vloghealth.info Open in urlscan Pro
103.18.6.85 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Submission: On August 20 via api (August 20th 2023, 3:53:37 am UTC) from US — Scanned from DE

Summary HTTP 280 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 37 IPs in 10 countries across 33 domains to perform 280 HTTP transactions. The main IP is 103.18.6.85, located in Viet Nam and belongs to RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN. The main domain is vloghealth.info.
TLS certificate: Issued by R3 on July 2nd 2023. Valid for: 3 months.

This is the only time vloghealth.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	103.18.6.85 103.18.6.85	131392 (RUNSYSTEM...) (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
55	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4 22	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
10 32	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
5 11	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 8	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
4	2800:3f0:4003... 2800:3f0:4003:c01::78	15169 (GOOGLE) (GOOGLE)
1	64.233.184.157 64.233.184.157	15169 (GOOGLE) (GOOGLE)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:401e:28::7	15169 (GOOGLE) (GOOGLE)
1 2	52.51.98.172 52.51.98.172	16509 (AMAZON-02) (AMAZON-02)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
3 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:3875:a2f1:5d10:86ec	16509 (AMAZON-02) (AMAZON-02)
2 2	52.29.174.244 52.29.174.244	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	35.156.89.101 35.156.89.101	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	2600:9000:26d... 2600:9000:26da:f200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:1f18:1ac... 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72	14618 (AMAZON-AES) (AMAZON-AES)
6	52.218.121.50 52.218.121.50	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
280	37

15 103.18.6.85 (Viet Nam)

ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN)
PTR: v103-18-6-85.tenten.vn

vloghealth.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 172.217.16.194 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.64.148.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.52 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2800:3f0:4003:c01::78 (Santiago, Chile)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.184.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401e:28::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.98.172 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-98-172.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:3875:a2f1:5d10:86ec (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.174.244 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-174-244.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.89.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-89-101.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:26da:f200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.218.121.50 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

t2ocreaspalladium.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	1 MB
61	doubleclick.net 14 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 bid.g.doubleclick.net — Cisco Umbrella Rank: 1014 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	393 KB
32	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 352 gcdn.2mdn.net — Cisco Umbrella Rank: 1319 r2---sn-4g5ednsr.c.2mdn.net — Cisco Umbrella Rank: 603805	3 MB
19	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	255 KB
15	vloghealth.info vloghealth.info	1 MB
11	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	8 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	609 B
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73 imasdk.googleapis.com — Cisco Umbrella Rank: 600	138 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1105 static.adsafeprotected.com — Cisco Umbrella Rank: 751 dt.adsafeprotected.com — Cisco Umbrella Rank: 683	170 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	6 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	395 KB
6	amazonaws.com t2ocreaspalladium.s3-eu-west-1.amazonaws.com — Cisco Umbrella Rank: 219587	113 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 mts0.google.com — Cisco Umbrella Rank: 4390	38 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 720	3 KB
3	ctnsnet.com 3 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 48308	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1025 s.tribalfusion.com — Cisco Umbrella Rank: 2306	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1136	2 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 948	972 B
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 1009	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1080 r.turn.com — Cisco Umbrella Rank: 4432	869 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	140 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109 Failed	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 10006	556 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3533	104 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 745	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 372	146 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1279	732 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 964	544 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	90 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	3 KB
280	33

