGHubDOLnvOowCMmQ8sNs_M8My-5DtU1eNstoiL-Vc9bHuyePee-MryCuGUpvKU58tiwghd3TtY9oA0glfGYQ1oBitClTZoUqSI5BEUM9-vJ9KpCV3U2-qWB8NkImOYWcnbnwX1wZIkrdLig5y6X7_PCo-VWTgT4-Uqf3z90ajI5inB87ZjlBD3LzWAqwpVWW7xDStMobc4MEizY1M4HXOlG85xbKot-eQFK6Q3wXmnIZEG4I1G8M_IgUYkVPEZXr7i6qVOLUlPkuKVbw5Jfy6ZH9QYPEJuT9HeQAFVRT-AvPVw-g02tPPSCDUhx_Tft5ATMDZ2p5Y9o440TD9esqIAR-TxQr_HVfCDcEciq4fncFzzqRDWDV6OwZLkrMCMA_MAQbCqURWWdFLfcgTs&cid=CAASFeRopSBsPEpTE_84jiL80t0oYlTDOQ&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:27:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 58A5 24 KB
9 KB 151ms
17ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:45:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A402
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1

43 B
1014 B

41ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNUjYlVTTzLkp20cB4GreL452E4310kKZIs3HmZhcc77SCWdU7QjRmxWnigzIOCPSP_86V84NTToEVwaNTvXUlwbReph0zMHJhMheL_j9goFq7k3sIsK92yXU8jnWQzlLleOjef9-7sw2fzqr3e7SaleYq9bAl_nchhFVY0GkIO6WO4O_Wg
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A402
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

43 B
894 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNUjYlVTTzLkp20cB4GreL452E4310kKZIs3HmZhcc77SCWdU7QjRmxWnigzIOCPSP_86V84NTToEVwaNTvXUlwbReph0zMHJhMheL_j9goFq7k3sIsK92yXU8jnWQzlLleOjef9-7sw2fzqr3e7SaleYq9bAl_nchhFVY0GkIO6WO4O_Wg
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A402
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

43 B
1006 B

28ms
15ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNUjYlVTTzLkp20cB4GreL452E4310kKZIs3HmZhcc77SCWdU7QjRmxWnigzIOCPSP_86V84NTToEVwaNTvXUlwbReph0zMHJhMheL_j9goFq7k3sIsK92yXU8jnWQzlLleOjef9-7sw2fzqr3e7SaleYq9bAl_nchhFVY0GkIO6WO4O_Wg

Protocol

HTTP/1.1

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d7ba90f8-15a8-4e1e-aecf-c56a322e0284
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A402
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 571e0dde-1b0d-4204-9e13-48220edfb240
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 81A4 169 KB
59 KB 103ms
28ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:14:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame 81A4 8 KB
3 KB 155ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AXjRr7eSyZWbPi1wDXeacJynmCXXJUZCZSWbsXbpmEMEgAMCKMW-kP2bwv04x7nGufV1alSy3gsVzf-e9WiZ5-Ws3hwWurmiclRghCapcoEo0wcIB2VrF4mn0X2801abbGKyDYlR96_WA1Ul_5tpXsDJ9cFw&dbm_d=AKAmf-CQnc9FT3VhqwaHxJIfqtClCQxE7SLNn5uOpbANLeh72msebCoLG1zF1cXinioQ0mOxRHwulseIWctBpR8miZ37jRumhTf59CtxRJMB4URyWZ6T_zMK9Y5iXI-je33GSe9emBoi-RdwuM0MucH8AeC2eNCHFvWraWIggbjY4jjgD-L83fCmWpKRdW9sd02JTk160Qy7jEOnmXgFCvidgEorDcOdpVlIa2cmnzma50gx0Ww8_Zv7NzG0uVPipLOJXkDyMcEdJjzdmd126-gbsf1UGN-lcu9z1OLSi8JiXbbMiPVLtzAuENGMaM7VznUjCqdGES86YvueEI5UDzeSJET95-VheDtd-AOvi23eyEgLtHkBBgFrqI2WxLRq2Tq3RWL6uRM16ty9tpn7sngptlQCvUZu5GBF8BUFWdjMW8cB8ZkEFNMxgyJcnQEZwXlSW6yAGlEOGDKCGyGAWYVr2n1Mf5gSMjldmCCMmMgmmlHMBwlg6LPVaLxlpQpkMP_wusH6gAgZCVb9omt6nBB4_e2JF7z8NXlikDN3f1bmdD55gdfEIFVC1X-01yv__vmExkBFhS5Xh2bLxCRzjLGdQDjefuQZdMQXX90aCc82G_9hGeZhqX8mAj_KaECDQDRKVcwXkVVZLaHrTK9BmhZFquKnlF9ugdHsqdk8XXWgDUM_QEi5pkxg0sil7Mz5PTaFCsA8Z_Kxay-GIpbB3C0A2wFh2MmB8_0-psGcv7dmNTLDcMPNAKIhEmWxMq52Jj_d-oJOUvRfloApEi5gbSxpwzVFknt-EWSqReix5wCgXcUA4I13QkjMkXP1SwQANG5BNgIceVBVpIL4-eQ_noC8wSZANSfG1poAdet3mBAfbjdePfa1jxM_xKrSWix7SzCHsXoFcA_GJTJT_QTtBf0bxfqHUcnQ7gUekf4MCFzataRQ8EcDH1rD3pY_OJhWDVxs6VTSvPOcNPlZ4DXEcCSEtlygh7Btn5TRlwCD0dziNpgm68wJIX4dgrCrwrpPocIwgWEzwwaOPugy9xc6Vg7f-pENPgh1zY2TwEecPp4Ul4SWHN0h1JyvPdhdP-dILJ0jweuRwoAtrHPdKEhvKqFGeVgPKo4aex4Up3tm8tktwf1fsOQ03x6KFZd9h9vR8iXVb7LzezqOYmOI4XrPFLzi8x6tA8ygAZjJ8Zuqc6KgxkuOt3to8r8V0QoLDOc2sQdT-GExtmuRaRDVnHhgGDBqhHli836_qMqxhWWE02ZxmCiWwMfjtUeRNCyas_sdl4132lrcFAJxl9rgkfq4sSgSh7mH39ufnn9F9R-GA5t_oZ9yTFYZKYQ7wat8g253WdBjwcuyMdFxJlleFencSJV2pLGgjxpQInKqhY3ZzTpiRWcH4U_JVjxcqqJO8Es56CodRa2YEYP86sIps_AA8Rv5yHVGpe6SkA7IRM_kNKYQna2WTbMZelC53qxAtx-QVMu8yyAirZ0sEeBcMW0fPmMFsitKs8R8BZFjfcHKScDNKB0-U_SNF-AgssZg4QHAX7s9FlrfIDeCLWto3jnkXXxx6k7OV0Rmm_8f45uPM9K_tIOjzEbkv4QcAmSeNtUDdwvn2GbVREEVW54l9azb3CKVZZcLib6vfxeFQDpqWNBwGQyD93cq5wGiha1dNx0FFUQdzlluU4HNYi_cIK49o4bd9hFHyJM-TMtH6v06LPOLNwdREOR2FCUfEp60QCLNd_igF4XYQZ5nkzAS-75K8tWdG0e7GNr9fD1q-Jt_BrtifYEZmagS0sWjJBBSczjGlbieCqsoyvky8dfwq134L4mrubXGe88n3LBiE0m6ZXuyyfOqZ7AMcHz8cukV05oHHcd1t1C57MKZxJ3CvJQMORtWi0fevLc8_Zyy3GZV-xVqSi8IeQZ8OEHG4Td9eSsxXv9LzZ_qw2Lg5-tjDR48qaAPCZyjHu68dkTSPv6TjcPvJ8Ep0ZwhGg3ADebXJ4mSpJx77Gn9bbLHjX6u5oEpvsOsrGqhrtbkGThhrMYXNLW-eIXQMST-H34svjU6AKPEyewmRQrXluQ1m8Z41WMG0sUOSYaZ2h2MUp6RykoDNiHfUAVbAO2t-zsvyLYMelqhUJwOuSteGgy1GQiqodf4hre6HQK_jjE0gcmlg-v7ayQzYWwjAmGX5LuPneVS9W1gLm4wYRGT9BFk0EJlqiTQ9hYzFGeTAdjxnJTERz1b2BNDZbnTETvUhZF6EJPKcg6rCw2bru3j8CskiHs2GYyxN7jnp89bnaVkqVi9KOataBEXdSb83n5yvCKtQFLeAjZx6X9iKLFCYInfXD7U1NZhA199U6GHrSkV-aZrzxlqqa4EEKN10vuHOas-kV-Gi3D3GtBJCemrhOURrhDBZU5HT-NemhidUpLKI2QSY3btzJuEphxyIkS1M6f7GZ6EumF5FLtH-6h7RxH_BfbDsN_cFAzyYcnrhEuGHKNOrD4KMBpzYUP29Qdn_Vcp1X_wzPho9hkt7KtLYjkOJigmxf5p2erjR_q3TPGICE6FkMhZ6LKa-EiNpA9SwjbmesDh0dXkPKfoqza-hyobjAXjfIoLnhSCiCVk4KtALofv6sSRN6n0ZK7xzpmS4V_7TRLAJYLsXLJoih6A_9thyQ-nqLje_-mBZHGG7YPRJptQ70V5Lc8mizG0PzvrUa48Bp7GtAicWgw3jTTTTtoJ0_-0vbT9WPUsoWhZDb5ykUQ6X3-_bpSuo8OryVWXeIMVXXKMjiLIDJTcALe86AtsAv-oUadnXTl40kjFwOe8rSVX-ko86e4XW7jiY1wHBNyOGo2ujt7hQXpHrkitb5puj32Qt2wc6Osu68U_7AAQhMmKu2SGAXDjW2g3zlaVPibS7TEWczj7hAgHx1vw57IlES8BTm1ggK9rHdBnb06ExjRzkBQH6JDllkZSzs_hlNeBdvYgBlijm0M6vus8djUknvBAxxSEMRPCNLn3Jz8RkmH3HSJ_1M_CeAjI4ENYw2-iqGrFsgj859KnKzzpSjlzASV8yDpf_g79xruylWqIDxdnbyFkjHqJQaMGAT0cD6AJ-eJzUj2_AB9TQreRHxvzZbEwJQ-0ucE8PYJhuQ2OTg&cid=CAASFeRonS3qChWC6AX20ckC9IhQJVNhvg&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:27:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 81A4 24 KB
9 KB 139ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:45:27 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5389
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

43 B
1014 B

37ms
26ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNVtYYXtnM6N9BdVPDVnZ84nrXx-rHa2T_BxGUkTAM2xUHMmPpgFO6f5ch2Ms2e6hAkHxCOkYqixovogqfm98ggNCLwiFZ3gHMagHMHwnUh5zv_ugT7Qq0p3alApyrt1rhxA9YDaDuBZBrZeLTV-ChXUprKK1810KmbcQkqo_jDGNoep-H0
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5389
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX9KW84Xa5THAtwle4SiIwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1

43 B
894 B

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNVtYYXtnM6N9BdVPDVnZ84nrXx-rHa2T_BxGUkTAM2xUHMmPpgFO6f5ch2Ms2e6hAkHxCOkYqixovogqfm98ggNCLwiFZ3gHMagHMHwnUh5zv_ugT7Qq0p3alApyrt1rhxA9YDaDuBZBrZeLTV-ChXUprKK1810KmbcQkqo_jDGNoep-H0
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:00:59 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI1sfWy12VRtWAkstkWGJrU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5389
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

43 B
1006 B

37ms
21ms

Image
image/gif

185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGNSF-rQBMAE&v=APEucNVtYYXtnM6N9BdVPDVnZ84nrXx-rHa2T_BxGUkTAM2xUHMmPpgFO6f5ch2Ms2e6hAkHxCOkYqixovogqfm98ggNCLwiFZ3gHMagHMHwnUh5zv_ugT7Qq0p3alApyrt1rhxA9YDaDuBZBrZeLTV-ChXUprKK1810KmbcQkqo_jDGNoep-H0

Protocol

HTTP/1.1

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 51d10561-cd66-4eff-8d97-5a3a6d9e901b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELQAI7kebYBQISzFW9qIaNo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5389
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:00:59 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ddd63042-97d8-4c7a-b403-3429dee0e0b9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzgzNTE5MDAyOTIyOTc4MjAwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 0A45 169 KB
59 KB 96ms
31ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:14:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame 0A45 8 KB
3 KB 146ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CYB6fKFNpmGFMYjEn_pqgNXXs0tAAoVVGTnZ_WzJYjczf4Vi7vJVKbNOc--sJRBfRg5bSvf-HY9X72ZhhqmEKKgkxKZw6F8Tvr98-ZNo0QDyw2BN6zQ1wIkn_co8QbylOTGyGLRBr5MAJ_EtyN-AodcHGO5g&dbm_d=AKAmf-B1r3_GxHQT3KET_jTEm3iUxzbBa07sv1Ja3ExGW1kGzcyM26Mdgud8urSQkArZsrYyzGdn64ufLT6UYHyaqrX0imBkk7EZTNGDazNmx9-TtxyDxFSl4hib-I7Q1jMXb-83MaFFVwED3sZIMAo-iqE4IaVFxhgTLkBxEO9Z0vH6w4qiSJyGRqI5YjtR4ozp_RriXPj6frONIy5THu-x4u89jqfM_6pkxFLS5klIdMLH_N-jvDmTqEeh-pdaAhZDP-ydnt6FvE6L-KPXqBiZu2UDsDroSF7nJdOIxYSA72n_rTjkiH_9CGoS9AQbvQBUhPKXMT_pG1rRXHhRkpe8woyX5GiG-ILa7cQzaPbyBdn1VQsH_sQsoR95pz09JblJ1RPX1cPmW-9MgGS-9pEeGOVFLCmffQyJ67LVcci-f5z2ePacvdKzewFJQ0Dz4ElcVJ9jtiWd-Q7g2HYZS09L0NnA71swBhXAE_oGbsqYoEQiTrjtXGcwxLYpxEoQcGJpvvo7nBy_2x1pgCG1K94JDFW7vPL0qTcRW-RBmgvg4Ve1g2vgsi17nbAmv2aDfbyz1Yp88QZ6fc7HqXi7trCS18-BaZW5f4qD3kj3yIeMrV-H28wtpoqG4Z-HrGLIH3lQTSF2PBL51tzGXu0S1sgaf52NaJPEXlr9t6XLkU-WzIlzX5Z_Mn8zZV6UzLdqevrqtahOTgEj13ci6ssvOdVrl4T_rXJl2-JwBTgmieltLf0nPX1L3BB1dF3mGMLaTWYHCqL6_iqjPDPdPYYqP2AZ1jY9vBv6em5WhVr2l7DM9WBxkvUJ5AYQ4Yp01oQTUTLg0YZirOdtxSkTw9F73NguAYNhcqxKavePDOxhOt7z3Km7oz28qSq6BCWRWLO5yEfV6V-BWVpnH0kIFfjSNOra_38m44VOC2Na_bFucR7BNmmAjMscksEjP1tm2dpl9xnpt1b2yYmF9NtsYlULlsLkzQPLjSF2s2v4AXBN-4kw4bh4RTDzPdAmSqtfp5dB4BaFgzBq94HCMXqiCOADMUQ9O5DHo3pFCzEmKWyrjU-_kUWxOR1a8fRRQUisulu5V0txeClXQL_1Q2nT85m3hj5MBM6Zcc9Bj5UPd-fhs9DkE6mzgjCkwRMtALebro_JzajPmb3eq0pl3oNpIzhHDQ_BhrJ4cnIY2oeqDpzNLwP9_WT2xht3C7BVrx3O3yK_15ZpH8O15nr93dJw1L-S9B6y3VCKXFxbbL1TaC5ZQCcs94pYQoC33tJxEWYgTpMyp5g0HWBkIClZX7pUw46j2Zcw7YwmwctkaX-SiLGYwPR9vZxCTxMgWzABkL3HAg0fx7n1Of1wWbURgOJWb2VzcVtJwD6Z38dXVfdJc_Czo2uQvzNytXu--l3U0KheSa6oEozXPl6Ub0GpUkGgQB4mIK2DhUTYk8sm4M6QBMS_IzWQlYUyMwNT-WoD4vzIDGU52eceXxGmub2GpDK0QymiB-nFVkQS_8uhUqSJ8H4hnBPlLgmUpdaN3EqTDSOXje7bEgKuxgi76ilY3PmYeHwrvwxEK60Xrq2XNE1wdFHCCLblGIriasbLblstpZDE31LiTtlobO0-HkqnSNU5B6AhQlYR3xS1kHZsvksR2HwoWA3pQEzFiRERNvGNm3VNP40TKoHw1KFh8d1oWkAnIFrnH_YSHqaIKkikJYIw6JS1cJ3umGA_lR61ynNg06ETut8VmgWXQpMoAsv38YzyznjwHKcJ0F7Li-qDuQbYMCLP_QTZGOcT_pxQCoZr7NooLSfjkHu8qSc2WQHBxdHv_wIZPssEWQmAW3bJLhGLye6mdHqiKo5hfMZxRhhC0cjmC0UmhsqGaDRQwBfRHaFAL2RHUO6PKvNWT1D0AsEZVbJr2j72CFctdNCLhF6t4U9loWMtmKr6ylpt_MihqG6A1jv8Dn9HRet1RcXZWNV_ZbZCxmZzuHGUxl0k018kqvTqmRa_peVJZWX1MR4fJLkRh65WPgpVu0E3sJ84nys8iNlMP_ZCU8otX7QnyN10WA2cH6LCeISZXya_Ykn4eS4eDnlb3okx-Mg01XPvJrRndFnidcZ-jxwTJL1VwYpGeKpQr1kgjfcMayB1h_F38f9AoBm8-Xf3HOLazyhLu9wlSve4c53P4_23SBu9FMYfrNNQAOWmwjBXoNQKyKACEbM_V15hZFPtskK7MuNqr8ut607OUPu0lGZbwIhhTAMngRtaglsF5kUZtpi6fiTPU0W9QCqpkvP3_nrKNnT89HIoojBeigG7Yq7cFtD0fVvW7YxDNwdhQ4brwh3MqPpBW8OOLgav1sg60nuRRyuH1NSFNhO9Q2X5rgkT0AdagHfRtA8R73IH-AC1Z8B_WnxlPZyVHdoevugTf_eu1sEckTHNizsyiNrY2laSEX4WqnOfehRQKLB3rcACDD78w5Ay1IfLQEtn4GvBqKXgvLiv4NQuyKh7xnI-3wKK_VLbfNvFIRIRdnGdgnXbN6qoQLtqhTT1vBNYrA1M4X9WWkVHGTt1oCnLb2x7s2eCxZ27XtWAlp5rmdG85QQ2Ha4kPZ0rz0BK-H2-Qr-ArxpqohdtC6feTA6cVSeS9zSMotjomnNVQAZNCWGPWaYY184-KMKMa_S8LRqo67lMnF-yIe_Q_ELhhQFeSVOsFtN4rwyxGulDEYMIXd03YPlMsKmWwaUe4kNe6Kr6XPtWlj2m_IsYOW57lRiab3ZdxgBKveP7puEz3BsYaIaWGjFe9d_wM5WU8O27k59LuZmXSk5fFMmCrEI0bZZjBUe0sUxKWjnHX7tWb9judzVOibEQTKTdD7DUNMOdRINbOU-LWmaWqjGQ03KtlJQ5_ZAYMabdcmWdHERQx24-gKAg__Duc6IztEsICY6p9DHVk3fao-9GFI1BriZcwCbycOc2YWcHyWAvfWwIf1KN8tASiYLlF7-el8jb_lMoirc_IPsn-n4ZZqzeD-tanPaGEzrO-bOR61K9fpKAWjcnalqJ10y_2K53jP5Z1_8LeQmAqlOCd266rcTB91HXp8YXjwiA7CL3m_HPokt6_9D7UkFAraEhEfy7oj3uUVaW34o9NbQBKsdp3w2PqOwG50L_aoQZq1Mf7pvjHAXH1uJzUtWjAeollhZ5XUAOiX6qlBQ1ahZEkSTPA-Fw1Qa7j2T1aHg3sBvRFP3PLTI&cid=CAASFeRoDvNzERo0angUAoyCWVXzwxAVGg&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:27:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 0A45 24 KB
9 KB 136ms
19ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:45:27 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 53B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjRbWqZ4l4S2iPVDra_vIE&google_cver=1