	Domain	Requested by
55	pagead2.googlesyndication.com	vloghealth.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
46	tpc.googlesyndication.com	googleads.g.doubleclick.net vloghealth.info tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net pagead2.googlesyndication.com
32	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net vloghealth.info
29	s0.2mdn.net	vloghealth.info s0.2mdn.net
22	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com vloghealth.info googleads.g.doubleclick.net
15	vloghealth.info	vloghealth.info
12	fonts.gstatic.com	fonts.googleapis.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
8	www.googleadservices.com	vloghealth.info
7	www.googletagservices.com	googleads.g.doubleclick.net vloghealth.info
7	fonts.googleapis.com	vloghealth.info googleads.g.doubleclick.net tpc.googlesyndication.com
6	t2ocreaspalladium.s3-eu-west-1.amazonaws.com	vloghealth.info s0.2mdn.net
6	googleads4.g.doubleclick.net	vloghealth.info
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	dt.adsafeprotected.com	googleads.g.doubleclick.net vloghealth.info
4	c1.adform.net	4 redirects
4	csi.gstatic.com	imasdk.googleapis.com
3	gcm.ctnsnet.com	3 redirects
3	www.gstatic.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	um.simpli.fi	2 redirects
2	fw.adsafeprotected.com	1 redirects vloghealth.info
2	r2---sn-4g5ednsr.c.2mdn.net	vloghealth.info
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	vloghealth.info www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	vloghealth.info
1	ad.turn.com	1 redirects
1	gcdn.2mdn.net	1 redirects
1	mts0.google.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	connect.facebook.net	vloghealth.info
1	cdnjs.cloudflare.com	vloghealth.info
280	49

This site contains links to these domains. Also see Links.

Domain
zalo.me
t.me
www.facebook.com
fmcpay.com
apps.apple.com
play.google.com
mampq.com
shopee.vn
blogebs.com

Subject Issuer	Validity	Valid
vloghealth.info R3	`2023-07-02` - `2023-09-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-08-01` - `2023-10-10`	2 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-07-10` - `2024-05-31`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Frame ID: 886A77DFFCAF4CF31BB51D061165CC30
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: 83F5C921B41906BF9C67556AC99B36FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&adk=1812271804&adf=3025194257&lmt=1692496407&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503608789&bpp=16&bdt=1310&idt=102&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1880312394348&frm=20&pv=2&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124
Frame ID: 556505D96D7D7A3F3559B1204CA5A0A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3652936444&adf=3626467606&pi=t.aa~a.3509071772~rp.2&w=940&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=940x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503608805&bpp=1&bdt=1325&idt=115&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdw6wxIJV9&p=https%3A//vloghealth.info&dtd=118
Frame ID: C90E6586797E45C3C0ECF3C25F8BC78E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=221283946&pi=t.aa~a.3830842726~i.33~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2326&idt=-M&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280&nras=3&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=z2Xt7n5OtL&p=https%3A//vloghealth.info&dtd=8
Frame ID: 31D7CAEC667D8FCFDB84F3B8E77639E6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12
Frame ID: C8DCD7AC7417F3B142F02E113334EC80
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Frame ID: 620C6307798C0AC8AC6A8E58747FE327
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 342AE32D68F732763F0D863A003E1FB6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4F826DF2243867ECC3BF22A2CF1E60E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 91CF96D54884515C88175D3FCDE98BA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: AF43475124389811C939CD931C9142F6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXZZoRZ5dvsoRmYOb-oxDxLiEzaASLMuC_FFI5ZaSr-n3obd5d6ygANl6qPWAMt1mnWdWyFjk-lgfuOUBC2dpHnHITg9t4M0myPAtvOFUbiyslMQ6Ir0c8mV2ZrIMd53q5HV8Xjtww9dnpS1ATshwW3WeZu17AEbQf0HSEjXasLW9M7BSU
Frame ID: 09109161BC2A9279E7FE475EB00335D7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A24FB6C551DC880758DB9EFBAB78FCEA
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNUtt6sE9i-HQQ5QdDUvB0bwsQZypwa12cBjV5o4hxIi5nOyRx8J6w1j1xyLPNg__7DqB2OD7y6PvPqPV1KgT4C7YpsEfz00Aj11iCh-AbL9aXNve4433OZXpntyP7-alrWRpsGwdphZDs-DtOWLXhFZ_7ZV4UMm7pVFqaVM7BhmrGaWGsE
Frame ID: AE73AC68A8D26751132CBE54C4632E84
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 3BC572AD5EF67E49AB4C2A6FEF9D5E6E
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: EF9195D27B48416F59B1BC6B1489A698
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 252969B8860FD4413C8D94C4BBB29088
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 1A07C46961085907CDFE50AE216A1001
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js
Frame ID: 436B34809ADDA49BB1D38FE9336909F2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNU-RCoi6hUbXlpYIhxhuBWuKAW9Pj0NHG72WQU-0eAvckIM6vDy4FwplejfZ4D3ABM3MTew_1IZm9XloSQO0gJmWTsiRaPOd2_BIMlPllChlgy29U2qNdz3X_5k4HdMfrgvZv-gXGM1GBJULlted4PJZmjOgB6xwKk0LQpQ7N2ymprPgpU
Frame ID: E5C6CCE7FAF9AB044E5C0DA730403466
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7A7170344B5D0F83E0647388EA3F4B2A
Requests: 24 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250
Frame ID: BA15BF29961D6AD49831CCA15005952A
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250
Frame ID: DFE1897269FF5BD5CEE391CF6BF6EEC9
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B5A0450D66456B7E7DCDB568E5DB358E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6A949095B773CF1A12256D6E5CAB504C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 92A8F2B4E94988BE04DF7DAE7FC47422
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3671E2FBB5EB9766EA5AA6F44A6E544C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8F53F1FF8BCD353C0601BF3893456FC5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 31776CDD8E7275BC524B755FD0E80448
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 5C1A3669098DFC8EB7DA4E5DD7D369D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FBF400ABC3963765B87FBE26DDB3FEFB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
Frame ID: 11FC76C74A95A4C926F87B07014A18D9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 7F94055D6C06655F2AE11E15E355E10B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 4B1F9F59A584FCE992C412FD1A25E6BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: A71F49A47D23ADF02568ECA9769B684D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: F819A6D6AD62000FE6AA0DBB246FFF15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B989F3F21F33EB0F18E9A846C6014962
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 428872C03290B13D4D3617F9900F4E7A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sàn fmcpay.com hướng dẫn đăng ký tài khoản và nhận 2500 FMC coin