43 B
180 B

21ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjRbWqZ4l4S2iPVDra_vIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNVq1WW8ecX1Mha5_07rbRjZ9jedddG-9C6aVvfF3G9jXP-hVvpuJPllOOfkzzBZsakfZXlrTWJVivC0FBwmHr8MBx3Kn6UpVmwcZADtpXBaMLC_LldhStCkDNU0RoW6vrDujqSA5kPWJnWLv_4gUD0_8WdJrqnCVtkbG0ffOCHvHV0_R5U
Protocol: H2
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDjRbWqZ4l4S2iPVDra_vIE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 53B7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJiOWMxYzEtN2NlMi0yOWMxLWRiNmEtYjgwMzUxNmIxODhj

170 B
188 B

21ms
20ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJiOWMxYzEtN2NlMi0yOWMxLWRiNmEtYjgwMzUxNmIxODhj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNVq1WW8ecX1Mha5_07rbRjZ9jedddG-9C6aVvfF3G9jXP-hVvpuJPllOOfkzzBZsakfZXlrTWJVivC0FBwmHr8MBx3Kn6UpVmwcZADtpXBaMLC_LldhStCkDNU0RoW6vrDujqSA5kPWJnWLv_4gUD0_8WdJrqnCVtkbG0ffOCHvHV0_R5U

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
server: OXGW/16.217.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJiOWMxYzEtN2NlMi0yOWMxLWRiNmEtYjgwMzUxNmIxODhj
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 53B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFdwmFtKadDDcAcvGZae9sc&google_cver=1

23 B
172 B

84ms
44ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFdwmFtKadDDcAcvGZae9sc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNVq1WW8ecX1Mha5_07rbRjZ9jedddG-9C6aVvfF3G9jXP-hVvpuJPllOOfkzzBZsakfZXlrTWJVivC0FBwmHr8MBx3Kn6UpVmwcZADtpXBaMLC_LldhStCkDNU0RoW6vrDujqSA5kPWJnWLv_4gUD0_8WdJrqnCVtkbG0ffOCHvHV0_R5U
Protocol: H2
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 01 Nov 2021 02:00:59 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFdwmFtKadDDcAcvGZae9sc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 53B7 23 B
172 B 125ms
49ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQyrfz-QEY2rOfrgEwAQ&v=APEucNVq1WW8ecX1Mha5_07rbRjZ9jedddG-9C6aVvfF3G9jXP-hVvpuJPllOOfkzzBZsakfZXlrTWJVivC0FBwmHr8MBx3Kn6UpVmwcZADtpXBaMLC_LldhStCkDNU0RoW6vrDujqSA5kPWJnWLv_4gUD0_8WdJrqnCVtkbG0ffOCHvHV0_R5U
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:00:59 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 01 Nov 2021 02:00:59 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame BFCB 169 KB
59 KB 91ms
34ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:14:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame BFCB 8 KB
3 KB 136ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dsw4Q4RJ_yCpkRclJ7ZKRTdYEpzZPkkFxSo7Re3rPHFg6kPnFe5oDw8cfQfu_KUHs7r5t_WoxsrBPISvEyNR5I-dhzeiRC5LxO6vDGDJfBCQyEbfkO2dEXOwRBJBsxz9fNsaM1vXIgZV7sG4zyWbSHxHKI2A&dbm_d=AKAmf-BDZbYBmlXdaYIg7M_9eu_7rpbb7V5RGrFhaUtKvPtNT72VTT5NbfFeCfnNqSi9q7BFR3gNgGiG0hZbqgw267lLDUJfHfpYn8gMNmUlrwdhmXfr8Urj_1r1cFUeILGPrhPtWvS-Rftr2y7ILIHstBOyIVnodAshrDJDWLhrTa2GCLEOPQKjx_fL4FQM3HDfuuMUA68vPwBsZXQlYKzVpxCL6F090liDSvVaAD_xNS9HBrzthyPC-UdFDDhajhFbni5KNfb8tsorGT8iTyoHOqDTnQvK0hyd7dKjWEDpA1kCEeITBCFb6vde5Zcg2HMxdI-HFFX7isHDCjQ8vOqbGa4BJBX0noSWPksdCVKSPtp6BXbs4nqK-EemYcTuWEyliem-gQFbJDnSOMZ6-ssyri7JdLNMe-2AmxqhEoo7X80TZDWxK6n1n-5eYhLM5pItPTY9FlAb2TtlMRAnA_dE_wZFIt461qZA7qUGg8RwJopxwoHRRu28pSCsmtNTTxKvTgEmY22phhieK_JXX1y03IsJWP-G-jPoBTf9Mh9SA5S34JggAci-Q2YP6QQwW-gbTvEBBZZ1eX7WKm6hq2q7Rv9o1pwc-mDkHqviKMp7vqMMOOlxSRqWhRqd4eYSBl4U1DfR_MhIZT3chN4QGcuDR9cOHo-L-JNpnhZRpwA3VaIpkjMxFRDuGFJho412pH1hHiUPlcYoED5BSpHqzmJyVMq_waDpbZwQCI5FCUp-xmV48IyovUOLcGoWHUm9KYiYJjgiwKoODt-BMtw2N6KE_5xfylb5dBqdi_m_47Z6_MUuXNIgLu2eWBM3yvwTGUhyZMbW59RuI_qhpvTXBPjO0N5rGOGVaeKoN3YE0968JtuQono6VkyVy3UK06k1emXRCfDcW6wTSDEnDpuMWboGBXxXlTKDUScSAdyedFF4YGt7YSzBRYhqPxITTXYPKJ7evRBWxhPRU4UuEiokiCJfA1XJ-uzaCpQw4rtrHlRUs8zQB1TgG3ARD-4Ep1ojDCD7a3d1RBanlDd9-p6huMKSDs9XUPls8R1VRtfaNC32-mTzdOmB58d6GZ6hQ2MsAU_BkYTTCJFRzOE7tGL4Ofxc1R21fuA3ekVhl95vYhNEdwJVZBQcwtFS9cEKkQb-uUTR-yAU-y8uNFG6PqFMlxVN4KRq0Xz95CadioY8r-MvkmPBVIFXl2Xf0vkYIGut7kKVRwTq4aN_Ff3XLUcga_8T-tkaqvpueeaIWKlNE81SL8ewuE2jMnSKoTCP9LaQy5f3HjzD0nUDFkFMJjIm43y_AgzzYeRzMNHtJWwci50vcdYROs-E-GQlVVJdjkL69MdJQCRzo6JR42L7KcH059wdytl1-Hv8nhgp19Gn_qlkFhNBE6L--UBnAaMSQGHHXQ_JXFhIo_qxuj6f0MtwkRvO4EhO0TS_UWU0afurtin8Ka4D6oTyNHCR7MjAXtCNj8THoJm4KqFY-GsLlBe5Hsq-wPrUteLVpMQhood-HsOUGcda8cTSLvkoULI14R3mu4LeZOJQinx6eS4LnuDRx0eoqdSIv49aSX2YxaT6pfqBmhvVu8xd25c7w-dpIWrpu0_znDMeJ8F_SMLbLPr7Rttl6hWNhDPmfmw4gNioEfrpccOjDg1QIdidFf2MFG1l-aVnJLTuz-Oc6ZmFuxPd2aIznkR4OFowjd_LLLgoHxpP5jZtvhbV15eMP4MQGxkMYZiz7gl-Bl__AyFlBaCK8Z7fH2V1krXcu1G1Hy-yeC6jPTCR9vl6eHQk0B_nSWXCBTaWgKc_ygsH4v4gyyTf6b1gd9sQevM4l76BGyb394x5Tb1VmHbRbPzRSZSSt43ZvHQzKhTGKo6NDBWf4qOYvZ43mFBJNSljwtbr9LS6j8pOazYA5CjSOKVgAvqbNZLncCvBfdeG8GGHAbl2GMBwF4C37OmdK4YbPNkTHCP5K_EveLIdrpwpF20zqKpl9VtARmLbynHW5aZyhikkijYYRfHX9zV4DwsjIxS1QreT24o4vmbRU0pHJ6mSLIsJfrut4kRdO8T27H5mdvZFFlwbBnO1KnnLnGoenYwlFlzkBRgWAM6FWQfDnGskMCE-tmFWpRu-kW_JAF-Q0JE2Wsx7bhhZSY6cpYkbmnIvOjLDMe6QI3xhjlDhWaE6XjZwSOOz5C-OOBtg804px0k4uROL9nQ7uJ938mnHw9tA3ph778TrGt4d3lQwfR7AvXXPijsN_bqONlVmfDHZPV2I5T2bYJw3e-EHwlhLAvTOWuO2bRkrN6IhvLDzSrw432Ft1xAgDuRM_F87VN_KybCEpGh3BWqCL0na_RnUmOJ73O8iqQsEPzsqzBMYqOB_JPpMU7njHE3VuAQ8kw1_x35_HF0RHa2hiJHijoKHdMwbZ_VLHU-4sSxnv_g4VHFPxxDkPKCEnaHmiXj8QI_YsFKOemep9bv6OrM-Jt06dQXVpEPQDfswmLIDShoz5yx9eUPVH2n1muyRJzFDhcOqL4_8NcK6FKWz1oL5fQiDplTgfqxyj_dtpzDNCadt-3xYqeHU0Q2RyJTroJNa_vZP0XhMqEsnnaBqdndoMJc5ZgUuNr6XK984TIHflpAe2DwnK6BfJXBJGlcIa2kmFhO3K4ynmoY6JkbBW1OaPj6AoWbkvGj2eFT1sQTctFwJmryDYZWKP-dGBE5vXTNG1r2SrpCbxXlfKhs5Ob3WN298MTv7wmZrUvWo2Ty3D-KVDzprtl4KN8rw01hqkd8b5-tYNhkI8E7N-vBy00zXo-WNQ_oWTJoRU3fL8c36-JDXQtIGV-lIsKzmiO55AzcX7Pe-2dU3Gxj2XRZK_Sb9lDRMeNdl6vklEWZ0zJCUkwib6UArOveRMN_8yD7cfcBL1uJgtVtPqKy--5Vde7mapKL8RJGkQ8_Lh5XSzcoIIgvcnv6W3mscLFQDVDhjhxJhgfI7gp9I9mMO5TJieMlUzZ9h-Gr27EN6VYQQFlXA_19LNcuTBSUguhw0wrbDxpL6j9Vd_I7VB-8fTtI_-NvMyvmX9JSqrc1fah0UonGMtQalvAcTp8o8g-GpX1dfxuDeRozBdPG0qwfpJZmKSQZc_mBtNvYgxF3vrj5P6Hu24pM7-QRuMgySTl4zQt2IIUzIIFYReHleeYDXpFPV1RIIFfxilaSfeAhMsI9mpkSECFDsjftHqM5i-nheiAJcWMmeVMd-&cid=CAASFeRop5icYE0soIJlP4hnEERnf4zvvw&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:27:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame BFCB 24 KB
9 KB 121ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:45:27 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8935 169 KB
59 KB 66ms
36ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:14:54 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame 8935 8 KB
3 KB 111ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BoXV7iYs93qQ3ZiVhw2ODlJMzXPuhPOJsX2de260wxuks1obP68m_axnGB5-0Zjp9O1fF18oia4k1Is-IVzfFGgoE2DiOwGXaYNwCLUsczLTcRICH5Gzb7rqJnnzUZzs7rfro9fHJ2RvsHbNPtcgzDjeUW_A&dbm_d=AKAmf-AklL5YFchgKBOh7esFTP2yxe1atHciA-CFb3ThvYHFjJbupWhpaV05JTE8DghdRby3Ip1ob2Go8ge_Q16Jgo_-8g-eqXpuz9Ov8QJA-SKCpbV2Z-YCfDIQ5kpb8G4DDSiUH8ZCNHoiYpJ81SKPrHWePDm6ZZFNEWMFxzxZZbfseqU5NFZBhWCuXO3IjwePXPP_n5bJUfveD0buvLF-cHmv7qFhSRr-UwYY4DPDnolT0V1GfCWsOIBNBV5E3_vEzWDzpapJx57czGT2rCsTmWbPgyUPs9BqzyWOF-qeKYfwrM0mccRyt1gxdVLFhygH8QQuOJz-LnxwlhuRHUT2iyvLknM1S4FueKkluxQiSNbAuLsVGq5A1K4VJXsQDvn8HFkMlgerqAZcK-VeV2XTxTs1n6pwJK_9j0T-FVCcMcwdoG8Xmp5-A3Q-SJIvIsaTnkOitw6cFxk2QbQrfCCX2WdF5dYkEMBai7yk6KmMAWgAjYHxcgtLEJ4baLGMFFpNsr5PXgLgBpEfwJMDmydHC8tCgd7Nw4YQjRLr4gXph0xaFcrHTC4Ssu1BxNB7AGeehvRFeQygC8qnc3V7vwMpUpm0I3cwi7XdcClFZDuU8-uEK6eUFItqKEA-y0np4meq02OkmXFJqn8gSNXTWDeMuIyKJL2qM1ZZTp-YPE7U0uUbirLvPOejX8R4H2c-XkbadyaScfoQFoWAdIPXlYHyP_zX7qHmK7UtUGKd-PVqTfWK3oNzr3SWP1l3ClfuIDXftRP_fBb6Nowc3IHQwrJLeeQUWGWF5MPD4v83L6PjSmuIdbw4E_u7uCj8vuw5aI9Sb_3ytBH6ei9bXnBIxKaUsUk_IOOl1iX57xvT5Lp9ieB62LH0yheVy1tJ2lGrN98Zbs9tt-7QXLaXd6CMgCsCqYxHkqvx1dGzO4i1ZHDOaQhroPlJQ8JGPp1HhutsFox0rrDr6bzE5V7tbkN3iIY5MwS_ptuqILQIxAMtDuR2RZlex83ilAoxcuTA0Cdjemqkv0klgLANAnPQSKG7mjZheWrCyvZiQ1yF1HbqE6BSERrxLCEiANCod03wFgGW_e9t8GJuvtf4cad8KIiHzwINjRUGHPPQhizdPJaurvO6jhpcugMc1NpoYGNBFdbtT3WrhKYoQ3nT-443nWq12P0wjdFg3RZK8PUEtgtrM0HWLwh-1ZI4ICnBoQ5WN4hKIEhhz6eDcPj2yle4b5mE8XEE33Vdr_iaTLh4EA3Ney7Navksyda16fAv_r0UklzlETlUJDQhFN6H6k-THB8_991FCcOmt1e_sJOxOn6K9w4zacLiOEFpLkID_c1saQeegOOvOC2Be5emndgCMG_jxzhxzqvN4fA1wD2KaWxGk96v-zwfkmV3gFQlT2s0yokf3GvIt2cRJmxBT0T3tBFDw3qH90h4eDfDsbfwVine08azxOdRh417D-ayIbs2ZSawPoAzdXgoQE3jagdUDoAr0MEyuvkUwewl2BhYgk2a7gx2woG9ZbfggnYehW-r9l9Ii2TjigOFGApt79TafXFDxUh_trXCTFd4MNOoeAAzyzlW0zbDn84ORiZZhDNvMkQru9DcRWmpw3MlEHWh8W1aUvCrh2iGPREhwWckYM1gT_KT9Xdtw6BpbNPGKIG-O_NrgtzbSj5ZPwlxhWaTjsbr4NhQ-fCIGhTrUYe6yV1nnj7wjxlEzwVbbfRVwXD4mMQELbEnvOC7hrZDdrFoBRU5yPEUV3vCz_jOAIji8Zq58Brl2LoQstS-bpelp0ihk-P6zqmVRixmChhzojOcgPgxkcuYt_WY0T9ogU1M-cPG30SHdMBOapDPHVt1g8YZWT3L8cJBYeEebhszMXtlcYawLHKthDk0rRs_t00bYV4MUqiWHpi_4_qhmkCoF1EdVhgkeGc3M06k8gXI930qQTrlWgBt1RdPIARgVO9zFdVsXPbu00ZaxgZsjROAooNA-zsDzp7ke81xnnla6FWEDleURj9uxgTYjm-2wGJmqOq76eBXPIb9r-5-VVyKEzVZrRMaPGlWJO-0wh7_C2Fgz3IDvXdkKDKL2bbuiw6aD7CVGIRBG-8IzZUBY53fZVAxtXJMNf4E0y1c0FqxjySfDHTAnGMwZB-ojOIvX4RinTCsHtGjqm9x7PkuTQELn6anZn2bGqRjhQTVT3gPn5Y88RKHL2Y747Erhk9-7rbBo0qX6B5NcG7uTeFX95_-I7rXPj072hsb438qV3PDuIJ99gLYzK2sniy3nJvqsPUxvCUg44a47FynZD8j1rOKE5hJQrSeHBDoLMD67pGIVxljO-j_ZkG32ObgK0k-NfpyxDx4FwX-qg0aA0Zm2Or9o4HbqYkhfS42GytYlq1ARABEfZEbeEMnLDR2VMm12kzBaIAqFko_jzrAoJiOLzpSpFTKxQh4iV1G35q4COPOJ3lv6hUgMy9vhEK6JUhgoBkyLvK_AMspd5KBZ6yxXrOT3McyTUCHe2BDEmsQFkPV3fxyX3QftIi5D115K20MwiSqf23fd57t_snWME5XYnSpUUS77zfe6rKvhCL6E9F2oFoYj7WT90XfDnvsok5a51Mc0wIToban32opDd8KY2FCH1JV8L-XJORRMT_O3W5GzgAiheHucmvUvoENNt2PZ_mUOqYbRNqC4yrppch5yjAzWRfBmjjJLkUu79kiif8vz8DNfvRlFtuF5fhTycXEV1lkFtIP4L2nLsdqA3soYelNJZ5X6FxEkfrZC1o80TGCsFQJZgas5d89uoENUt2S7Q_oWJZPIw4oqWH8QuvyDGtsnU_PivbBA71jOWLC11PA6e5CSQ0zcCbXILXzOBIxNstLgqtsDsqlGP8B37MQ57EQ-JF_upoHnE-1XYSuMB9ADzU_4i9-wNSx_E9fmckqfW02LLr_GpeBrcolpcX_O1MF7WzHnwhDruGDW1Qxlamu64-nlBf6IT2DKlgSuwZWTGLe0W88yl4WahDPK3phEdH6GKLj5k8QdxliuOMMJMxoV9-RqggfWFGFkjVjhoYlV1Zk6xBTRkH32W0lbH7kAts3W2z5UjojtQdWEWL-xWmvhu-CFq_laGJtjh1aSFNtgADTJ11wVzt1Hxkbrph9gR7fYg-MMmf7tbaruIoVuKbdw--31Ye4afTwCX0RUgu4VtW5CHyS4idEYjTh4o9aYVohbcMgvEfJbHnMMBEN9ORa&cid=CAASFeRoc7pRIG4q9L0KC7nrtUA0Yfa89w&rfl=1%2Chttps%253A%252F%252Feva.vn%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:27:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:27:31 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 8935 24 KB
9 KB 102ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 01:45:27 GMT