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

280
Requests

86 %
HTTPS

55 %
IPv6

33
Domains

49
Subdomains

37
IPs

10
Countries

6762 kB
Transfer

12328 kB
Size

34
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://zalo.me/g/kvdckv096
Title: https://zalo.me/g/kvdckv096

Search URL Search Domain Scan URL

URL: https://t.me/blogebs
Title: https://t.me/blogebs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/573064361706169
Title: https://www.facebook.com/groups/573064361706169

Search URL Search Domain Scan URL

URL: https://fmcpay.com/auth/register?ref=871547662
Title: FCMPAY.COM/REGISTER

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/fmcpay/id1573381060#?platform=iphone
Title: https://apps.apple.com/us/app/fmcpay/id1573381060#?platform=iphone

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.bitcoinexc
Title: https://play.google.com/store/apps/details?id=com.bitcoinexc

Search URL Search Domain Scan URL

URL: http://mampq.com/
Title: Nước mắm phú quốc khải hoàn

Search URL Search Domain Scan URL

URL: https://shopee.vn/phuquockhaihoan
Title: Nước mắm phú quốc

Search URL Search Domain Scan URL

URL: https://blogebs.com/
Title: blogebs.com

Search URL Search Domain Scan URL

URL: https://zalo.me/0985039012
Title: Chat Zalo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=C913jOI7hZNi6Oqan78EPpc-54Ajtl6-obtq7_aTIEd_6taLbAhABILfLliNglQKgAcmeyaIDyAEJqQI9mh0vtj2yPqgDAcgDywSqBLYCT9AEdvFB8n1YEPASacDPZgVcpS_8pcM9E0jaSStjs-ir_Ile4YooPvF7SWNbcIlKc_Di7w85qUCOIRQ1fkIZMbWDfJHog2gZGFtuyebzmrPQaeFH81uTpYi1_p_fhd7zrKkHmHHGqr0KoeBg8LKYoAPpr5DhHib4oatGMSlQc5RTAMHvtJ8GXDVNCP5aENIOmeK_T7fBx4nbp-yfM0SQXq2_Fe4XeMTMVjBJ-xc2SiFNzjjAvL5Uk8dThWjIThtS7ItGQ2YfGw-uRz7Bl3tHSzlwOX2GwdsaKCZStZzSC0qLLrEIrY3jUJw33T7elAU8z1PZjdqeC_wV3xJR4TcNXK-oWuTHgQhhSKqrCARvwLriDI82IhFz8JOSPRFHujY4ggrQtzYWeTar3JWB64-IY8l0ALezPsAE4KOJ8bQDkgUECAQYAZIFBAgFGASgBi6AB5_htl2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCJqgTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk4aHR0cHM6Ly9zaG9wLnNjaHJhdWJlbi1zZWlkZWwuZGUvc2hvcC5waHA_Y2F0PTkzNjYyMDQ1NDiACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTgwMDYxMzk1NDA4OTEzNTAYAA&sigh=Ux4npbIXMHA&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWGjATZsUj7Z4uaEm55jGSk4OI7UvQZhgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214106818848566337587%22,%22debug_reporting%22:true,%22destination%22:%22https://schrauben-seidel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877809481%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214614010512818199377%22}&andc=true

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOGOOn77UtoCWe9hKgG9MQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOGOOn77UtoCWe9hKgG9MQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

Request Chain 99

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOGOOn77UtoCWe9hKgG9MQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOaNk5BCkhoVxMltY5VUaRA&google_cver=1

Request Chain 125

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

Request Chain 149

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/28592F7E1227A175C90A7D8154086D4AE6F54EAC.ABE07AC908A4357A75287FFF8DF4F89425C7D74C/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/58D95FE15A898A4ED11736DE4A47299507B20EE3.394182088C5200FEB5C03CF2096EDF47AF8EA364/key/cms1/cms_redirect/yes/mh/C5/mip/2a02:6ea0:c71b:0:1011:cb94:c9b0:818e/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1692503117/mv/u/mvi/2/pl/48/file/file.mp4

Request Chain 150

https://googleads.g.doubleclick.net/pagead/adview?ai=COZS4OI7hZJWTOvqC78EP5IqokAmIqLWictLb8fnWEZH3x_eDAhABILfLliNglQKgAdWU_scDyAEJqQI9mh0vtj2yPqgDAcgDy4SAgASqBLcCT9AxM47BUwrOcwirfZpYZo_0SWfrE_EeO2Klcyma4Wg8d6VkOW-dWfp5DFPW2_UkH1DKnxcfRe0dDhVqOA_roiwOGgWL3-VEYeYsvlCTu4_0VOru5eNDL7RyWDCCUNGSghWCLorxWtZgCaKE_0s-ChU8ZB6fKk5KzdG3usK3gdCvt8DPb5hKUACeqZDnEUOnZN12XepUQcxhD68eGaasVzxZaUbzniHOn6yjKtXEqsbuG4P6cxAryakMF8H70Gj0uVv-Aw7M2hISOJkoCrLefquuWmCOXidE_nT0hi47BF9lzpWTelkUvjAqSoihIU8UO8zLvkHr_VUcY4xTz55oI3Xw01wse5W7eQrR7ljl16rcu51XHa_4KgwQoMKARYELFPAML3-7MhgJVzTTQ64hXm-6aBX1AEHABMnRv4OtBJIFBAgEGAGSBQQIBRgEoAYugAe8v6kuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPSDCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSdodHRwczovL3d3dy5zdGVwc3RvbmUuZGUvZ2VoYWx0c3BsYW5lci-ACgHICwHYEwuIFALQFQGYFgGAFwGyFxwKGggAEhRwdWItODAwNjEzOTU0MDg5MTM1MBgA&sigh=AdazjqkhPKY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213529935382722177220%22,%22debug_reporting%22:true,%22destination%22:%22https://stepstone.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956271189%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22479249478669481153%22}&andc=true

Request Chain 187

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPeM3xtVsNqf1teTSaIx1H4&google_cver=1&google_push=AXcoOmRb6PZK_hr_BvpyoFlXZgdAekudUwn9s4dHoWwTqQe2ioAWiqGLX9wMBbjkDoiLc3gj207lElcI9D5eAN-fxlE25P48z9d_3Bw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUyMTM3MzgzNjY4MDk1NjgwMg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqGwAKo2wPVLr3Rh7zXUCo&google_cver=1

Request Chain 188

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECkeGeiZA1NIb0hrcKo4HT4&google_cver=1&google_push=AXcoOmTIMXhFwNKSLjBEVGa_7eMbtXayu0JoOEqNwqxG-r5qAjpRyhMFTCSwKnuoy4Y4kGuzn1dpiy5HVvDCG_eVvLg9_v8pbQz6288 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECkeGeiZA1NIb0hrcKo4HT4&google_push=AXcoOmTIMXhFwNKSLjBEVGa_7eMbtXayu0JoOEqNwqxG-r5qAjpRyhMFTCSwKnuoy4Y4kGuzn1dpiy5HVvDCG_eVvLg9_v8pbQz6288

Request Chain 189

https://um.simpli.fi/gp_match?google_gid=CAESEMhwINiRdEREZN4Q-wC-yKo&google_cver=1&google_push=AXcoOmRNxfm0hE4_YOD2GxdnQ1nXRUncPbS1zTrxcPrfO6Kg2e4SZGadE4fO-d_psGcG9wE0PswBcx_V26QFSZEBYWwtebt5i6b8s10 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmRNxfm0hE4_YOD2GxdnQ1nXRUncPbS1zTrxcPrfO6Kg2e4SZGadE4fO-d_psGcG9wE0PswBcx_V26QFSZEBYWwtebt5i6b8s10

Request Chain 190

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJNDNm78RnCRmhrDlSzePWA&google_cver=1&google_push=AXcoOmSqYDURAZy-fRdAsDOHYg9wLoZGA374AUVyNGsFABsbbC4WIwx-Oi0yDw-juTG7AmzhZQGM3_5U_le2eg7H0Dyhp9d8WTPpew HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEJNDNm78RnCRmhrDlSzePWA&google_cver=1&google_push=AXcoOmSqYDURAZy-fRdAsDOHYg9wLoZGA374AUVyNGsFABsbbC4WIwx-Oi0yDw-juTG7AmzhZQGM3_5U_le2eg7H0Dyhp9d8WTPpew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=fNswnIxFQbSsWQOAdthYJ2Thjjo

Request Chain 191

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELs82mAEPLUxwFhUXJVMskw&google_cver=1&google_push=AXcoOmTNZNogYYn5DU-9EBxjqUHfzzz2xkD_a-QBqeiIbtBcgr8QFzFeqkwEOj3iADcDX7J9C4iLtiXSnSuiVopKkRi17r7gPMJ3IvU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNZNogYYn5DU-9EBxjqUHfzzz2xkD_a-QBqeiIbtBcgr8QFzFeqkwEOj3iADcDX7J9C4iLtiXSnSuiVopKkRi17r7gPMJ3IvU&google_hm=Y3mnESRyTQuX2IlrGXRg8oY

Request Chain 192

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMNiOZX4eDV7Xz2xg5NrXuQ&google_cver=1&google_push=AXcoOmRCBNtZT7o3p5SmeKqXvZffyYYiNojucXoToi_hkb3jTL-kH109XaHshIfAbSkMk28WWZiondZMcKihYwcBZn5QVYIoncmq_Nw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmRCBNtZT7o3p5SmeKqXvZffyYYiNojucXoToi_hkb3jTL-kH109XaHshIfAbSkMk28WWZiondZMcKihYwcBZn5QVYIoncmq_Nw