GET
H2 200 300x600.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 4 KB
2 KB 362ms
25ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

418f32db2c3c108f2acb8e8cb2843c8e11c9a8e52684d69552457334bee2dfda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1656
date: Mon, 01 Nov 2021 02:00:59 GMT
expires: Tue, 02 Nov 2021 02:00:59 GMT
cache-control: public, max-age=86400
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 58A5 0
61 B 117ms
67ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtpubsmRgIhSx38T3i1Zm8jTCeBD2nmOuuO9ob3kK5NIXhSwpcNx6h9YeqlHUC2Dg5HyA-dkx_ihwwXFgNeZ8iUZQ-az8NsmR_WBKtymgV-Q5UhCf8eDkUe29qLUi9bFhM4wHGC6cIuPzcsZnd1GHzP40QqqK91OLExYN3ErvFmdraqCs8XtL6zetjqgJrpVHg83MAF1r8i_U-JaUWUf6MVWinQgteH4H0eqm0lKdAjKgu8xECz24kq3kBL_Nxqa5Jy309H7en_gIbZdxaw0Z46d66FbydTs58qGg5XoTNm5qnxYYvi53phKlidZ6NBVnHO_Is-l-80PtLuMk0rJIM5ScYXqobJ9WMekXpiHusORPzQGVzRFo7RsrGdKoZG7U03qJ-CfSgvM2hHWRRXY3R2piPTIOoIPlf58Eid7DAl59qbcEWfWPq8MeRMPXs4T6as_l98M6ZXfYneHsiP1ck_tl1ZTtV51uuc_Q1MBS3U-sMNSrSJDfIXvb1BfKnX-MeZD65RqTrfsOSxPn5Dez0B1DYtscoA6glfWelpc45UKEN83yDwUM8Hrtb-SG5wtii-YoSBugEj-emJK46tvbTOvyOs-H8UKgfy4mCB0dii1yVZxW0oQ29ufqMhqsd__WVxBpz-6OlbDw-xYrYOg8JmJRyTM2yuT-PGfYCVmDgAahrsQbOpEQlTHzCOVXm8QyUHDRIcVBU_3IEcl8WojH_K2ItwaWZvgNPMJpOnxXlvQcE6S0hClDMtc0cfdBaUdwIMLBQp7i2rkXM8Nq-xp-sIwfJIilz2IelolkBaYQnsjBZv9zCbOvFkxvVPpWlTqCcw0V4BfIo47gxSgt1SZ0QJ7gy_ifFrgXOaxCQ7-pt-lR4DBbEXtPJSH9RQy2bD9ig8S77XTB_SYomVlEcQFs4Z6goYG_7fYfrWQ346KeacVVcsF49Md6hy-0utCwpYgI51qoM0t4VSb6TitOZAXCHuMiSXzIrULwVLEfhhe7PRsIaJgt0N_OALa-_s3meoidqTom2f74UtRqHKxhE7Wep-_pByQEYFJ4R5NwMIER6653KfbCT5BFw_rcErqZpdh23O9hs--V9z0cPR31H8Q3lCngqKXXRYKYZ1EL2&sai=AMfl-YSSf_CyK4d-O-4F-Wc4MI6DS-bs1JsjWoMe3i4cbosiiEdZozTuhrwxiAI3CofuWot1ggkd6eqMn38f17HAaxoXx4pUgQRCscb756l0PxIbXxiyQrzkKQZ4QYziz2KTLZuQ-ZnPs5zgUamJbJR3SHh37KovOFuXSjcx6SU&sig=Cg0ArKJSzCtyvNyMQLW-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=136&cbvp=1&cstd=128&cisv=r20211027.33637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 01 Nov 2021 02:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 300x600.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 4 KB
2 KB 342ms
31ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

418f32db2c3c108f2acb8e8cb2843c8e11c9a8e52684d69552457334bee2dfda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1656
date: Mon, 01 Nov 2021 02:00:59 GMT
expires: Tue, 02 Nov 2021 02:00:59 GMT
cache-control: public, max-age=86400
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81A4 0
61 B 94ms
66ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstBM_d6exdpHCNrBig8WoG6AK7Z49wbpDvdrEwItxtNXS-fQ9uftL_dhtTRZ-ZG4dSjtW4ohpnFuw2DmBj_swkfQNq0fp3KJltGA0Y715xHnXY3xCrOzkRCNnCEScZf6nu4BKeCROdcIEWqZgKi_XMOsDSwUtEdF-o3OaTNAEr9atPtbOnoaszxTWH9lsZZw-mP5ROs4FybaUe_e1r-djNYBrqMeS4ZuZAcYkbZAkP0lCLmvk2zQ6j9K4faSfAm1Y9_O9EzNXL5cBoTYYUatByeFQA2ajYSgpZhGWTFziAyovDBJOGkLsMjK90W_MV0QDv9mnRkRwrRLxCup0Lcwjj_gCTutqJ9dG93PK_ZQp_ATplPe_aDW23ixC63NzqK5YUKeDkMDIKkKswJFS7ChOTNpmAKlqb-X5UmtEmVTVCo7MaJoCk_Cs7VMFkInasuzCPgSz8be3Abtt2Q9l3F-3Xi7lwWJUXFsU27GQjwxXIaPK4Oq2HLJ05Ju18MDMzKhle3w1VesQD_WPw_3DGYzEylGvwhjvrSOhtaUxFYh8JuoAO_jO_dmCz9tBiqvs3n2RkEbuBkzQL-TKbCqSPXAz_xFy4Yw-kFZE0C9Tp4pOZWLTGMq-0hCn-NtVPNTmVwK7_g6df_sxkZaxJGurGjwDL9kCAp7cZqqAVSez-5IpvXzZ2FFpSOA2z4O_X-IqnWG1__oYPy6ZKhtRT5CMG23uLCAAtAfxKA8CWDY8tTcNDyGv0KpeMz7b8V5hIvIlvh3Tv6yZru2Dw602Y8-AVuCuNeIjLnvHNKrwhj3SlXf5dvGYHvFbHke0MsxA2Sver-sJkeVQYyyY5SxCmi9sNbiE8c9ElF6sv-aHjEPazNCFQtrIfHx2SRWuorLdm8_Bm4Axds3r7_yxA4fwn-0ekKg027u_0nyU2AOAE89O7jxzvIYhCdHv0G4q3KKMkWI-CPtoyzdiUzzTyfbF1hKRwzuuuTVENgpJ6Ck5nNkAv0iuona_PgprzN9PnBrtReZUSfT81RXxuHhj9iLJQtAn2N9mREbJa61IeMF9LDVQhID95izxkiUawbETF&sai=AMfl-YQja0z3rylM1kEAHTBs5xLQBJfoAIWuI2CK6Xm6xrDWyeBFY7xXoB7AeWV9O2W9Zy7rdeAjsGVoPlnes2wfbSDy7mHbkrb2fgh6Fj4j6Ne9rk7Gst6eCuJHbS85t6ZfPHHFpehn9ajSXdCjLL5lLlMI60zgNeX-LaHMgYI&sig=Cg0ArKJSzGjEodrVx8RaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=145&cisv=r20211027.99792&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 01 Nov 2021 02:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/ Frame 7223 3 KB
2 KB 316ms
24ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ffe00eb6662faae58b1e4a3e4540494f4521a9571e4bed9c24ed32c3856ff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1558
date: Mon, 01 Nov 2021 02:00:59 GMT
expires: Tue, 02 Nov 2021 02:00:59 GMT
cache-control: public, max-age=86400
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0A45 0
571 B 58ms
54ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2LpjPWMA81lKpH7OyUDNf6H-y8AKF8T0JrrrDm_uFDA5HRLzhHmD2mjopjdUioG5DuGpUzUPj0nc7Bq-FWVLIA70VpnIqIROiroDQIMBHGbgX--41n8bfgOER-wwNy8tf6qGtab96aCagBGO8r6fo3v9MM3qyUtRpU5l7h95Fko2pKnwJERiU67iiYi0EGrmPXA32j8ECHHghedU3hq-41SZQWApTW4E0ze1lnuFnBGvQOYjkgPvQWPCJ6e0_2EJfuOncWnpopAlsL1bXQUdfuO6fcItmls1JQZOaGdHh2NUiTpGE-WHbX7cBIyoW9blZAXx2gK9m_tZCFY0SpHdwvqAwKQpVCZFimZqwjb_LVtz37jzdAsn_UcHXZx7tdmbEJUxx5HoK9Sn9jpVs_ymiH1lS2WaVXETvaOQYlhaRv92HjPUIjHtUhg0ni8F1yiVJl_Udd1yRm_1ywQ8uOmtlUP6AVQk33gYRo9OIghqi_JXFFx5VJF6rw1lDLaqTldkMejpqlCqL_vLRPEzLnVHJWN4GiOUgTayNZDraAnNFTgR2MswE6NVzgbTsdOqd5KwgY30m9UGFaI3LmjEi1LTa_stQ4DFmUx5XUvmbgd2FDh8NxijsB3R4ezd1xxaruNhe-yy2KIfwfkb8dJRXvhHJ5jhqkDGURqHrQ5dLFGU5WiWyuewFz_xnGo7Udg4wWQ6sJ1My_M0fMBpZyVMOoZu6Z3ZE-ewFtdUF1LP4pwa9REx9ZNKZ847D2xFKLgmmn2uINYMFLryxwrR5PVoJq5OHo67kZJmLp8foErjQ_8fOc25xnajRh36ISmzrdxuS_PK3fGG6I6__G62JowdNvm93unB0bUs68IwE-Y85BkSaxHdyQpk5FN38qisuFbg9daS-DbCxqYy981VbaOqbKC6erD6nTKwsY6zqux1Wo2rnZLnhHDPCvUNsEp5UgyUJCEh-s2GQqmzGS8ApljSPXPYtsvnJkNNfUCk080YbxOKnOMgE7XZhHBJo_JZW9z7HTy0ss2eN40zkr5zWYR_gS6ZTAYZARAXWS3U_FPAiIWYLTCMTRuxw8uT3MJba5nluJ5nZ7-8Y9VLxk-Vyx3BRNtGUqzq9iUOb28vtx2T_KVg&sai=AMfl-YQIGtKbpW7MoFNl08PUzCrPgIwqWh1u6pC_iAAtlZob45NXXmdEtNcKgISBEplziLx5MYrxUg5zHgNuptlsPvOZYFIIRWDlNKUgzJ5FrpkUy6KR9qMxim-8pJYoFq4Qo1YGI9Wr3-cLZ-JeVc0ynPVp1sbdJx5zDaX1jNc&sig=Cg0ArKJSzDVqAqZmHEP_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=160&cbvp=1&cstd=154&cisv=r20211027.72594&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 01 Nov 2021 02:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/ Frame 729E 36 KB
6 KB 304ms
29ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d4c520d8d19c54f542db4edba9c0f2e40fb4ba83d6cbe964cc2ae2f6728602e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 5636
date: Mon, 01 Nov 2021 02:00:59 GMT
expires: Tue, 02 Nov 2021 02:00:59 GMT
cache-control: public, max-age=86400
last-modified: Fri, 11 Sep 2020 19:04:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame BFCB 0
61 B 57ms
57ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj4y7HlrBMoKimhBHFW8l8w2Uj3U4QuYLlDBSrt815TeiVeiOq77BEBNU7DOp8TxiS2kJa8iOT9fc6g-L4IJI8KRdL_yI4LfpV_hyAGQb8TzOedYfsBKATcgKHEf7NOJEtLqD0SgUOo7dQI4wIvK9kcLG5cykFb3ZCafOlzuMXSu1HQQGQiMWGhqBeSnZxq7tcAVoW9nlJpCJ2ZUhtv-MfgtVnFMWhnjRCCNVB-Csz7r7VW7K2mrPeH_O7_8sA205zZ8VeQ_B6Xn9iprZZvfONLYKJdM2u-5DiHNyS-V1rvIgDrb50SrLFbObM1EleleKGB_FDx71SvqKevDKTrBwp8XHzXbR2b2hMxyorIB-pdIWzZzcIGceI1Ij7E1l-RfhJrr1zLh2yWd-ERfrIUjRbvrOEvGKlKIHz22zM_7_BAXfHKah6ohn9wQqVvsfDUvZX0Q1QlpTVJT9nUYy15UKmfe3oqRZpvNF7quAzCSmGSet1AhWy0xug-_acL2qsemVjOH7AwsQD43QFm13PQDMZLASe9kg17lPzN7sYStn1M8RK_ap9vpwPC8aUwdBd-sRlxzqchhlthlbORtUl0V8_Xm5zEKkqLmbWXA0CBP8dW_rQCtvFj_bTWbH8oF_hWbfBNvIt9MXOXjHix9SY8zbd6WIfJw6NzdalMc7aV8xL84IA5uufw14J-lb4HB3Ymmy_E4SoQBNoNtODNY1CM_T-zXnHaQ9uJuzQgStkgm-Im6Zu4-VnF8nV_8LQp6j39DtGJRDWtaHWyaaEPze4t7i_R8YAfT_1xf5KRS_J6U6I5h-I9k-wq4r34K6gcxHsFf5HjzYHjUtNWZUbtvyAE3AOkoSB022sFLUalaO2yskDa6qRzrW2F4HKYJ25f0NZKwyp_5F6LR94XQr-fjDNGjCjKHc_FUUCebTj3j6FC3pkYNLZOWZ1kpVEGl_kZS6A3CY_0tsIOK4fB4ZWWjBaGJ2lvWC41_1z1B2HeogIOdYc44PAg-zYsRa6cEQ71ti0bNI8G6y94PSBwDv3Htl0Ghe427V7YfzmiytvLO67dpOcsDjT6km5hoDxzSRLUKlfpbYhyQJKy5YGz6cp0PRkK3hiNwef77EoRUms0RI2YSysaiQQrNX5-q0OosjOg_qSfCN1aI_Ut0YUCzjQguyMiw&sai=AMfl-YSPg6d-xXA6sjsTgkSV-UnwA5lEKETHEZUVuSuqPGPOCDtL3xPKfP3hjWu8uSadBNonV3zoyuniZb8rk9S-GRyibJpTdPwRroOFRALVtgMEfK_wOJHB8Jp6nuabG2QTIesL7omX12fo6HSiBswrF7FQRKKxcJEcfpPMkDs&sig=Cg0ArKJSzHQPNJq_AlpXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=169&cbvp=1&cstd=164&cisv=r20211027.30732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 01 Nov 2021 02:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame BFCB 43 B
1 KB 91ms
19ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=23798292&extPm=379487700&extCr=14809544370&gdpr=&gdpr_consent=&rnd=2647866862

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 01 Nov 2021 02:00:59 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 01 Nov 2021 02:00:58 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame BFCB
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=314412467&d_campaign=26570076&d_bust=2647866862&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=314412467&d_campaign=26570076&d_bust=2647866862&gdpr=&gdp...

42 B
967 B

36ms
35ms

Image
image/gif

108.128.92.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=314412467&d_campaign=26570076&d_bust=2647866862&gdpr=&gdpr_consent=

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-92-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-06aa8172b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6AnbYp8VQkg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v019-0c18f40d5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wjWH7dxaTFE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961471&d_placement=314412467&d_campaign=26570076&d_bust=2647866862&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/ Frame 1107 36 KB
6 KB 281ms
26ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2718b4b437edd86140d80891cf912e88267f780c14656e84f27a38b10f48b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 5641
date: Mon, 01 Nov 2021 02:00:59 GMT
expires: Tue, 02 Nov 2021 02:00:59 GMT
cache-control: public, max-age=86400
last-modified: Fri, 11 Sep 2020 17:03:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8935 0
61 B 54ms
54ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0DHTAMSvHG6d_yMOPLa6hSgNf_WdYWeThuBFlLJZ8IZqtkUMDsvph51Dj2qfbYME1ONp0FvCIsMVtkPItvhcEQ4McLEUpfiC_eGn1yc8F2hxPg1zIGNFxdrHBNHC2J1vYI_JYT_F2SRxHUJ_O8z_08-K547ueonHHx8RB2rMn9WqIi3k5NPSFA_WQ8bVrvIRlZzb-9oRrQwuY8C8vHvGsf97-Pa7_A1T-rKFgVlfNdA1l8Ay9PtEE3M2oxbwqR0TWt-Kto_OiE1N_uJ0GDtkjhYqfXT0D0hdT_Rbu_icgOwoOib3SE-L2vxxNUPpACxlfpWLj_q4aIub7Y0QCy8iq8LsFnLsDYJklc94qzJgB_vXhaZOaUxrp4KxFN8jPER6VVmI2DI66lgyq3Q6JWaupO3JVI3lrVISiuea4ki_fDQjc8Ws6-JL1pGiCsbUPi2w6V69Bo_Fotshh8BrZkiKWDBNYMHsXmNc-IfMv0cJ7-VW_UqB3HxUups7Yjjad39NhZ5FRo1M_hTSGv2m3zOU26TwXD06fwaO2XTHsuRp0xSr-2Ip6mE5DRwlpcwer-kqecACeULYx8kLirOTZdGSWeK1dGHVbLDbemUtatVaCGwJaqu2Ma7IOjgiJKdCuDEGW5VdpoPCTL_xWE8SxiiJ-9uoHHuNxKsfT3YvaVuExy5uhiPZp2pwfP5W5MFUgpwmATpiUv59K7faqo-RqOhl9RxjkjA5HG2agOsKbf_eupc9kKhnAFTzO3F-SmmM_gL1LhKhdPi8s3r0F1VS5_ZleAoBrCgE0ugiqpE4I5ZKCt4F1f_wTsLJfOOLykbW8Ulw7TqS_r6o3fRgiE3HC43QK28u9tzpdat0VgDFhFI7Nk9x53GCEKitLNba1UC03_bwb0Trv0tcL52d9lXTtzyy3hwygkMWNY7XVaWKUcDjenjncuWkSIUnrEtuVJF_j8PnyPHsaFQH9fzsBWwohWBZBkGfONQguo6r9gbRrWdUMkoZSwaAxLtUubjm0DaX97X-i7QLlQsyX81TAIeGedMp-P125EhaB82yPUKe2WKYOhN4JXnMyyLy5i3sZHVo4xmT9RJsd2vMyb0qrC1VZv60ek9DX3zDx4hrU2xqnVuEfoZ7gNWQtTp0mlX8iWQKUgqJXz2Gj48c56SX-MQhaig&sai=AMfl-YQ0bYUCO9p3sltEy5ipGLGcTSY0o2TyEg_xXIhmSpYUwVH0vx5jksW_x2gPmJJBtWpGkRBfh6X5IEb8ETHLAhiZSNPrdAInr73PRxMOPKrQoOYFDnx5KhT2jIogYIye_JZ1XEP_ZbKDgg1_yUJ8rm01zMC8gxC9ew8YP38&sig=Cg0ArKJSzKzRzaUbeAf1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=163&cbvp=1&cstd=157&cisv=r20211027.76337&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 01 Nov 2021 02:00:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 8935
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=1128751116&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=1128751116&gdpr=&gdp...