Request Chain 193

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK1bO7e62pUUozbfLOFg7IM&google_cver=1&google_push=AXcoOmRmHdNwOEtjqmomsk6sn_rhR1RtZ7PT84OYfgrFcxmqrzDBdm1iKagOlnQtYjYOzGvtwGSwSJQW7x_6f90pXcBE0X_SM6J4ow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmHdNwOEtjqmomsk6sn_rhR1RtZ7PT84OYfgrFcxmqrzDBdm1iKagOlnQtYjYOzGvtwGSwSJQW7x_6f90pXcBE0X_SM6J4ow&google_hm=eS0zRFZBNTdKRTJwRV9ZaC5BTElYVW9kVU11Q2ExRmFybn5B

Request Chain 199

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cver=1&google_push=AXcoOmRn-UU0hITJ0tI-XXj6S247UyNjTcwYSGIHfx7GuGX0g1EbtRsHlmvczLy7OxCZ9NhT1Ix0Fhj4cUQ9h4N09kNLCckvNWPKDlg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cver=1&google_push=AXcoOmRn-UU0hITJ0tI-XXj6S247UyNjTcwYSGIHfx7GuGX0g1EbtRsHlmvczLy7OxCZ9NhT1Ix0Fhj4cUQ9h4N09kNLCckvNWPKDlg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REFtVk9Wc2UxUXh6dms1&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cver=1&google_push=AXcoOmRn-UU0hITJ0tI-XXj6S247UyNjTcwYSGIHfx7GuGX0g1EbtRsHlmvczLy7OxCZ9NhT1Ix0Fhj4cUQ9h4N09kNLCckvNWPKDlg

Request Chain 200

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKB7n5Ia6IWQ71H-h5IgBjw&google_cver=1&google_push=AXcoOmQaXOsK8gGRl-JQUEUUYzBoi2UoFW26K8YCgxoJnnd3f-HkyGDLXNd4Gp8O-OG5nWsApv-Um_RRJD_z_AwCy_wkIAIb-KzPCZM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQaXOsK8gGRl-JQUEUUYzBoi2UoFW26K8YCgxoJnnd3f-HkyGDLXNd4Gp8O-OG5nWsApv-Um_RRJD_z_AwCy_wkIAIb-KzPCZM

Request Chain 201

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN7BD6Gmew1c51IPqSYjyKc&google_cver=1&google_push=AXcoOmQ394n0JhiLnoJC9ApYPVBx5BaDRcZEQBqN8tO_W1026fmHmx1CFONLrOf-CuK_ovVCPCS81YfrTpJRSlFYv0ANxVckFUi68bE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ394n0JhiLnoJC9ApYPVBx5BaDRcZEQBqN8tO_W1026fmHmx1CFONLrOf-CuK_ovVCPCS81YfrTpJRSlFYv0ANxVckFUi68bE&google_hm=Y3mnESRyTQuX2IlrGXRg8oY

Request Chain 203

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKLV11Hds11iS8E6hPrHq4o&google_cver=1&google_push=AXcoOmQRG3wF3ONBqEVJvBue9WpXB0ENPq2VWIVsBu1C3alVDSj4hu7c6THaHXKNzthyDk3UEwoEntujUrR8wGiDGDnnwTsTl1DoJd8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRG3wF3ONBqEVJvBue9WpXB0ENPq2VWIVsBu1C3alVDSj4hu7c6THaHXKNzthyDk3UEwoEntujUrR8wGiDGDnnwTsTl1DoJd8&google_hm=eS1hZ1M0OGQ5RTJwRXpQdDczMW1QajRzQ25RcmczZ25DZX5B

Request Chain 205

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAdO3JBWyFj1kVCkE9VxJjA&google_cver=1&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhatKrA_5JKayOfIVhlvvuPKBjjoI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAdO3JBWyFj1kVCkE9VxJjA&google_cver=1&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhatKrA_5JKayOfIVhlvvuPKBjjoI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwMDM1Mzg1OTE5NjQ2MTYzNg&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhatKrA_5JKayOfIVhlvvuPKBjjoI