42 B
967 B

37ms
36ms

Image
image/gif

108.128.92.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=1128751116&gdpr=&gdpr_consent=

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-92-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-06bdc6eea.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Q+eIAYKJRpA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v019-08cde8078.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: TchBu+AKRRE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=131961474&d_placement=314412719&d_campaign=26570076&d_bust=1128751116&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 8935 43 B
1 KB 91ms
38ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=23798292&extPm=379486932&extCr=14809544370&gdpr=&gdpr_consent=&rnd=1128751116

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 01 Nov 2021 02:00:59 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 01 Nov 2021 02:00:59 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 81A4 41 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 58A5 41 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0A45 41 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8935 41 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BFCB 41 KB
15 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 14:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 26 Oct 2022 14:15:44 GMT

GET
DATA 200
OK truncated
/ Frame 58A5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1d6b354ab13cbbcea16d475b9350daed3e94eed5c5d9e08f83b2a920f7c42da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0A45 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72f2979b5986d5c2ea703407a17a641dda3bfea0f4efae4fd7cbb943d40f77e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 81A4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffdbab777f01814b93bfba9f188b8ee5a450f6f56eafacd5c6a2e7d03aa0c4ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8935 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1860490f14d8a58e40cf70c528b4d426feff659faf56f6befc779bfaa6f93ad8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BFCB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a42da9848a1c0f1d79c0ff6a312e2bd8aabaff728ca2f805cb3c09ea02bae7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6F36 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 474315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 767A 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 474315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2512 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 474315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4F04 22 KB
8 KB 20ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 474315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0637 22 KB
8 KB 13ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Tue, 26 Oct 2021 14:15:44 GMT
expires: Wed, 26 Oct 2022 14:15:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 474315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7223 236 KB
63 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 7223 118 KB
40 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:17:46 GMT

GET
H2 200 VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/ Frame 7223 42 KB
9 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fc2f0ea24dda7b5b92436ace859f7f59d503b8ef641a364403bd468dbe6fad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8625
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:27 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F93E 236 KB
63 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 300x600.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 77 KB
17 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14cf1fefc074df7c1bcc0ee73fb3c8933d8d1eebf5dc34dc5e26e01706301657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F93E 118 KB
40 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:17:46 GMT

GET
H2 200 clicktag.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9107398c2fa403ddef0f56b584304564266acf989ab923ca9583209bdf4a8cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 996
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/ Frame 1107 6 KB
2 KB 46ms
45ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f6f81b224c70cf2431f07287d287446129697370b4419a9b82838be0ea0174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 22:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11320
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1656
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 17:03:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 22:52:19 GMT

GET
H2 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 1107 109 KB
37 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 21:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 21:01:52 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 1107 59 KB
22 KB 77ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2789003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm0KHNIZH1hmjnDGdvgDKLJ3IDROq%2BEOiczCAzgjwrm0RsH0ypmidtqZgIFver22NViIP%2Bx%2BlsU%2Fn0LMVIyY1Owg2bnzc8EE5ktSi5ZNO9TyAV%2BW%2FYUAx9tE%2FNvttB%2B%2FNzUobuHTVsB6mVjyPR8uP9q1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a71885e18550f66-MXP
expires: Sat, 22 Oct 2022 02:00:59 GMT

GET
H2 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/ Frame 729E 6 KB
2 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b48abe5054107a01d176b16197268ae60b5cc7ce2ee5194bdeb88877141608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 21:42:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15539
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1810
x-xss-protection: 0
last-modified: Fri, 11 Sep 2020 19:04:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 21:42:00 GMT

GET
H2 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 729E 109 KB
37 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 21:01:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 21:01:52 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 729E 59 KB
21 KB 85ms
28ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2789003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21678
timing-allow-origin: *
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0go9HcK%2Bpp2wZfLtMVs06%2FTzWorpwnvZdEgDuOJvfz0FyUx134LSixOLp1FJuf9z9RUQCabGqb6r%2By2WTwQM9BlcBQ4u4BK%2B3aLyuopEjIqHG0iRWDZ3dvUceFdoJ4F2kcZSB%2F6PWlHKnXkakR4GRYc0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a71885e18560f66-MXP
expires: Sat, 22 Oct 2022 02:00:59 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9919 236 KB
63 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:00:59 GMT

GET
H2 200 300x600.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 77 KB
17 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14cf1fefc074df7c1bcc0ee73fb3c8933d8d1eebf5dc34dc5e26e01706301657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 9919 118 KB
40 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 15:17:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38593
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 15:17:46 GMT

GET
H2 200 clicktag.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9107398c2fa403ddef0f56b584304564266acf989ab923ca9583209bdf4a8cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 996
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F36 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 31 Oct 2022 11:17:13 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 767A 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 31 Oct 2022 11:17:13 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 2512 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 31 Oct 2022 11:17:13 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F04 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 31 Oct 2022 11:17:13 GMT

GET
H2 200 LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js Show response
pagead2.googlesyndication.com/bg/ Frame 0637 35 KB
13 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Mon, 31 Oct 2022 11:17:13 GMT

GET
H2 200 logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 914 B
1014 B 15ms
15ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/logo.png?1633600588377

Requested by

Host: 414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
URL: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9959c36e115a3e8dba7caf59fe4d03c54bbd516cbfabc58671e311c8c76c9666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 914
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0A45 0
23 B 59ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss2LpjPWMA81lKpH7OyUDNf6H-y8AKF8T0JrrrDm_uFDA5HRLzhHmD2mjopjdUioG5DuGpUzUPj0nc7Bq-FWVLIA70VpnIqIROiroDQIMBHGbgX--41n8bfgOER-wwNy8tf6qGtab96aCagBGO8r6fo3v9MM3qyUtRpU5l7h95Fko2pKnwJERiU67iiYi0EGrmPXA32j8ECHHghedU3hq-41SZQWApTW4E0ze1lnuFnBGvQOYjkgPvQWPCJ6e0_2EJfuOncWnpopAlsL1bXQUdfuO6fcItmls1JQZOaGdHh2NUiTpGE-WHbX7cBIyoW9blZAXx2gK9m_tZCFY0SpHdwvqAwKQpVCZFimZqwjb_LVtz37jzdAsn_UcHXZx7tdmbEJUxx5HoK9Sn9jpVs_ymiH1lS2WaVXETvaOQYlhaRv92HjPUIjHtUhg0ni8F1yiVJl_Udd1yRm_1ywQ8uOmtlUP6AVQk33gYRo9OIghqi_JXFFx5VJF6rw1lDLaqTldkMejpqlCqL_vLRPEzLnVHJWN4GiOUgTayNZDraAnNFTgR2MswE6NVzgbTsdOqd5KwgY30m9UGFaI3LmjEi1LTa_stQ4DFmUx5XUvmbgd2FDh8NxijsB3R4ezd1xxaruNhe-yy2KIfwfkb8dJRXvhHJ5jhqkDGURqHrQ5dLFGU5WiWyuewFz_xnGo7Udg4wWQ6sJ1My_M0fMBpZyVMOoZu6Z3ZE-ewFtdUF1LP4pwa9REx9ZNKZ847D2xFKLgmmn2uINYMFLryxwrR5PVoJq5OHo67kZJmLp8foErjQ_8fOc25xnajRh36ISmzrdxuS_PK3fGG6I6__G62JowdNvm93unB0bUs68IwE-Y85BkSaxHdyQpk5FN38qisuFbg9daS-DbCxqYy981VbaOqbKC6erD6nTKwsY6zqux1Wo2rnZLnhHDPCvUNsEp5UgyUJCEh-s2GQqmzGS8ApljSPXPYtsvnJkNNfUCk080YbxOKnOMgE7XZhHBJo_JZW9z7HTy0ss2eN40zkr5zWYR_gS6ZTAYZARAXWS3U_FPAiIWYLTCMTRuxw8uT3MJba5nluJ5nZ7-8Y9VLxk-Vyx3BRNtGUqzq9iUOb28vtx2T_KVg&sai=AMfl-YQIGtKbpW7MoFNl08PUzCrPgIwqWh1u6pC_iAAtlZob45NXXmdEtNcKgISBEplziLx5MYrxUg5zHgNuptlsPvOZYFIIRWDlNKUgzJ5FrpkUy6KR9qMxim-8pJYoFq4Qo1YGI9Wr3-cLZ-JeVc0ynPVp1sbdJx5zDaX1jNc&sig=Cg0ArKJSzDVqAqZmHEP_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=938&vt=11&dtpt=778&dett=3&cstd=154&cisv=r20211027.72594&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 58A5 0
23 B 56ms
45ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtpubsmRgIhSx38T3i1Zm8jTCeBD2nmOuuO9ob3kK5NIXhSwpcNx6h9YeqlHUC2Dg5HyA-dkx_ihwwXFgNeZ8iUZQ-az8NsmR_WBKtymgV-Q5UhCf8eDkUe29qLUi9bFhM4wHGC6cIuPzcsZnd1GHzP40QqqK91OLExYN3ErvFmdraqCs8XtL6zetjqgJrpVHg83MAF1r8i_U-JaUWUf6MVWinQgteH4H0eqm0lKdAjKgu8xECz24kq3kBL_Nxqa5Jy309H7en_gIbZdxaw0Z46d66FbydTs58qGg5XoTNm5qnxYYvi53phKlidZ6NBVnHO_Is-l-80PtLuMk0rJIM5ScYXqobJ9WMekXpiHusORPzQGVzRFo7RsrGdKoZG7U03qJ-CfSgvM2hHWRRXY3R2piPTIOoIPlf58Eid7DAl59qbcEWfWPq8MeRMPXs4T6as_l98M6ZXfYneHsiP1ck_tl1ZTtV51uuc_Q1MBS3U-sMNSrSJDfIXvb1BfKnX-MeZD65RqTrfsOSxPn5Dez0B1DYtscoA6glfWelpc45UKEN83yDwUM8Hrtb-SG5wtii-YoSBugEj-emJK46tvbTOvyOs-H8UKgfy4mCB0dii1yVZxW0oQ29ufqMhqsd__WVxBpz-6OlbDw-xYrYOg8JmJRyTM2yuT-PGfYCVmDgAahrsQbOpEQlTHzCOVXm8QyUHDRIcVBU_3IEcl8WojH_K2ItwaWZvgNPMJpOnxXlvQcE6S0hClDMtc0cfdBaUdwIMLBQp7i2rkXM8Nq-xp-sIwfJIilz2IelolkBaYQnsjBZv9zCbOvFkxvVPpWlTqCcw0V4BfIo47gxSgt1SZ0QJ7gy_ifFrgXOaxCQ7-pt-lR4DBbEXtPJSH9RQy2bD9ig8S77XTB_SYomVlEcQFs4Z6goYG_7fYfrWQ346KeacVVcsF49Md6hy-0utCwpYgI51qoM0t4VSb6TitOZAXCHuMiSXzIrULwVLEfhhe7PRsIaJgt0N_OALa-_s3meoidqTom2f74UtRqHKxhE7Wep-_pByQEYFJ4R5NwMIER6653KfbCT5BFw_rcErqZpdh23O9hs--V9z0cPR31H8Q3lCngqKXXRYKYZ1EL2&sai=AMfl-YSSf_CyK4d-O-4F-Wc4MI6DS-bs1JsjWoMe3i4cbosiiEdZozTuhrwxiAI3CofuWot1ggkd6eqMn38f17HAaxoXx4pUgQRCscb756l0PxIbXxiyQrzkKQZ4QYziz2KTLZuQ-ZnPs5zgUamJbJR3SHh37KovOFuXSjcx6SU&sig=Cg0ArKJSzCtyvNyMQLW-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=961&vt=11&dtpt=825&dett=3&cstd=128&cisv=r20211027.33637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 81A4 0
23 B 52ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsstBM_d6exdpHCNrBig8WoG6AK7Z49wbpDvdrEwItxtNXS-fQ9uftL_dhtTRZ-ZG4dSjtW4ohpnFuw2DmBj_swkfQNq0fp3KJltGA0Y715xHnXY3xCrOzkRCNnCEScZf6nu4BKeCROdcIEWqZgKi_XMOsDSwUtEdF-o3OaTNAEr9atPtbOnoaszxTWH9lsZZw-mP5ROs4FybaUe_e1r-djNYBrqMeS4ZuZAcYkbZAkP0lCLmvk2zQ6j9K4faSfAm1Y9_O9EzNXL5cBoTYYUatByeFQA2ajYSgpZhGWTFziAyovDBJOGkLsMjK90W_MV0QDv9mnRkRwrRLxCup0Lcwjj_gCTutqJ9dG93PK_ZQp_ATplPe_aDW23ixC63NzqK5YUKeDkMDIKkKswJFS7ChOTNpmAKlqb-X5UmtEmVTVCo7MaJoCk_Cs7VMFkInasuzCPgSz8be3Abtt2Q9l3F-3Xi7lwWJUXFsU27GQjwxXIaPK4Oq2HLJ05Ju18MDMzKhle3w1VesQD_WPw_3DGYzEylGvwhjvrSOhtaUxFYh8JuoAO_jO_dmCz9tBiqvs3n2RkEbuBkzQL-TKbCqSPXAz_xFy4Yw-kFZE0C9Tp4pOZWLTGMq-0hCn-NtVPNTmVwK7_g6df_sxkZaxJGurGjwDL9kCAp7cZqqAVSez-5IpvXzZ2FFpSOA2z4O_X-IqnWG1__oYPy6ZKhtRT5CMG23uLCAAtAfxKA8CWDY8tTcNDyGv0KpeMz7b8V5hIvIlvh3Tv6yZru2Dw602Y8-AVuCuNeIjLnvHNKrwhj3SlXf5dvGYHvFbHke0MsxA2Sver-sJkeVQYyyY5SxCmi9sNbiE8c9ElF6sv-aHjEPazNCFQtrIfHx2SRWuorLdm8_Bm4Axds3r7_yxA4fwn-0ekKg027u_0nyU2AOAE89O7jxzvIYhCdHv0G4q3KKMkWI-CPtoyzdiUzzTyfbF1hKRwzuuuTVENgpJ6Ck5nNkAv0iuona_PgprzN9PnBrtReZUSfT81RXxuHhj9iLJQtAn2N9mREbJa61IeMF9LDVQhID95izxkiUawbETF&sai=AMfl-YQja0z3rylM1kEAHTBs5xLQBJfoAIWuI2CK6Xm6xrDWyeBFY7xXoB7AeWV9O2W9Zy7rdeAjsGVoPlnes2wfbSDy7mHbkrb2fgh6Fj4j6Ne9rk7Gst6eCuJHbS85t6ZfPHHFpehn9ajSXdCjLL5lLlMI60zgNeX-LaHMgYI&sig=Cg0ArKJSzGjEodrVx8RaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=955&vt=11&dtpt=804&dett=3&cstd=145&cisv=r20211027.99792&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 322ms
21ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3ET9718F65&gtm=2oear0&_p=1471385205&sr=1600x1200&ul=en-us&cid=1343591147.1635732055&_s=2&dl=https%3A%2F%2Feva.vn%2F&dt=Tin%20t%E1%BB%A9c%20PH%E1%BB%A4%20N%E1%BB%AE%20-%20B%C3%A0%20b%E1%BA%A7u%20-%20L%C3%A0m%20m%E1%BA%B9%20-%20L%C3%A0ng%20sao%20-%20Th%E1%BB%9Di%20trang%20-%20B%E1%BA%BFp%20eva&sid=1635732055&sct=1&seg=0&en=content_group&_et=3&ep.pageType_24h=Home&ep.pageEmbed_24h=None&ep.pagePlatform_24h=desktop&ep.pageCategory_24h=home&ep.categoryId_24h=1&ep.sub_categoryId_24h=None&ep.sub_pageCategory_24h=None&ep.pageContentGroup_24h=null&ep.articleTopics_24h=None&ep.articleSubTopics_24h=None
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ET9718F65
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eva.vn/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://eva.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8935 0
23 B 44ms
44ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst0DHTAMSvHG6d_yMOPLa6hSgNf_WdYWeThuBFlLJZ8IZqtkUMDsvph51Dj2qfbYME1ONp0FvCIsMVtkPItvhcEQ4McLEUpfiC_eGn1yc8F2hxPg1zIGNFxdrHBNHC2J1vYI_JYT_F2SRxHUJ_O8z_08-K547ueonHHx8RB2rMn9WqIi3k5NPSFA_WQ8bVrvIRlZzb-9oRrQwuY8C8vHvGsf97-Pa7_A1T-rKFgVlfNdA1l8Ay9PtEE3M2oxbwqR0TWt-Kto_OiE1N_uJ0GDtkjhYqfXT0D0hdT_Rbu_icgOwoOib3SE-L2vxxNUPpACxlfpWLj_q4aIub7Y0QCy8iq8LsFnLsDYJklc94qzJgB_vXhaZOaUxrp4KxFN8jPER6VVmI2DI66lgyq3Q6JWaupO3JVI3lrVISiuea4ki_fDQjc8Ws6-JL1pGiCsbUPi2w6V69Bo_Fotshh8BrZkiKWDBNYMHsXmNc-IfMv0cJ7-VW_UqB3HxUups7Yjjad39NhZ5FRo1M_hTSGv2m3zOU26TwXD06fwaO2XTHsuRp0xSr-2Ip6mE5DRwlpcwer-kqecACeULYx8kLirOTZdGSWeK1dGHVbLDbemUtatVaCGwJaqu2Ma7IOjgiJKdCuDEGW5VdpoPCTL_xWE8SxiiJ-9uoHHuNxKsfT3YvaVuExy5uhiPZp2pwfP5W5MFUgpwmATpiUv59K7faqo-RqOhl9RxjkjA5HG2agOsKbf_eupc9kKhnAFTzO3F-SmmM_gL1LhKhdPi8s3r0F1VS5_ZleAoBrCgE0ugiqpE4I5ZKCt4F1f_wTsLJfOOLykbW8Ulw7TqS_r6o3fRgiE3HC43QK28u9tzpdat0VgDFhFI7Nk9x53GCEKitLNba1UC03_bwb0Trv0tcL52d9lXTtzyy3hwygkMWNY7XVaWKUcDjenjncuWkSIUnrEtuVJF_j8PnyPHsaFQH9fzsBWwohWBZBkGfONQguo6r9gbRrWdUMkoZSwaAxLtUubjm0DaX97X-i7QLlQsyX81TAIeGedMp-P125EhaB82yPUKe2WKYOhN4JXnMyyLy5i3sZHVo4xmT9RJsd2vMyb0qrC1VZv60ek9DX3zDx4hrU2xqnVuEfoZ7gNWQtTp0mlX8iWQKUgqJXz2Gj48c56SX-MQhaig&sai=AMfl-YQ0bYUCO9p3sltEy5ipGLGcTSY0o2TyEg_xXIhmSpYUwVH0vx5jksW_x2gPmJJBtWpGkRBfh6X5IEb8ETHLAhiZSNPrdAInr73PRxMOPKrQoOYFDnx5KhT2jIogYIye_JZ1XEP_ZbKDgg1_yUJ8rm01zMC8gxC9ew8YP38&sig=Cg0ArKJSzKzRzaUbeAf1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=918&vt=11&dtpt=755&dett=3&cstd=157&cisv=r20211027.76337&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BFCB 0
23 B 43ms
43ms Ping
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj4y7HlrBMoKimhBHFW8l8w2Uj3U4QuYLlDBSrt815TeiVeiOq77BEBNU7DOp8TxiS2kJa8iOT9fc6g-L4IJI8KRdL_yI4LfpV_hyAGQb8TzOedYfsBKATcgKHEf7NOJEtLqD0SgUOo7dQI4wIvK9kcLG5cykFb3ZCafOlzuMXSu1HQQGQiMWGhqBeSnZxq7tcAVoW9nlJpCJ2ZUhtv-MfgtVnFMWhnjRCCNVB-Csz7r7VW7K2mrPeH_O7_8sA205zZ8VeQ_B6Xn9iprZZvfONLYKJdM2u-5DiHNyS-V1rvIgDrb50SrLFbObM1EleleKGB_FDx71SvqKevDKTrBwp8XHzXbR2b2hMxyorIB-pdIWzZzcIGceI1Ij7E1l-RfhJrr1zLh2yWd-ERfrIUjRbvrOEvGKlKIHz22zM_7_BAXfHKah6ohn9wQqVvsfDUvZX0Q1QlpTVJT9nUYy15UKmfe3oqRZpvNF7quAzCSmGSet1AhWy0xug-_acL2qsemVjOH7AwsQD43QFm13PQDMZLASe9kg17lPzN7sYStn1M8RK_ap9vpwPC8aUwdBd-sRlxzqchhlthlbORtUl0V8_Xm5zEKkqLmbWXA0CBP8dW_rQCtvFj_bTWbH8oF_hWbfBNvIt9MXOXjHix9SY8zbd6WIfJw6NzdalMc7aV8xL84IA5uufw14J-lb4HB3Ymmy_E4SoQBNoNtODNY1CM_T-zXnHaQ9uJuzQgStkgm-Im6Zu4-VnF8nV_8LQp6j39DtGJRDWtaHWyaaEPze4t7i_R8YAfT_1xf5KRS_J6U6I5h-I9k-wq4r34K6gcxHsFf5HjzYHjUtNWZUbtvyAE3AOkoSB022sFLUalaO2yskDa6qRzrW2F4HKYJ25f0NZKwyp_5F6LR94XQr-fjDNGjCjKHc_FUUCebTj3j6FC3pkYNLZOWZ1kpVEGl_kZS6A3CY_0tsIOK4fB4ZWWjBaGJ2lvWC41_1z1B2HeogIOdYc44PAg-zYsRa6cEQ71ti0bNI8G6y94PSBwDv3Htl0Ghe427V7YfzmiytvLO67dpOcsDjT6km5hoDxzSRLUKlfpbYhyQJKy5YGz6cp0PRkK3hiNwef77EoRUms0RI2YSysaiQQrNX5-q0OosjOg_qSfCN1aI_Ut0YUCzjQguyMiw&sai=AMfl-YSPg6d-xXA6sjsTgkSV-UnwA5lEKETHEZUVuSuqPGPOCDtL3xPKfP3hjWu8uSadBNonV3zoyuniZb8rk9S-GRyibJpTdPwRroOFRALVtgMEfK_wOJHB8Jp6nuabG2QTIesL7omX12fo6HSiBswrF7FQRKKxcJEcfpPMkDs&sig=Cg0ArKJSzHQPNJq_AlpXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=948&vt=11&dtpt=779&dett=3&cstd=164&cisv=r20211027.30732&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: eva.vn
URL: https://eva.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 logo_tvNow.png
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 1 KB
1 KB 17ms
16ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/logo_tvNow.png?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c2114c6b57faff185fda82d76c1599d504634bce5f84da23683dba2eada1df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1252
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

GET
H2 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 1107 33 KB
33 KB 15ms
14ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:47:42 GMT
x-content-type-options: nosniff
age: 798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:02:42 GMT

GET
H2 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 1107 27 KB
27 KB 17ms
16ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:54:40 GMT
x-content-type-options: nosniff
age: 380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:09:40 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1107 7 KB
5 KB 29ms
28ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb1a3931285315f3f29222fa7d749d35159a6e93965078ab203bf574e96e340b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5134
x-xss-protection: 0

GET
H2 200 blank.png_1621952551211_blank.png
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame 1107 95 B
480 B 15ms
15ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952551211_blank.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:57:09 GMT
x-content-type-options: nosniff
age: 234231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 08:57:09 GMT

GET
H2 200 DCO_Residential_970x250_TheWhiteLotus_1.jpg_1633704407981_DCO_Residential_970x250_TheWhiteLotus_1.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame 1107 88 KB
88 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_970x250_TheWhiteLotus_1.jpg_1633704407981_DCO_Residential_970x250_TheWhiteLotus_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38cb78ed5e7a5a3613e15b0db2c4cb7f7516b94bab184f0aa3f14b6f26db1b27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 18:50:14 GMT
x-content-type-options: nosniff
age: 285046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89622
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 14:46:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 18:50:14 GMT

GET
H2 200 DCO_Residential_970x250_TheWhiteLotus_2.jpg_1633704407981_DCO_Residential_970x250_TheWhiteLotus_2.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame 1107 20 KB
20 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_970x250_TheWhiteLotus_2.jpg_1633704407981_DCO_Residential_970x250_TheWhiteLotus_2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

138ae140509db78c54991197c21bb5594c45161af797224e03b737966370fd46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:28:51 GMT
x-content-type-options: nosniff
age: 232329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20535
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 14:47:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 09:28:51 GMT

GET
H2 200 DCO_Residential_970x250_ENT_3.jpg_1627383057598_DCO_Residential_970x250_ENT_3.jpg
s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/ Frame 1107 22 KB
22 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812389/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_970x250_ENT_3.jpg_1627383057598_DCO_Residential_970x250_ENT_3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab67033768d61c84f248cf3795efbb210feb236fc372932e2fbedcc13da695d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61460724/20200911100337694/index.html?e=69&leftOffset=0&topOffset=0&c=XhutZoi11K&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 04:40:32 GMT
x-content-type-options: nosniff
age: 249628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 10:51:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 04:40:32 GMT

GET
H2 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 729E 33 KB
33 KB 15ms
13ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:47:42 GMT
x-content-type-options: nosniff
age: 798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:02:42 GMT

GET
H2 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 729E 27 KB
27 KB 17ms
15ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/style.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:54:40 GMT
x-content-type-options: nosniff
age: 380
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 02:09:40 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 729E 7 KB
5 KB 26ms
24ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c094d299e384c4bf64987423a7581f0006d38dc0ed7a0eb2c7c53ab7694f02bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5258
x-xss-protection: 0

GET
H2 200 blank.png_1621951351089_blank.png
s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/ Frame 729E 95 B
214 B 15ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/blank.png_1621951351089_blank.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 17:51:59 GMT
x-content-type-options: nosniff
age: 288541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:02:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 17:51:59 GMT

GET
H2 200 DCO_Residential_300x600_Day-of-the-Dead_1.jpg_1633703644329_DCO_Residential_300x600_Day-of-the-Dead_1.jpg
s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/ Frame 729E 104 KB
104 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x600_Day-of-the-Dead_1.jpg_1633703644329_DCO_Residential_300x600_Day-of-the-Dead_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b01621cbeef201165805547d9f7b02199874f79ed75e80c0755eed721d00277c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 01:23:15 GMT
x-content-type-options: nosniff
age: 347865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106661
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 14:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 01:23:15 GMT

GET
H2 200 DCO_Residential_300x600_Day-of-the-Dead_2.jpg_1633703644329_DCO_Residential_300x600_Day-of-the-Dead_2.jpg
s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/ Frame 729E 22 KB
22 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x600_Day-of-the-Dead_2.jpg_1633703644329_DCO_Residential_300x600_Day-of-the-Dead_2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87bbe084d373a26b708609edadcd24e24a1cbc15cf4b5c8a6188b4a8a0159d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 08:10:13 GMT
x-content-type-options: nosniff
age: 237047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22830
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 14:34:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Oct 2022 08:10:13 GMT

GET
H2 200 DCO_Residential_300x600_ENT_3.jpg_1627370651901_DCO_Residential_300x600_ENT_3.jpg
s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/ Frame 729E 21 KB
21 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10819023/s0.2mdn.net/creatives/assets/3690075/DCO_Residential_300x600_ENT_3.jpg_1627370651901_DCO_Residential_300x600_ENT_3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

478a27011013ffe9338266976329f248a428fac152d4eda94c277c83c78653a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61453745/20200911120443604/index.html?e=69&leftOffset=0&topOffset=0&c=tHbIPMamUW&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:43:20 GMT
x-content-type-options: nosniff
age: 353860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21096
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 07:24:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Oct 2022 23:43:20 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7223 7 KB
5 KB 24ms
24ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c5a046133eff91fe9d05324b6dd89ecbb20e65af897d9ae544b1bb400ef6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5142
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F93E 7 KB
5 KB 25ms
24ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867f64d82a62978647b3ab3fc5c61a22376e3936fd0de0ed0a266d751d686f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5172
x-xss-protection: 0

GET
H2 200 logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b28294eac4f35ec5978ebe4c7de3898f0747c01f415e4dffee63a01391bf4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
x-content-type-options: nosniff
age: 75605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1956
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b28294eac4f35ec5978ebe4c7de3898f0747c01f415e4dffee63a01391bf4e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
x-content-type-options: nosniff
age: 75605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1956
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9919 7 KB
5 KB 26ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332b850f6ed7351e97ea38bea363faaa59f253a68ad4bc252d0ea7891075d1e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5297
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1107 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 729E 17 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7223 17 KB
6 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F93E 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9919 17 KB
6 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021102501&jk=2575024255638047&bg=!6uml6a3NAAZzbWp4c207ACkAdvg8WuON3Fq-CVVGhM88_PCHCFcT5wzlC2yUL7PQSLGDcfhmY3nvxgIAAAKmUgAAAGBoAQeZAqRR35qerAr1ChIV9IUQBmR03W2vvQ3PhV_pPU8Z0OJ_f_nGFq30AfQ4vQ3dFJSN-mq5gO7Qz8rWpNwkR9kdqTa50a37ivzlZy3-mnJL_AbYksMQhZeVCh7VS9tf21mVFQLqj4TV6Esv9BGaaYHNT9t8murc_5jpCUPFZF2z-Aor79oazEl-sKBI05YdO1BxDDYeiZP0TWxCag_2fK1GCYD2yZNOecHXwgS92F75FYJphZFLLsgS5GNnMtIIwulutDLGaFHgwF2cNJ1Q2LuaJT11QTl1zxGmjvYw2L4BW_Uhm2q0XxLV-_rCZJ_OQFmY1Nl9YdI0dZNFhoC9_I44DewPj3zbjBkFU4cgLKeDTSeBOkTAqvBKYs3xcs-Yj3vh89Xxfkc-Tm7a86tVEMM3dtDxxfYSlywO1_jPf-UewyKWKOuiT4wOHTQLgiVgEFg_F4vuemU3sL2NUvbv_sKO1wSpMq6J39Gl-nQihbGjFPnfa1U1hDpxV_h3jL42z1G3Fq3fk0MoztMUpdziqzRet8IjPn2vyj1gDIK6D14H5C3xm98WZ9dYN1WP3apfNwX2coMXQv9EloEF6_bnjgvpESJCKefOR9xb0JnKR52MBibThCKjKDM4rLUATa4P7mgtPMyTe2CXttTa6Rw1S0RrELeQ0v8RLkbde-sKf0vNYns1ijiqE5v7c0Us6ySfBy_iFkfqcoz0koQVhWdqE7RGDR6T4ditayIrPMoE2_SKZ469OPEUb25vQsYIjunl0KsEZn58LJGOJj2Cd4TigbiGcKmEVJWDnRJX7Y6dQb8Ggh4RYSlkdBBFF2CoSG9bAtizUf4kfgSus6AAgL1Y7cJqAfHCD-mTWnSO5fIO_Py0a_FTfyX1kNL2jOb1i6QMjN0ggeriIFmv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_weiss.png
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 797 B
873 B 14ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/logo_weiss.png?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9218308bf424adfef94dda17663543bafa6c08be7add810f55e6117ed7f859e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 797
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

GET
H2 200 pic1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 32 KB
32 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/pic1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5f94be87fe755c865670f36943fd44ae7d998c9b375fbd06f7edbc077869b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
x-content-type-options: nosniff
age: 75605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32978
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 pic1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 32 KB
32 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad5f94be87fe755c865670f36943fd44ae7d998c9b375fbd06f7edbc077869b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:55 GMT
x-content-type-options: nosniff
age: 75605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32978
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:55 GMT

GET
H2 200 pic1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 18 KB
18 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/pic1.jpg?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099e3048fb34f073efe7143875c783350eec3a1d82bdfb7b6b0c04703e1f632a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18794
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame C9C8 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H2 200 pic2.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 33 KB
34 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/pic2.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cccaffb860282e5885c90b4eb55354ead8d81b24548decc4576c13d315af889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:56 GMT
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34287
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:56 GMT

GET
H2 200 pic2.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 33 KB
34 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/pic2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cccaffb860282e5885c90b4eb55354ead8d81b24548decc4576c13d315af889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:56 GMT
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34287
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:56 GMT

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame 624F 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame A91A 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame A17D 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DB1 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A45 42 B
174 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcC2l32nRhq6_eTrLvbOGnAPB1s1AqPf84zMguImmIUBMUgiq1YROne9dNYrqfN0UbaVB1vjFCy7sDJWWiGOWc6yIr-mSqfR3M1LYI&sai=AMfl-YSELyEx-lHqbUA5r4lMBC_ud5HlxMyCOangt4S8VLcTmQ3smDOT3NsEJMYHx54MplZVmickODiAQmglPVk8_yUUIr72l1qUz84OoaOZPID8anxCr6cSLvESjrc2AWE&sig=Cg0ArKJSzP1ZpGQUXEPEEAE&cid=CAASFeRoDvNzERo0angUAoyCWVXzwxAVGg&id=lidar2&mcvt=1046&p=329,1001,929,1301&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=890421378&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635732058661&rpt=859&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 58A5 42 B
108 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDriXFqQuabqLJxYvy76saCwQMwyNp80aqD15zGslstlSywzudCsCidTMqqAOmgrUfP3lpZ1r9eZGgbZl54lhzs48vFIUwU2KKSQ73&sai=AMfl-YT0u-JQUFKcZxjaKlCjSzk3-SiujLQZVcF-q7EKYgOFPSoJ3l6HJgyZDZ0bZmCh0L4u4gUPnhTMxt-klgh-ajF7uH2ysuCjZhugAzQY-5RkysFGHJMn2_lpA-vOHvc&sig=Cg0ArKJSzOEnDRHzaBOUEAE&cid=CAASFeRopSBsPEpTE_84jiL80t0oYlTDOQ&id=lidar2&mcvt=1048&p=50,-7,650,293&mtos=0,1048,1048,1048,1048&tos=0,1048,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=295051662&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635732058648&rpt=833&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pic2.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 16 KB
16 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/pic2.jpg?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9257ef931b3ee0d3c541c49c3607674fe9502abd7b3a6bba7bf29da7b4c69784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16350
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

GET
H2 200 pic3.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame F93E 27 KB
27 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/pic3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d4d2e2659dcd498be41b71564fbf9a3782618c69a19e4c01f074d6731579ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=trXvNh2WpL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:56 GMT
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27347
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:56 GMT

GET
H2 200 pic3.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/ Frame 9919 27 KB
27 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/pic3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d4d2e2659dcd498be41b71564fbf9a3782618c69a19e4c01f074d6731579ddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914004/20211007231801636/300x600.html?e=69&leftOffset=0&topOffset=0&c=5dOEInHxEb&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:00:56 GMT
x-content-type-options: nosniff
age: 75604
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27347
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 06:18:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:00:56 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8935 42 B
108 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBzBVQFA00siY_nn5MlXfYibDNjh53LHnqTMzkVpz_33RficIMMKotkFQxUVQoQaHX4VGBggHx7M7xEjOo5uPffElTYq95HUV-WxpL6TUY-PSM6KaE_A&sai=AMfl-YRkAuvDQ8vp2g2_rE-F7NrpSDHcwLZCYGEsYndhy6e88DYpf-lvWaOsHiVa59tD6B_j2xZGodTJq_VhbbTHfJR5apzrS7kJlix-3R8DbR7xkbR_BHD62PEZ3Z2O1CM&sig=Cg0ArKJSzOmgbWx7xG07EAE&cid=CAASFeRoc7pRIG4q9L0KC7nrtUA0Yfa89w&id=lidar2&mcvt=1050&p=50,315,318,1285&mtos=0,1050,1050,1050,1050&tos=0,1050,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&app=0&itpl=20&adk=2827293712&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635732058657&rpt=899&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 81A4 42 B
108 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyVNdlhMM9wEMX-s92gXB7IUexiYKAlbt2SM0aqkRy6XNfxE5y6ZxJ8MqdgbIbXxImfjoPjRVnTUZxghGUM6VXXy23oee4b9iBHqtT&sai=AMfl-YSkXQCaKt6aI7NgBHEvbuZ-cQLigknExSpbF9bQohFBEuOrmh3C-HOGRAS9A5jnTxRB-4ckz8vPtNq0UxWsk6XzOlFWbltasLavW1DcyCJ6cAa5OGUSeszLiZvmylI&sig=Cg0ArKJSzFDJEF8z2psUEAE&cid=CAASFeRonS3qChWC6AX20ckC9IhQJVNhvg&id=lidar2&mcvt=1051&p=50,1307,650,1607&mtos=0,1051,1051,1051,1051&tos=0,1051,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3756495028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635732058653&rpt=886&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pic3.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 39 KB
39 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/pic3.jpg?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f146645da76bb5679d163780a9455296f3f7fe1b6a654d96cc53adc49bb5480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39447
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