Request Chain 208

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF4xoELF7dU-1_J0yNHiTc4&google_cver=1&google_push=AXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4xoELF7dU-1_J0yNHiTc4&google_cver=1&google_push=AXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 209

https://um.simpli.fi/gp_match?google_gid=CAESEOmpThPKPR3U6xkrpOVfwd0&google_cver=1&google_push=AXcoOmTjwYPdVTRfe6Cj7ZM8vCEK8li1cNU7I8ZpkXdyoL1T58bvxDhJB6fQ1kYru1Knw7VKRkIMoFLiHPLKSF3D5J7nZ5tG7UTY2w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmTjwYPdVTRfe6Cj7ZM8vCEK8li1cNU7I8ZpkXdyoL1T58bvxDhJB6fQ1kYru1Knw7VKRkIMoFLiHPLKSF3D5J7nZ5tG7UTY2w

Request Chain 210

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDTt49KL8uYpAmEYx5l7US8&google_cver=1&google_push=AXcoOmS4VFuaKpG5aPP0JASwB69aOru45rBdFsvMC9kZhbWG51W8UMLwODury7i_A3jho6KRxYO0iSJ44t8ceIPjlkb57XHT0Qow1f0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS4VFuaKpG5aPP0JASwB69aOru45rBdFsvMC9kZhbWG51W8UMLwODury7i_A3jho6KRxYO0iSJ44t8ceIPjlkb57XHT0Qow1f0&google_hm=Y3mnESRyTQuX2IlrGXRg8oY

Request Chain 211

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENMMd-beHuFbuBwqvlDMhr4&google_cver=1&google_push=AXcoOmQsdFTvhespRwGoEJNURklj_AgpPQCctDqAGLWudEiLI75ixrOZ8Vq9KxPI3R_uirWZBYvnp0tnEZvogqGILyLOJAOb9emxRd4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmQsdFTvhespRwGoEJNURklj_AgpPQCctDqAGLWudEiLI75ixrOZ8Vq9KxPI3R_uirWZBYvnp0tnEZvogqGILyLOJAOb9emxRd4

Request Chain 212

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB2NHkueK2IOt-SGY-IrU_o&google_cver=1&google_push=AXcoOmT_enCCDgwVXuLu0eoRxU2Sm0YDjnwnWtz2ZkaqZdLXOu_iHNv9tMtGg7HlIEcI8IILIU_9aT8uAu8yQDJY8iRAPXeNywL4IM8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zdIXHIYhQxqO_mLfIFlAHQ2&google_push=AXcoOmT_enCCDgwVXuLu0eoRxU2Sm0YDjnwnWtz2ZkaqZdLXOu_iHNv9tMtGg7HlIEcI8IILIU_9aT8uAu8yQDJY8iRAPXeNywL4IM8

Request Chain 213

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELyV7oRRulmWSWveqORGqCM&google_cver=1&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc21ZuHKhfjvqZ0jVewlj1HKuPf4 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELyV7oRRulmWSWveqORGqCM&google_cver=1&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc21ZuHKhfjvqZ0jVewlj1HKuPf4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNjEzMTExNDMxOTIwNjcyMA&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc21ZuHKhfjvqZ0jVewlj1HKuPf4

Request Chain 219

https://googleads.g.doubleclick.net/pagead/adview?ai=CFbAZOY7hZLbwMtH6x_APnLeuoA7rv7akcKXb_JyjEfq0jPG-ARABILfLliNglYKAgJQHoAGXobzOAsgBCakCPZodL7Y9sj6oAwHIA8sEqgTBAk_QjW-yA8-eU0etyXTvMsjgadiqPbML1gqCCZtNqRVhwCrpCiC0HMN3kSGf4R5YMUMz5O3YMgObvBxrzXN66gdE9gA1-NtLxiztXL_SSpDouxfCg-fznPpSGXNJCDZ_pwaxnTLSMjNNrbepX-9Xjfr9BNjDxJFFGs8SSsW35Fpv-q_Sl9ld47FlzuflrI85ptR54Wb8xfmmuGl_6GbZGf4q16JG4XK4rvkzffKTcSt0fpCaukShhil8JTIrjZ4O6hy6HZiBqhLAMeiVqJFlrKFntKJYUvdYNCWfxKc7kN0ddKYFR1b2Ef0_GTPN_dIsiPe_PGCEEdtLuqyAQulkGDVr763fj0AQIFmOQbbv6nMyBzuWlSlq8hrU7EK-0Ihf6FRYjwZ-lEjv1shJ5HR6SW7KTDmecSZNmt6q2TKwAYzQ28AEyOKV0oMDkgUECAQYAZIFBAgFGASgBi6AB9Hew7EBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5PUZ0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJI2h0dHBzOi8vd3d3LmphbmRlci1idWNoZnVlaHJ1bmcuZGUvgAoByAsBuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi04MDA2MTM5NTQwODkxMzUwGAA&sigh=8qX3WgWA_tw&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWsRDpdGAoLnbdxcfZJm0leMNGWaXhDKVqIj5R_s_VvZZV3yXHBI7B-J8DFymSdNhm0xf5c1vrUBgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22598119739979209328%22,%22debug_reporting%22:true,%22destination%22:%22https://jander-buchfuehrung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22701436055%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213329147250238000145%22}&andc=true