GET
H2 200 pic3_glare.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 19 KB
19 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/pic3_glare.jpg?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2654f90d474c0126df5e4ec2df9c0f120c7ed63e0950e9d2d645e340fb3525dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:11 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19688
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F36 0
56 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgXODW0p_YdvRB9Hs3wOE6rqYBQAAAAA4AeAEAg&bg=!YWKlYibNAAZzbWp4c207ACkAdvg8Wvp2fGVZ95nk2p8iYG7auMrSEW-4aJ5s03IPLctWtttKkOa0zwIAAAMxUgAAAMFoAQcKAChl3jPVUKE-CSSF7H-MluPHMGilyiONp3AhBusqfm2hz1uRv0r4Q69NmQL2ynxMrMjvpuGBvnaQYYZb9VLXCjUojbwzi7uF9JoN6YvqzvPp6vluXjml5FFYlRvDQaIJ3yGuARbcgLKaxG6DZgXsonpx8b_UY9I6jYNppOSFOgYFEmTC1MhT4EBNrpJxje1KTxtN80gy3HOnHmnSCdyBJfTQugc1JyLEp1wiLFcKurKumtQEcPctoYcJUZf9o7LV2t61w4g8Eq3NmRcc2eV3t8I5g3vqWp5d4PMsLBrsKbn061_e9Cy_TIIa4mL-xVxwZETBYLoddmi5JCQnMc8lQpI778ggBT1EqyH2dc_JHfDYjtddOUdMdSKQa-0D2ozZLbPXY2eflTUrWga4CBAb8L0X9vvb8zvBkSQ5G9OlxmP9PsFZP6zfRRkpQgvr5DooAJlbzb-TQsoNYS-qIODS7aEh83fTOe63Ecs8qU2GtCwX4w45BEodaiTxbsA2SYpX0bKIWYe8zisFlP554tLQeh6moQTHHG47Ab5f2fLPK_PSF_cJ96LGDJGTre7sdpnf9z2TtLvWYmDALq6QTTgQbx-0C4lbPKU3XimoODpyvkWrHWEl2Qx0AdcbBwJdWH6pSsPcaaZfnj9ZBR1WrOwVRtR_zltHsEBfgcB85fTj98SarVJG9Cq8Ffxf6AUEyR420KVNQv6LKhxm7fm8fu8kFW_wE6tEyggt2gXb1mlGkV6q0j320GNFn74Yu4ISlo2Kd5fnTzL8hF-InarAt7OwbZvWqPmJe9iNbujvjk4FkClT857OqFmBEETs45x_-O5lMw1K1zgnx_1IK0e0qqexwBjYHwMRnEm7roe2Z41dHVX_VeeB_zt1V-tuRiR_P1k-LOu6q3vLHMIoyxzSS5BwW7hLIBh5vVVH01eXZQZQraw7oXmKsrYEc2Q_N0ttnLD0UwBsxf5jEmdCN0sC2aQiGnuRHZuX9h1qii6TDtn0ptL6HSVVLuqnfuUnjXyV4yrjuHOuB2Az0bI1cuwnqyM7XYD4dY6oSFNVFMbJMM-yHlMEddw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2512 0
56 B 44ms
44ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIJ0oW0p_YZCSCJfqgAf8lJuwDgAAAAA4AeAEAg&bg=!a2ilaCzNAAZzbWp4c207ACkAdvg8WqhFFzSkfpudoAvCiTjleNV5iH_bB_pI3djGr9w8DRgPYAhGUgIAAAMbUgAAAJVoAQeZAxZDWum9d2D18D952p3Uu8eUy3CCYPQSKKEf55wGel8d5L4k5rEBDK17CNlsJC890atdZ5maA7GnZlZKfbevMtij6DM0PCEQL1tej1ywGVNhdBlMt42FTTO6CQ3Oi5Xu7cvC3fx3g1a4hQx5zEHozWPGds2zB3qSQnupMlmf9PRvms3qnDyP0K1p_kOJ16f4RmByP0thOT9CPxa3XwofJJtClgP2HfAeVRpsdaX9zXu7Kw3S82RZpYKuE1CS4CxNIWqeZ9xAQOCacTLmL2YFqyPsIIYWyIyQCWUKUUW0jqCrsKQWYaxK8gA2CDyp7CKlx-9t5WG4cduXys7QGtZGJZNA9_AJrXnH5saH1EZ-c5t8jrO3LPYY5tXsd43MwfpqNQ0h-n7I2_Q-sgzih0rPB17V0TxuDI3PizVae3JVArPhgSJKHP_ZDEGRuRmPWl_nCa78UYmmtzHESMYV0BLWNPDZzixg-5_5zGSOBJBkQPIqqLYZWtcjGKfS19KKuTWi6NUm8hI_GhvHFC4LTX6glpy_zhz_Xgyk1JjNGEzuXQmPAM_WErJ3B54R_GxEgPbak3PnXiHUMLutjF-5DLzlIdISkFIZThGJKonfwAbKLWZQfp-ofG0DKxkdgD_hT9BN_AS323LSjGULQ7CJMQlfKt9DhnTuDkqshq0fqocBajVveaM8198lRZdbwuH5bzxHFwsv2-HwPVMo3KVPIQSvugpTX-wZzEFpTw5Yqof6ODKUAA1VEZTh0B1jpODSUcVTXSh0KPHv0w8nSF7u7zUgsC_YhcP153rlbwIpXQu4scpumhAkrU1VV375hpYJhxXeUsLjnLQlaNeTjUs1TRLWVyov3ra3QnpQexoVLqh9FE0W4Bh6vfY4LD-NsxtrXrjjQ68Owd2uHIP4J5PzxqNE1EhqMNKPdUFPg_9EPO7_cDIPZZtxEdQfwDpbqISAh4gJGSrAV4XJJpzBDuyeHCFzLveLg10WRdDvi4VBw797D2yH4M_QpqebUoPoR-UgMgGT004KKW-2CaaCuCt5EnRW2XLvyZRqs0fJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F04 0
56 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgBtGW0p_Yb3PCKmm3gOhzIWQCwAAAAA4AeAEAg&bg=!0dKl0pbNAAZzbWp4c207ACkAdvg8WsOIQ-XvVNRSebbm9WmNRFHhvNN-xeQeCr97TfEa4fHTXGTYdwIAAAMeUgAAAIdoAQcKAHa_cc6bi3ThHPKOV5MJf12MgKs2-hEVvMJsZcK2F9VEAYguebPkXU9HjyDXTY1YMqy4eHrZ9NUi8ip3KJt69rAArKR5Y_4y-VDJP9ovVNScOfakf8zcOQktyLfj8qXDgOeX23aupHevVdyPEbz4FPimH5meSm13mQL6-rblBAzFX1qs6bs47OH8ss638aCif808p7710BSLxYQ0q7VPdHOs8DWee8QUhIW7RUyAcIn2KHEn4pD0ZoemJ_hLW9sqqcUHDCuJOzcx0ZKKSf3zULHzBXgF5AHaYQZUpdIflKd6y5UAxFExGiqZA0zKE__oR6g1yZ1jpLQN-9jVG_pHgSlZP4c-VS1964Z8xmQw_n3uraz0dCLUkGh4hbZDrEun3DUQtBKusjo79WBmJgJUjPKJeO8CJiu9chdvW7GwpXBS0DKP9n3TEPm0nffpqmOMdDVBhx5MhAZCAmpbzzv8N2u46XwsBxaInspKSDreEMa29nHwfp97hP3JZVH5HBIsfmUShkwNWED_YstHBO0NirdzV36OmYG-jo_vQdDIqL9XPRvlx_OpssCPxgbNvh6InP5iGSHt3YzLoWNFqGmMUtnquDve529A1Jx9sBAXGxXNmoLfdJjx5XEzEfEnu4cb5pHORTlVVPnocddqzeh6DuDJQPrEwYo2IoqmxWH2Py91I8QEi4b1UDMEOkJcwWBQoqNx9RUKpIy11VMu7L3ppNYQW1xDlEkBPjie0LnRHjkOBlhBNSHl3Gzvrt8LSIW4eZRYf9FYZP-kvlSaDb1Ilp7ZnJx2IeDV_brcljv40u1HTDGcuyTWSwsnV_NgzHgNZ2U-3-JfIvgZItzwpRr4a4xpKftNlJqlMaSyiEA3ugwsyWxeQyMvKeDS9QwBg3O4ZFtddYO5C6fnBovrY_6ggftQaGYxNZ327sAGkMaMCcm2TM9D9moBi65B0r6n2_Jw3YQEIpRb9r1HoiY5ybLACRXlSeYj5RL2o6Qlq95BFJj33H3qgRTqOOtBAdkpwR6gkRwfoAdHqMgSNqPmaJMj8iiQzqNhFKxbMxzeOwyddwxBWvdLt-Qd4Ncm20DSt1D588YcYoE_QUnKyDlFAr5PPDY8Q-nSZqL5rdUo2Fu_6MrtINXYv-s8RL3KKahSQxjOxUoNWg2zhnvm03WI_c8BLcvn4k8U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0637 0
56 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXdbCW0p_YZGUCM3Z3wOswYrgDAAAAAA4AeAEAg&bg=!OzilOHzNAAZzbWp4c207ACkAdvg8Wi2C2zc8KJATpK8gRYoZ2oNPhe_IN0dOQcEQOwYzmXqQj6w33wIAAAMXUgAAAIhoAQcKAHKNw12Bev7X9KEw-04tYgnqsa7DnLakKAUDuMaiUNrekj35E8-V_qUEdlzEfOZY8JIe2p38HD9m-L3ljDnG2If9MG6mdalNGsjw6HIaO93Uh5KB5lfQIUsCqNNp9nvo6RHXgKVI3tWjmAYiDUrpB3mezXSZAwNlTDVvROLhRyCIL2g64mkYH5GHFf0kY1E0F2h7riXYsgfxpku7s-AZv6NoBpZpTDusLab6yo0oE3yXzx8Jk8ZEFaOJ9BztlTv4gsjhDfeK6_5ynxhYK28fH6PNkIooKvjWPE5hho30_XE5aXaZGnlKxyF6Gs3CAWtsppAyQM-lDXjof1jM_TEQrYGyspl9rIdRqj6PYXdTMbkVuKljePW6FyBlWW5VnCBDpnt85_TRCN0eJPwFDZYoQ2cWK9g8wU45-foIYeUL177dcbvp8DMwSEyoqd48CmhgHo_HBwFIuwQU5wLGQZPxNgd7vNDqctQ7Q9gWKvI2kuVHFYe4u8cOXD9V43bgkR-kkTWOmIXZBA2YskcJbDItaMjqb3tKEqNiLma7YZ7KG_wxOt1JGmi30eA5zPFF91vemLblsdCOiW_Iisip4Tu1l2Mb0TgHqAzfWWNaLAk4MlMBm7A2Ya6WVn00h-jM-Wamq-KxYyQBZ4hdYnyKnJx-9gALOK076aV8gbyVrMUaFqaMs7k2hTQDR4yXFfLcqZCiLz_EpPz9t_mJDpQiSBoK3sAi2P0jzjmqWfo6-53l_QWUgJoG7adr-r7bbDORpNO5SGiNc8ZUKd_FhQBonsdtWPF824t8l2vYHyEdc4l8ya2KNqyLgoRtkm9Ghv9aAjasjdyuJBzPvGEOWmk6vMOXIK8P_S5Hu_l4tW7ofZILHAkX9c_iyShjoRM0pzFh8Qhd6o4UN1k_HbpRq8BVTAFT1XHVLQXeiuUgROA3pS1W03Z5-pTaGG8Jqx6dr0JPP9OmJ51zE1C-eXhCVjSCiG8DvL4cizWjL_HHLNf94oD1DQVePgW5UehzWQZXQMTNol6o7x-6KnnDrybFx_RyTTjP7pBuWkL2IXutBLWyBfHdu1TJbMSBGkUXLGDZTBQSFw1qPkPerqgvm_8rP2caa4Hj0TBTxG0Fb01CmWAYUkU-sFCqLs0V-1TyPuBn7sjyjlvnaaKP2WGRjJ0DkRV69cfvdHI2nMq4wsJCQyI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 txt3.png
s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/ Frame 7223 1 KB
1 KB 14ms
14ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/images/txt3.png?1633600588377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7b3378a4fdf205a142962990682abcaa97551efae6a44d821dc421e123d471a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61914274/20211008050956012/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600/VOX_LT_DV360_HPA_GRILL_DEN_HENSSLER_300x600.html?e=69&leftOffset=0&topOffset=0&c=K7CPLaAXBR&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 05:01:12 GMT
x-content-type-options: nosniff
age: 75589
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1267
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 12:09:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 01 Nov 2021 05:01:12 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 767A 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9k-AW0p_YbHjCI_s3wPj7InwAwAAAAA4AeAEAg&bg=!LS6lLmrNAAZzbWp4c207ACkAdvg8Wof_JXLKprBk8nbGj4-HKnCRcL5W_R3P2IvsWCzBO0NGQwS6ugIAAAOKUgAAAGBoAQcKAGxjagIiryGbPgOjeI5tr2ceQm5yx6zqgG_1t9qs3BwXhcstLDEpYZ_yQ7OBllXPHgPckw2QEMLsw7KDHy5A43G9bPqL4coy7xHIWbAklR8zPqoAxSm2YxkLaghEsFnwt7RlSJoBglu9NhEbws6ZAwwLrON8MJyGfewwHePIFkOK_BGSMZgYRNICFjpr3L41zVtnWHQNYYIQ8yx2Y1-TYi8ELjFcs86cidCF182RxA7dV2U3cCyQ7trVDN6B20wJr4sSRIK9IhZJ7pywYiQ0jyHuweOn5ldYQLy-fQ1y7j1mz-uaG4xs7F4sFDuViQ8-RpTiOrfm03yHi72rDSdzIv0cKj9Kf3QjW2aUlOZY_Jr6l0On5lzIuHj40DUCyqqJW1m6zCjSgB05MyywtiEEkDoXWHEgHrF2Rt2ti3WcNTE9HiISMvshi-RIyqk-iL48yv5ASBO5wXZxzW4oMkJ5vTmTIinzbY-ekz6q_5EPz8hvZQb1FheWynx_0Yegyik0J3hg7A8TUseluzGzwPFPqJn-tywTR3kHfEVrN_1JcCAb_WuAJ_-MVK_Xte_sO4RmRO3_8Hes7uGlfedP5V5ziGE-RIsBACetGnwJOwe1trshdgtj04vDq96H9o3a7bxSa-V2CnYVC-m_ykOF41Cx7KtNm6Kcql09O95x4JOGb8BkRpteRG7UQQd_HK6FkM-hTVxONxE2ZTwBNdf86GAGXD6mZex8pjmURrKK6LKCclHAx6Xu0e5I207-X2HfzpmwKmqMh5EUTci3nalCT48IlBH1yXwkYzg1cCenqQCEcPbIXEM_qYJLZlsftjfavTJ4qO2sllxiGRDe-mXynT9FlK4a3AQWQXvWwAqD7SOofRvW1SVDKypEEU-I_IEkomOW51h4VDgz8NEtAoj6MGFIpvM6xS62XWjHfUSKzz0ExiCdk7Pxm0uCqck6_qqb1bCkXebWIKUjBXle8H0uoGfPPcXTv6ZpC6DuYmX7tJutqa3uZoN7rRe83I5o_Nnc569cd0nkvp9gRmlTPNYFWuQIoqV3ybY5Tus6kO2tPZxVCPszwA3tSdTGi6Ekc95QpniKBHCrd8e4y2gIB8G-xE3OeJ9alMmu5BodW_I8-XINJPBUZXrgb09qDFq76rEUC99ofinP2AEcims8wmmUHPAOKsgFm13qHWmsuAw7M4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DF12 52 KB
17 KB 49ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 25 Oct 2021 05:07:02 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 01 Nov 2021 02:01:01 GMT
Age: 75245
X-Served-By: cache-lga21925-LGA, cache-hhn4021-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 217196, 1102698
X-Timer: S1635732061.281770,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 1CC7 2 KB
1 KB 59ms
18ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 01 Nov 2021 02:01:01 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame B245 14 KB
5 KB 83ms
28ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Requested by: Host: image-us.eva.vn
URL: https://image-us.eva.vn/upload/eva_js_library/prebid5.17.0_eva.js?v=20211014
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://eva.vn/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=168755
expires: Wed, 03 Nov 2021 00:53:36 GMT
date: Mon, 01 Nov 2021 02:01:01 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DF12 0
733 B 14ms
14ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 826a297b-a8c5-4916-b65f-4269a97e33f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 1DD5 1 KB
3 KB 97ms
48ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e45cad52a2175422f57fae81eff1289c6721d2d663f6b3b4c10d81df546acab7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 39|230|241|73|111|40|176|51
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1457
Expires: Mon, 01 Nov 2021 02:01:01 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
Connection: keep-alive

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B245 4 KB
4 KB 76ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=20519061&p=157376&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 93be8ddbb23d1694443dff8ffe3cb8c44fabd94c047ad2b1843a99fa825526f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame B9B0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C

35 B
467 B

21ms
21ms

Document
image/gif

37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 01 Nov 2021 02:01:01 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 01 Nov 2021 02:01:01 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame B9B5
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2307728982308196415

42 B
287 B

13ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2307728982308196415
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 01 Nov 2021 02:01:00 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug019:0:365
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2307728982308196415
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B308
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
340 B

62ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 01 Nov 2021 02:01:01 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug004:0:312
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

date: Mon, 01 Nov 2021 02:01:01 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Nov 2021 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1022876

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame E7CA
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025415707019442317

42 B
364 B

82ms
13ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025415707019442317
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 01 Nov 2021 02:01:00 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug007:0:413
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 01 Nov 2021 02:01:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7025415707019442317

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame EE3B
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YX9KXQABKAMLMwBR&gdpr=0&gdpr_consent=&_test=YX9KXQABKAMLMwBR

1 B
239 B

13ms
13ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YX9KXQABKAMLMwBR&gdpr=0&gdpr_consent=&_test=YX9KXQABKAMLMwBR
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 01 Nov 2021 02:01:00 GMT
content-type: text/html; charset=utf-8
content-length: 1
x-lat: amspug005:0:465
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Varnish
retry-after: 0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YX9KXQABKAMLMwBR&gdpr=0&gdpr_consent=&_test=YX9KXQABKAMLMwBR
accept-ranges: bytes
date: Mon, 01 Nov 2021 02:01:01 GMT
via: 1.1 varnish
x-served-by: cache-cdg20758-CDG
x-cache: HIT
x-cache-hits: 0
x-timer: S1635732062.699058,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0

GET
H/1.1

200
OK

redir Show response
rtb-csync.smartadserver.com/ Frame 7C4B
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFMMnlVN0NfcFVBQUJyQjViSkI3Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAL2yU7C_pUAABrB5bJB7g&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAL2yU7C_pUAABrB5bJB7g&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL2yU7C_pUAABrB5bJB7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...

43 B
163 B

120ms
26ms

Document
image/gif

185.86.139.115
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL2yU7C_pUAABrB5bJB7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
content-type: image/gif
transfer-encoding: chunked

Redirect headers

Date: Mon, 01 Nov 2021 02:01:02 GMT
location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAL2yU7C_pUAABrB5bJB7g&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B245
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7wZ4hfzVRe6p1z-LfIkkHA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

21ms
19ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=168755
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 03 Nov 2021 00:53:36 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0d68617f-4a5d-4600-844a-dcf48e180c0b

0
48 B

98ms
30ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0d68617f-4a5d-4600-844a-dcf48e180c0b
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 01 Nov 2021 02:01:01 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0d68617f-4a5d-4600-844a-dcf48e180c0b
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame B245
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=EF067885-FCD5-45EE-A9D7-3F8B7C89241C
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
https://pixel.onaudience.com/?partner=147&mapped=e4a49dcc-049d-49d1-a46e-aa2c760eafe3&icm
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=b372b3f9498e7f934c983321d0853e99
https://spl.zeotap.com/?zdid=1332&zcluid=f40796b1f77e8e0f
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=121c8b14-63f9-4552-4734-066cc8911c7c&reqId=1a125002-f806-4675-431a-daa79f94c3c7&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEJ2JTrd-GUmtfaiyQrv346k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=121c8b14-63f9-4552-4734-066cc8911c7c&reqId=1a125002-f806-4675-431a-daa...

95 B
164 B

47ms
38ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEJ2JTrd-GUmtfaiyQrv346k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=121c8b14-63f9-4552-4734-066cc8911c7c&reqId=1a125002-f806-4675-431a-daa79f94c3c7&zcluid=f40796b1f77e8e0f&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:02 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6a71886d6dc459e3-MXP
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:02 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEJ2JTrd-GUmtfaiyQrv346k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=121c8b14-63f9-4552-4734-066cc8911c7c&reqId=1a125002-f806-4675-431a-daa79f94c3c7&zcluid=f40796b1f77e8e0f&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RUYwNjc4ODUtRkNENS00NUVFLUE5RDctM0Y4QjdDODkyNDFD&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
340 B

65ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug015:0:265
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMxljthDmBR43HkHNj5GhtM&google_cver=1

42 B
440 B

64ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMxljthDmBR43HkHNj5GhtM&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:52:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:439
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMxljthDmBR43HkHNj5GhtM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame B245 43 B
611 B 93ms
19ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 31 Oct 2021 02:01:01 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&gdpr=0&gdpr_consent=

42 B
340 B

55ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug006:0:410
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 01 Nov 2021 02:01:01 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 01 Nov 2021 02:01:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e4a49dcc-049d-49d1-a46e-aa2c760eafe3

42 B
448 B

23ms
22ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e4a49dcc-049d-49d1-a46e-aa2c760eafe3
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:52:25 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:442
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e4a49dcc-049d-49d1-a46e-aa2c760eafe3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2131934254887103755

42 B
234 B

15ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2131934254887103755
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:1432
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2131934254887103755
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3835190029229782004&gdpr=0&gdpr_consent=

42 B
366 B

64ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3835190029229782004&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:416
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e4edca99-0136-4f43-844f-b68e6a2614af
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3835190029229782004&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame B245 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2EIwBIRE2uUEWZOFImx7DP1VYY8GCJo-~A&gdpr=0&gdpr_consent=

0
259 B

58ms
30ms

Image
text/plain

185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2EIwBIRE2uUEWZOFImx7DP1VYY8GCJo-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 01 Nov 2021 02:01:01 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2EIwBIRE2uUEWZOFImx7DP1VYY8GCJo-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2 200 EF067885-FCD5-45EE-A9D7-3F8B7C89241C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B245 43 B
873 B 129ms
36ms Image
image/gif 2a05:d018:d29:3601:98f2:3ed0:65d:a543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/EF067885-FCD5-45EE-A9D7-3F8B7C89241C?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:98f2:3ed0:65d:a543 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame B245
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e3327bd8-a983-4f79-b0a9-3422758b2775&ssp=pubmatic&gdpr=0&gdpr_consent=

43 B
324 B

44ms
15ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e3327bd8-a983-4f79-b0a9-3422758b2775&ssp=pubmatic&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e3327bd8-a983-4f79-b0a9-3422758b2775&ssp=pubmatic&gdpr=0&gdpr_consent=
Date: Mon, 01 Nov 2021 02:01:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7363570232606550533&gdpr=0&gdpr_consent=&us_privacy=

1 B
186 B

14ms
13ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7363570232606550533&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:399
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7363570232606550533&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame B245 0
104 B 109ms
60ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=EF067885-FCD5-45EE-A9D7-3F8B7C89241C&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

42 B
202 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:00 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:451
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame B245
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:44e6e0aa-aac8-48a0-a30e-07b991c3d630&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
188 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:44e6e0aa-aac8-48a0-a30e-07b991c3d630&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 01:49:45 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0021:0:448
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:44e6e0aa-aac8-48a0-a30e-07b991c3d630&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Mon, 01 Nov 2021 02:01:04 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1DD5 70 B
264 B 51ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 1DD5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENUStkEInucmbfXLcPTyDg0&google_cver=1

43 B
315 B

22ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENUStkEInucmbfXLcPTyDg0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:01:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENUStkEInucmbfXLcPTyDg0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 1DD5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB&dcc=t

43 B
645 B

106ms
106ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZKJQV6K40J0B61BEW3ZJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZZYHFMXW0Y09ACHAMRCQ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YX9KWz6mvomArA5GAmHM4wAABH0AAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 YX9KWz6mvomArA5GAmHM4wAABH0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1DD5 43 B
870 B 57ms
36ms Image
image/gif 2a05:d018:d29:3601:98f2:3ed0:65d:a543
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YX9KWz6mvomArA5GAmHM4wAABH0AAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:98f2:3ed0:65d:a543 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 1DD5 0
330 B 23ms
20ms Image
text/plain 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 02:01:01 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 113
match.deepintent.com/usersync/ Frame 1DD5 0
44 B 308ms
97ms Image
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 Albuquerque, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: c /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
content-length: 0
server: c

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1DD5 43 B
220 B 111ms
7ms Image
image/gif 18.184.28.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.28.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-28-154.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:01:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1DD5 43 B
425 B 20ms
19ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YX9KWz6mvomArA5GAmHM4wAA%261149
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 02:01:01 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3344
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:56:45 GMT

GET
H2

200

cs&eq_cc=1 Show response
um2.eqads.com/um/ Frame C016
Redirect Chain

https://um2.eqads.com/um/cs
https://um2.eqads.com/um/cs&eq_cc=1

186 B
370 B

104ms
102ms

Document
text/html

54.174.249.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://um2.eqads.com/um/cs&eq_cc=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://eva.vn/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.249.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-249-39.compute-1.amazonaws.com
Software: /
Resource Hash: ff7e063a80d58360cf27d076e7701c54c7096c9ae7531dc82fd355656035b61b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/

Response headers

date: Mon, 01 Nov 2021 02:01:01 GMT
content-type: text/html; charset=utf-8
content-length: 186
cache-control: no-cache, must-revalidate
expires: Sat, 6 May 1995 12:00:00 GMT
last-modified: Mon, 01 Nov 2021 02:01:01 GMT
pragma: no-cache

Redirect headers

date: Mon, 01 Nov 2021 02:01:01 GMT
content-type: text/html; charset=utf-8
content-length: 41
location: /um/cs&eq_cc=1

GET
H/1.1 200
OK crum
dsum-sec.casalemedia.com/ Frame C016 43 B
1 KB 24ms
24ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=53da36dc-99e9-4eb5-a570-9d5dbfa781d0&expiration=1643680861
Requested by: Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://um2.eqads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 02:01:01 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DF12 0
733 B 14ms
14ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 02:01:02 GMT
X-Proxy-Origin: 185.232.23.182; 185.232.23.182; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8611ee4d-cbf4-4f86-b2e4-c099cb73ba35
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame B245 0
260 B 58ms
14ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157376&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=157376
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 02:01:03 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image-us.eva.vn
URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/other/2021-10-12/utm-androgyne-1634042107-49.ttf

Domain: 24h.com.vn
URL: https://24h.com.vn/ip.php

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

417 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.scorecardresearch.com/	1970-01-20 15:39:00	Name: UID Value: 1DAKZ2DJJQRT3NF15E2OJ9g1635732055
.eva.vn/	1970-01-20 15:53:24	Name: _ga_3ET9718F65 Value: GS1.1.1635732055.1.0.1635732055.60
.eva.vn/	1970-01-19 22:22:15	Name: AMP_TOKEN Value: %24NOT_FOUND
.eva.vn/	1970-01-20 15:53:24	Name: _ga Value: GA1.2.1343591147.1635732055
.eva.vn/	1970-01-19 22:23:38	Name: _gid Value: GA1.2.106100947.1635732055
.eva.vn/	1970-01-19 22:22:12	Name: _gat Value: 1
eva.vn/	1970-01-29 22:20:45	Name: pushdy_view_times Value: 1
.criteo.com/	1970-01-20 07:43:48	Name: uid Value: 9568426e-1274-45cf-8683-afa1f91bff5e
eva.vn/	1970-01-20 22:20:45	Name: pdts Value: direct
eva.vn/	1970-01-29 22:20:45	Name: _pi Value: {}
.adnxs.com/	1970-01-20 00:31:48	Name: icu Value: ChgI-qVFEAoYASABKAEw2pT9iwY4AUABSAEQ2pT9iwYYAA..
.adnxs.com/	1970-01-20 00:31:48	Name: uuid2 Value: 3835190029229782004
.eva.vn/	1970-01-20 07:43:48	Name: cto_bundle Value: hlJSuV9mV0pWZDMwNndYTmhnb2tSbHNVUVlqJTJCbWduUTNrMUpUUVhIVDZQRTZGQ3Y4ZlJ0U3lmdGQ1djFMM3Bhczcyc2N2RWYwbE80SUFHejNod2JaYjN3QlJDNSUyRjNoaEwwZnFNJTJCUloyUHklMkJTeCUyRko3MWtqckFvUEFqWnBnTXR6TXQzeXltc2c4UDIlMkIyQnJMcU9yMUdXbmx0SmclM0QlM0Q
eva.vn/	1970-01-19 22:23:38	Name: adBFlag Value: disabled
eva.vn/	1970-01-29 22:20:45	Name: pushdy_last Value: 1635732057980
eva.vn/	1970-01-29 22:20:45	Name: pushdy_player_id Value: undefined
.eva.vn/	1970-01-20 07:43:48	Name: __gads Value: ID=671a901eab13abe5-226024c905cb006b:T=1635732058:S=ALNI_MYGq_pZrHacDwKCaMWwj3s0rZKaEQ
.doubleclick.net/	1970-01-20 07:43:48	Name: IDE Value: AHWqTUkrk0fOIBImr8rkWrH-GX4JIr03FbdRQRA28cpR7VkabHgr12MbNiq22IUP-oU
.openx.net/	1970-01-20 07:07:48	Name: i Value: 8d7a2d52-1c12-4892-945c-2a52ffaee511\|1635732059
.casalemedia.com/	1970-01-20 00:31:48	Name: CMPS Value: 5204
.adnxs.com/	1970-01-20 00:31:48	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU'okit5!]tbPl1M>e)ZlrFUfJ+tGXxo<XZNI4K'xuR?pVhFU!>g3XpG-/c?3.gN'SE_bpRzqF1`b_Ym/_)q
.casalemedia.com/	1970-01-20 07:07:48	Name: CMID Value: YX9KWz6mvomArA5GAmHM4wAA
.casalemedia.com/	1970-01-20 00:31:48	Name: CMPRO Value: 1149
m.exactag.com/	1970-01-20 00:31:48	Name: exactag_new_gk Value: 714153df2b3f415a83d990cf7991e7ef%7c31.12.2021+02%3a00%3a58
m.exactag.com/	1970-01-20 02:41:24	Name: exactag_new_uk Value: 6a4c5aeef27a4d7a93b6fe22409bbffc%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 77cb5a7289fb4c08b7f745a7
.demdex.net/	1970-01-20 02:41:24	Name: demdex Value: 10121803587337127732422733113875897755
.skydeutschland.demdex.net/	1970-01-20 02:41:24	Name: skydeutschland Value: 10121803587337127732422733113875897755
.pubmatic.com/	1970-01-20 00:31:48	Name: KADUSERCOOKIE Value: EF067885-FCD5-45EE-A9D7-3F8B7C89241C
.pubmatic.com/	1970-01-20 00:31:48	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 22:23:38	Name: pi Value: 157376:2
.pubmatic.com/	1970-01-20 00:31:48	Name: DPSync3 Value: 1635811200%3A174%7C1636934400%3A197_219_201
.pubmatic.com/	1970-01-20 00:31:48	Name: SyncRTB3 Value: 1636329600%3A2_223_15%7C1638316800%3A203%7C1636588800%3A63%7C1637020800%3A35%7C1636934400%3A8_166_22_13_161_56_71_220_55_81_21_7_54_3
.casalemedia.com/	1970-01-19 22:23:38	Name: CMST Value: YX9KW2F-Sl0A
.adfarm1.adition.com/	1970-01-20 00:31:48	Name: UserID1 Value: 7025415707019442317
.mathtag.com/	1970-01-20 07:48:07	Name: uuid Value: f01a617f-4a5d-4600-87ed-a55c0b2b65b6
.adform.net/	1970-01-19 23:05:24	Name: C Value: 1
.simpli.fi/	1970-01-20 07:09:14	Name: suid Value: F6CC04FEDBD1404F94BF1A439B2B76C2
.analytics.yahoo.com/	1970-01-20 07:09:14	Name: IDSYNC Value: 18z8~21a2
.de17a.com/	1970-01-20 07:00:36	Name: guid2 Value: 1.2307728982308196415
.adform.net/	1970-01-19 23:48:36	Name: uid Value: 2131934254887103755
.adsrvr.org/	1970-01-20 07:07:48	Name: TDID Value: e4a49dcc-049d-49d1-a46e-aa2c760eafe3
.yahoo.com/	1970-01-20 07:08:09	Name: A3 Value: d=AQABBF1Kf2ECEO3_N4xc-Tk_Uld3sR9oc0gFEgEBAQGbgGGJYQAAAAAA_SMAAA&S=AQAAAuGD7S8hV2zSdrOqMxsvX8M
.pubmatic.com/	1970-01-20 00:31:48	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_1101 Value: 23040-7025415707019442317
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_27 Value: 16735-uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&KRTB&16736-uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&KRTB&23019-uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6&KRTB&23114-uid:f01a617f-4a5d-4600-87ed-a55c0b2b65b6
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_57 Value: 22776-3835190029229782004
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_80 Value: 22987-CAESEMxljthDmBR43HkHNj5GhtM&KRTB&16514-CAESEMxljthDmBR43HkHNj5GhtM&KRTB&23025-CAESEMxljthDmBR43HkHNj5GhtM
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_336 Value: 5844-2307728982308196415
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_391 Value: 22924-2131934254887103755&KRTB&23263-2131934254887103755
.bidr.io/	1970-01-20 07:50:45	Name: bito Value: AAL2yU7C_pUAABrB5bJB7g
.bidr.io/	1970-01-20 07:50:45	Name: bitoIsSecure Value: ok
.bidswitch.net/	1970-01-20 07:07:48	Name: tuuid Value: e3327bd8-a983-4f79-b0a9-3422758b2775
.bidswitch.net/	1970-01-20 07:07:48	Name: c Value: 1635732061
.bidswitch.net/	1970-01-20 07:07:48	Name: tuuid_lu Value: 1635732061
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_377 Value: 6810-e4a49dcc-049d-49d1-a46e-aa2c760eafe3&KRTB&22918-e4a49dcc-049d-49d1-a46e-aa2c760eafe3&KRTB&23031-e4a49dcc-049d-49d1-a46e-aa2c760eafe3
.turn.com/	1970-01-20 02:41:24	Name: uid Value: 7363570232606550533
.everesttech.net/	1970-01-20 07:07:48	Name: everest_g_v2 Value: g_surferid~YX9KXQABKAMLMwBR
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_22 Value: 14911-7363570232606550533
.pubmatic.com/	1970-01-19 23:05:24	Name: PugT Value: 1635732060
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_188 Value: 3189-no-consent
.pubmatic.com/	1970-01-19 23:05:24	Name: KRTBCOOKIE_218 Value: 4056-YX9KXQABKAMLMwBR&KRTB&22978-YX9KXQABKAMLMwBR&KRTB&23194-YX9KXQABKAMLMwBR&KRTB&23209-YX9KXQABKAMLMwBR
.onaudience.com/	1970-01-20 07:07:48	Name: cookie Value: f40796b1f77e8e0f
.onaudience.com/	1970-01-19 22:23:38	Name: done_redirects147 Value: 1
.adsrvr.org/	1970-01-20 07:07:48	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwimyfLMr7mOOhAFGAEgASgCMgsIkr3G-8W5jjoQBTgBWgd4a3N3OWxhYAI.
.eqads.com/	1970-01-20 00:34:40	Name: EQUser Value: UID=53da36dc-99e9-4eb5-a570-9d5dbfa781d0
.onaudience.com/	1970-01-19 22:23:38	Name: done_redirects104 Value: 1
.casalemedia.com/	1970-01-20 07:07:48	Name: CMRUM3 Value: f1617f4a5d05a0&6f617f4a5d05a0&33617f4a5d05a0&2d617f4a5b2760CAESEI1sfWy12VRtWAkstkWGJrU&b0617f4a5d05a00&27617f4a5d0b40&28617f4a5d276053da36dc-99e9-4eb5-a570-9d5dbfa781d0&49617f4a5d05a0&e6617f4a5d2760
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4f0bcb43af0de6ae
.crwdcntrl.net/	1970-01-20 04:51:00	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 04:51:00	Name: _cc_id Value: b372b3f9498e7f934c983321d0853e99
.crwdcntrl.net/	1970-01-20 04:51:00	Name: _cc_cc Value: "ACZ4XmNQSDI2N0oyTrM0sbRINU%2BzNDZJtrQwNjYyTDGwMDVOtbRkAILEeq84EA0FAD%2BgCco%3D"
.crwdcntrl.net/	1970-01-20 04:51:00	Name: _cc_aud Value: "ABR4XmNgYGBIrPeKA1JQAAATVQGJ"
.onaudience.com/	1970-01-19 22:23:38	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 07:07:48	Name: zc Value: 121c8b14-63f9-4552-4734-066cc8911c7c
.zeotap.com/	1970-01-19 22:23:38	Name: zsc Value: m%FFER%02%28%FAD%04%C9%AFhG%97%02%CC%AB%C0KnD%122r%07%B7%93%5D%F8%18_%A0p%FE%DAb%5D6V%D0%E7%D5%E2%A2l%D5%C5-%7C%81%AC%1B%DDFI%90%B6%10.%9F%E7%0B%0E%DB%2C%F0%282d%82%A0%2F%0D%22%87%1B%D2%E2%28%99%3B%92%90
.pubmatic.com/	1970-01-19 23:05:24	Name: SPugT Value: 1635732063
.adsby.bidtheatre.com/	1970-01-19 22:32:16	Name: __kuid Value: 44e6e0aa-aac8-48a0-a30e-07b991c3d630.404946064

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://eva.vn/(Line 3468) Message: Unrecognized feature: 'web-share'.
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/icon-ngoi-sao-dm-1634042106-391-width23height23.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/logo-star-kombucha-1634042106-837-width100height79.png?xcv Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/bg-box-event-hp-cua-ban-mau-gi-1634042106-558-width625height1129.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/icon-cham-tron-dm-1634042106-869-width11height11.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/image_dai_dien_giftext_su-kien-1634042106-331-width183height90.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://eva.vn/ Message: Access to font at 'https://image-us.eva.vn/upload/template_hot_event/4-2021/other/2021-10-12/utm-androgyne-1634042107-49.ttf' from origin 'https://eva.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/other/2021-10-12/utm-androgyne-1634042107-49.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/logo-eva-1634042106-671-width168height100.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://image-us.eva.vn/upload/template_hot_event/4-2021/images/2021-10-124-2021/images/2021-10-12/logo-partner-1634042106-468-width118height48.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://eva.vn/ Message: Access to XMLHttpRequest at 'https://24h.com.vn/ip.php' from origin 'https://eva.vn' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://24h.com.vn/ip.php Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

24h.com.vn
414557de8c8b4fb909210d86b7916152.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ampcid.google.com
ampcid.google.de
analytics.google.com
api.pushdi.com
bh.contextweb.com
bidder.criteo.com
c1.adform.net
cdn.24h.com.vn
cdn.eva.vn
cdnjs.cloudflare.com
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eva.vn
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image-us.eva.vn
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
m.exactag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
odr.mookie1.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
search.24hstatic.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
skydeutschland.demdex.net
spl.zeotap.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.teads.tv
thongke.24h.com.vn
tpc.googlesyndication.com
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
24h.com.vn
image-us.eva.vn
pixel.quantserve.com
103.151.240.3
103.161.22.132
104.111.242.245
108.128.92.179
125.212.247.127
125.212.247.143
125.212.247.2
13.225.87.89
142.250.181.226
142.250.185.162
151.101.194.49
151.101.65.108
159.253.128.183
159.65.197.210
169.197.150.7
172.217.23.98
178.250.0.157
178.250.0.163
178.250.2.131
18.136.143.222
18.184.28.154
184.31.84.150
185.29.132.245
185.33.221.13
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.81
185.86.139.115
198.148.27.139
198.47.127.20
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
213.155.156.183
213.202.235.8
2606:4700:10::6816:1857
2606:4700::6810:135e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200e
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9a
2a02:2638:1::13
2a02:2638:1::3
2a02:fa8:8806:13::1370
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3601:98f2:3ed0:65d:a543
3.126.56.137
34.248.204.54
34.98.67.61
35.244.159.8
37.157.4.40
51.79.83.225
52.223.40.198
52.30.140.199
52.46.133.124
54.171.104.28
54.174.249.39
63.35.110.131
64.185.232.226
66.155.71.25
85.114.159.118
00d26efe5242062473837e902512285e251adcf24a0c7874db846685bc495411
00dfda55da56681fd3d29df521696909a3ececbdc763890abb314fb86a9ae082
014b9ebe33b44c59d0c40327b6fea321cc650dfbe32f39dff160078e96ba07ac
04fabe9d4c345b51d6cf2debc008a2ff02c2344717589a78d6db9c1d2575c6a5
07a9e09b4a0a4e9b039d8e9c7428e32315fe8c70803a15a7ded9a2637103db7c
07d0db28ce844283e1926f4045ba132ad454c41577428cfdca3f746814dea479
099e3048fb34f073efe7143875c783350eec3a1d82bdfb7b6b0c04703e1f632a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bac27e00a2ce551658b7ff621ca93ff1a77dce92a3542a8c04bc4bd746df4ab
0cfcb728de6c3963d8c51d5433a7ee13942e9bb2e5d3b6da3f45ba4cc6486685
0d4c520d8d19c54f542db4edba9c0f2e40fb4ba83d6cbe964cc2ae2f6728602e
122baa57c81db213f8508c0fbe8ed7ac5f7c1a0acd5ca7930aed057546998080
12728e13c1f80cde6d56b920a8339a7113b3f14bb919bfa3866076c14002fd63
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138ae140509db78c54991197c21bb5594c45161af797224e03b737966370fd46
14932cba017679b8431406b01671159782890f6953eb37ebf78d4d2dd45d2a38
14cf1fefc074df7c1bcc0ee73fb3c8933d8d1eebf5dc34dc5e26e01706301657
1624661cbe512e74aa398930cc367d1c919949a4611ac909abdf9c80bb80672a
1860490f14d8a58e40cf70c528b4d426feff659faf56f6befc779bfaa6f93ad8
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b740a8559a272d9836bf28741c8c4f4aae7139cdbcdef12356ddace5ff3a263
1ce7b05ea51bce6b8a3cc3f70d37ab081aa99ac8f4b0254901056a2211f846e0
1d4d2e2659dcd498be41b71564fbf9a3782618c69a19e4c01f074d6731579ddf
1e5716e347b96c5b4362afe694147ed30101487b1f0f88db95914c464a9f76ec
20c106ddccec0feed95beef9fc81f90d074d8540ae16c70522cdf78ec27a0769
21891456b45b77575e0a1d0eef66ee886e003e6d38fdea264aff2a4ea51571a0
22111c2e71374c2e178d66ca40ba9c2a97a0c0f092bdd486a77d4ad64b289aca
226c9d8248be827fbcec15369aa01880a9747a1485ced265d8bcbfd6d2c30cd9
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2302bf13e70e95fb01e6732bdc208f806f755fc8db8df846277ac6ccdc9cf395
249613eac2c65b7e1270724d79de0e03882a03ea555bf98e159d2b87ece31741
2654f90d474c0126df5e4ec2df9c0f120c7ed63e0950e9d2d645e340fb3525dd
294f0ae5923dd66d94f0d74c7556237bf550b2b341071ad8094ac1be0c363fed
2ca6e060292ca5ec33cfeed40de0c12dd9e40a1ea6a0a6e2bf237496f3d8c2d7
2cccaffb860282e5885c90b4eb55354ead8d81b24548decc4576c13d315af889
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
2edef65105d38b45e2b13a402864e8550bbb3e294b1e0e11123aa595548f451f
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
2f8fda8dfbb8fc73dfef6d634e2140feffe9c905154588a7095cfed2c3d21917
2ff97edb7570e5714791d77d428f8851dc48f9923f121e9eba756af9671aa171
30e99a6af661711347e61623fe457da64c931f031f55c3baccf4ada1a3dae308
328688c89d02cf08d7c2405a2f1311ad7ca6120197ed6fee8dfa42840c9791f1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e39e3ede302dc9f14b802b443bf3328b781033d0bb4a51ea6ca91d50c8bf5c
332b850f6ed7351e97ea38bea363faaa59f253a68ad4bc252d0ea7891075d1e7
33c8ce27047cd637889b270e93eddb2a09c227811b9bac5d7a1cb1c02c14c9d7
34c7fc7b2339c77b969ee3e0b5740e7498f23ad9e7dddf25a88dc6398a5dc92b
3517f8080c38eaef285fb6d5ad682cb4a7adc52309953717ea7b62a6db2482f8
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3808c4eabd7a52375db4ea2f0c9f316fe48c1800da4a4957300407dd95eb3a2d
38cb78ed5e7a5a3613e15b0db2c4cb7f7516b94bab184f0aa3f14b6f26db1b27
398ef9e35222b839fbf95e1453c4f530d145ec2e46429c56310181235dad8956
3c69dbba26c960886214d87c0dedda98a0b3c2e56e40c83dcb85ab68509dc9e3
3cefc5095d970c07ec75fc2a1e0761424d3698c44a68ac476026ef62fee69e8b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
418f32db2c3c108f2acb8e8cb2843c8e11c9a8e52684d69552457334bee2dfda
42660c39f7751ff78c974dc5c1fda55d37dba7ccc76b2ab50679656590db375d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
432cddd652b062d1c863b686bba50d4c64ce8d80ca717cb5fed9ba886af6481f
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
46ab3931903617bedce67bb2693579a9a066840c7ab21e2c3993caa4150d2490
478a27011013ffe9338266976329f248a428fac152d4eda94c277c83c78653a1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a095c4b655aa774d4b1eb479908d0aa5ce3482b701c4b25af75050e0fe85ebb
4a9eb52e1d73d6b2edc0aac01bf5fa9f52cf74ecdc6117315a6947b9da8a0bb9
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c2114c6b57faff185fda82d76c1599d504634bce5f84da23683dba2eada1df8
4c405f393d832e78171dfa6789d334bdce0fc5050aeae89d2a744e175184ae97
4dba1e011745c1bec0b32691b466bf85c8972935bdb186a45fc96296136b23d8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50993e08dc0e237255e82ba2f3861da255753d3f48511f745abe605fba26ee95
52c322a7b9f57f22f6fe4f59ceb0abec1cf7f79a69d4ee70f014e192fe787af7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ab17914d1a011a45e4427ef7f7588c76e33977cecf125aec25a424afce0bd
592efe1cf1a16ffd98bf860661b2eb45d0c05d0f6566ec946c122cdd620eade1
5a42da9848a1c0f1d79c0ff6a312e2bd8aabaff728ca2f805cb3c09ea02bae7e
5b5283f3cb47f04b15a1627f5a3f39a48d57540d7a877deb4b73050b6cd050f2
5c456738c2bcf7754ed3f680758ddfe0df21cbe2eeffc0eb3b8e3c87cdd06791
5e2718b4b437edd86140d80891cf912e88267f780c14656e84f27a38b10f48b6
5fc2f0ea24dda7b5b92436ace859f7f59d503b8ef641a364403bd468dbe6fad1
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61f033e7006c37d6a0f040b158ce4582cb92aa7cefda8d6ea2f9465704581a38
62e71896e6cd8c61daf82ebf05d101d8116c95ad0fcc35dbf92edf826ec15e2d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6f146645da76bb5679d163780a9455296f3f7fe1b6a654d96cc53adc49bb5480
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
72f2979b5986d5c2ea703407a17a641dda3bfea0f4efae4fd7cbb943d40f77e5
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77bb3dc523e7344767dfb134c5e340dcce88e381fccda8434ef44b4666d139aa
785df1f0941bbbf398f81344e1db19d6dcdb6b505d694e86d168caf42c5f1396
79a01fe77676046c41d12d7c93b16d33f1264a32bad083a515263840121aae61
7a35807b49f1e32a552dd3f7c27306f9ba809a230fc02cee2b0ee4e057808447
7aa3edd457d03ef9369a8500e6ce97a95e33f66e4de8ba161763cf75a5adf01d
7b28294eac4f35ec5978ebe4c7de3898f0747c01f415e4dffee63a01391bf4e8
7b4412c5a0647a80bad307acc2ef1b8d358a421b9a58d1e43d14e16a68377708
7c67e3cbcf272fb7e468cca55016bfe23033fc1c78a51b6f3d99970437cc37e6
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867f64d82a62978647b3ab3fc5c61a22376e3936fd0de0ed0a266d751d686f8a
86ea2f96b8ee04e5726366f08e4ce176133398d686fee8915c169c6f92139d8b
878e13c0e0412cc5cbf28d7808487697bf3554cd91832a901702c7ba9eaddc4b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e99df1dde496a9b1d527f42ebad1326daf87f9f02916f3eeaf5a15cb4c2a75c
8ece0a41e4b07278fd6ecc829a05e3d3b411dba94624d07a0d6a0685b74d4c30
9107398c2fa403ddef0f56b584304564266acf989ab923ca9583209bdf4a8cbd
9218308bf424adfef94dda17663543bafa6c08be7add810f55e6117ed7f859e1
9257ef931b3ee0d3c541c49c3607674fe9502abd7b3a6bba7bf29da7b4c69784
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
932e8d9d8faecf06bfa844fd478a2e09eb5eb1ddc59f2bcec782ecc793111e8e
93b48abe5054107a01d176b16197268ae60b5cc7ce2ee5194bdeb88877141608
93be8ddbb23d1694443dff8ffe3cb8c44fabd94c047ad2b1843a99fa825526f7
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94ffe00eb6662faae58b1e4a3e4540494f4521a9571e4bed9c24ed32c3856ff6
964e86255a32a489c8cbe788740b0c5d63fc932a6588ebe680d470990b3ae797
97b23f4bfc212fa1929927a02b7f7c6000c0e98afb07baea81ce3c535e5a84cf
97f6f81b224c70cf2431f07287d287446129697370b4419a9b82838be0ea0174
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9959c36e115a3e8dba7caf59fe4d03c54bbd516cbfabc58671e311c8c76c9666
9975ff0e6137c74a0053643791d89216fa075ac035a44382ed868098ac2f8fda
9d2ec0598937938f36ae4e9d7985dc92bd509a1eac38bfae8373b0b2d96bad5b
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9f759b9c210247f8b7d1abb09779090a64611c23b4fd0f6897403a304c4a2918
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a3ebab6da33110881c71f2f3c83a4bf38ccbfe420ebf826bc1c6f0270e470b
a0b0cff4bae393a5b94efb1c91f993736f339333e16bb6edcb9bcfd14f7269b4
a0eaf6cd9f09e0ed12e3fa8bce37a345ac9b9dfa28d5d330c6b30eb85c93a0b5
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b1102425c38f778aee8043d2062db8fb678999fec013d753dfa9f06d25a361
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a406e8da06f4cb11d23b86b3008959537ae6c1635aba5de32799b88f747bd56c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5fd1a25f402293e33942cbfc382bbc2d2b742b1b52138ef35b567dd2045b365
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab139b7250a454933b83a295f629f6c56d44cf1ecac8f27c4327d167086ac9f6
ab67033768d61c84f248cf3795efbb210feb236fc372932e2fbedcc13da695d9
ac42041ccb3443e77a059d17c8a9a4c76ac3ef9a3a2d35e89d522ad59a62f7bf
ad5f94be87fe755c865670f36943fd44ae7d998c9b375fbd06f7edbc077869b2
aed0d9fb93de57a64102d6371c83b90be512539ccfcfd3d7cdb4d8fc52c06c20
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b01621cbeef201165805547d9f7b02199874f79ed75e80c0755eed721d00277c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1965205fda1e8257cfdc4dd61dc2517362249fd4fc2812efa0a138523425917
b1d6b354ab13cbbcea16d475b9350daed3e94eed5c5d9e08f83b2a920f7c42da
b343bd580282a92cb70e7331cc98c4b62d93645bc001ecd5b4ba9010833e6318
b3e700020820fde9e293f3e87e16007297e0a180ab709c71e0b16ee2e988ba9b
b52ca543407fc590f39c962ede5c47ac114aef5be7cd2f981a6670aa0a367776
b7b3378a4fdf205a142962990682abcaa97551efae6a44d821dc421e123d471a
b8810362f5509e83db75bfb28196cbe078064603a802c1bc16ec4e76a69a014a
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd5179721d94a91a6e111283b0ad6bdf100a8bee572e7aaea06c6bccc76355b
bf35a972d564037b51aca92c22ec60826e399860d0533beaa010e0e9e7deced4
c094d299e384c4bf64987423a7581f0006d38dc0ed7a0eb2c7c53ab7694f02bc
c183acc0fe31e248080dbdcceaf797afb4991eab6b7c24569d96fc3a9c85884e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
c7043713e8183c7163ff0d6a918150cbf11949db40ec467caf15b5d25d61f2c8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caeaa6ccd0b218c39a5f0641be9aa26295385751fd0428c89e86141087a2aefd
cb1a3931285315f3f29222fa7d749d35159a6e93965078ab203bf574e96e340b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d25a7dedadc4c94d42538bd31a5df7bdaf8924a637fa70cc6b2cd82af066657b
d2c5a046133eff91fe9d05324b6dd89ecbb20e65af897d9ae544b1bb400ef6c2
d332cf2622397c38b7a63514e9760827517e286efbf93dc50a8f87f5b5054f7d
d70f2920926a72a408af0727c80a4549b91a5a82c359ceb62282b27e77846118
d771abd4d88077f4ea515fdbbfc54c6a31280f435a362e94979a3d11a830ad65
d81da5b3c89c04ce12944b1c8b9d90ebf9534584e9686107637d5ca3024d3733
d8ba32cac09d18b1eeafd39bd4e29e3a0d077f333ed722d9df37a4e58a67c6fd
dc4761d51d43cda5891e93dbed59f47d7409c78a6db7154ab46cb0deb941e1ef
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45cad52a2175422f57fae81eff1289c6721d2d663f6b3b4c10d81df546acab7
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e87bbe084d373a26b708609edadcd24e24a1cbc15cf4b5c8a6188b4a8a0159d5
e89d9d1551b6ddc146678adcccf15197fde8abcd4e2133b8f12b9e641cf7e304
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eb87ebdef2f4bdce4010d701c1ddaa7502d34a7842f1d51230bad3f3a0a90624
edd461e6527d473ce3438ac1bec54192670aa3256dee05514a81eb674807f7b3
edf5fedbad94ac6046aace9a3b873f6db378d6085dfcaeef481d6440385ec81d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd743d520e77a15a13c9ba3998858b507bf5cd33eaf2de4684c326222b06603
f1c66f438abd7f8ca6dfa1e780fcf4d708e88ddfd8074636e7b05f7878884c36
f1fe1159b7cc7333925fc190d7ac0d3451f3f4529c9ef663aa0f2688895f3a00
f2d8d67f44675c4810457429b1034974804e5715e2aba0c3f87d34c412b5c210
f49d026fc0dcc7589dd3558576031a8b0999e37d354be1a6e7edaaab50dc45c6
f4e390e1275c1057bcb8017a260f2d987a1e3f1055f4c8108383a89695dae1e1
f616abdc029b424aef85b23c59e8f4779bb26f618f44b0d2aeef4dbbc6022646
f78230b210b41eb72fe8d792d517b242ff7d9f809f262471867ac1e8d28668e0
f834375863424641f06c2ccc1dbab13ff684d8d5a1b4797bbb63cc82eef4e830
f87c7ed961f6b8eb75e95c29cff268ff1ce227b8564fbf2905e5935b314b53fb
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff7e063a80d58360cf27d076e7701c54c7096c9ae7531dc82fd355656035b61b
ffdbab777f01814b93bfba9f188b8ee5a450f6f56eafacd5c6a2e7d03aa0c4ff

eva.vn Open in urlscan Pro 125.212.247.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

371 Requests

87 %HTTPS

32 %IPv6

51 Domains

81 Subdomains

60 IPs

14 Countries

4283 kBTransfer

9912 kBSize

78 Cookies

12 Outgoing links

Page URL History

Redirected requests

371 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

eva.vn Open in urlscan Pro
125.212.247.2 Public Scan

Screenshot
Live screenshot

Full Image

371
Requests

87 %
HTTPS

32 %
IPv6

51
Domains

81
Subdomains

60
IPs

14
Countries

4283 kB
Transfer

9912 kB
Size

78
Cookies

371 HTTP transactions
6 data transactions