Request Chain 220

https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-8006139540891350&ias_chanId=1&ias_placementId=20338656462&bidurl=https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gdJaZNp3h_Z-uG_X75LeHd&adContainerId=brand_safety_Oo7hZOPGGpbAx_APqtSYmAU&cbFunctionName=goog_wrapCb_Oo7hZOPGGpbAx_APqtSYmAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fvloghealth.info&adsafe_type=g&adsafe_url=https%3A%2F%2Fvloghealth.info%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8006139540891350%26output%3Dhtml%26h%3D600%26adk%3D3657419734%26adf%3D2368597302%26pi%3Dt.aa~a.3665119889~rp.4%26w%3D220%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1692496407%26rafmt%3D1%26to%3Dqs%26pwprc%3D3504796014%26format%3D220x600%26url%3Dhttps%253A%252F%252Fvloghealth.info%252Fkienthuc%252Fphan-mem-y-te%252F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1692503609822%26bpp%3D1%26bdt%3D2342%26idt%3D1%26shv%3Dr20230816%26mjsv%3Dm202308150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Db931e54a1e3d2f7f-2217cffb55de0016%253AT%253D1692503608%253ART%253D1692503608%253AS%253DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g%26gpic%3DUID%253D00000c647fb94090%253AT%253D1692503608%253ART%253D1692503608%253AS%253DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ%26prev_fmts%3D0x0%252C940x280%252C700x280%252C700x280%26nras%3D5%26correlator%3D1880312394348%26frm%3D20%26pv%3D1%26ga_vid%3D1336464146.1692503608%26ga_sid%3D1692503609%26ga_hid%3D2040907808%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1050%26ady%3D1512%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759926%252C44759842%252C44759875%252C31077018%252C31077086%252C31077148%252C44798934%252C31076998%26oid%3D2%26psts%3DAOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV%26pvsid%3D1777953992731972%26tmod%3D276692491%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26xpc%3DtGzvZYWubW%26p%3Dhttps%253A%2F%2Fvloghealth.info%26dtd%3D4&adsafe_type=bed&adsafe_jsinfo=,id:3646a265-9671-4450-7201-dd9895288155,c:lNTiYG,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7d74fbcfb-sl8qn,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tNruFrc+11%7C12%7C131%7C141%7C142%7C151%7C161*.990511-61634098%7C1611%7C1612%7C1711%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a1%7C1a2,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:20792964-3f0d-11ee-aa79-8e7264547a46,v:19.8.439,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Oo7hZOPGGpbAx_APqtSYmAU&cbFunctionName=goog_wrapCb_Oo7hZOPGGpbAx_APqtSYmAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js

Request Chain 239

https://googleads.g.doubleclick.net/pagead/adview?ai=C7ittOY7hZLmaM8WK1PIP-vis6A_I3eXgXp73n5GWCv3tpf2eGBABILfLliNglQKgAbPIotwDyAEJqQI9mh0vtj2yPqgDAcgDywSqBLYCT9CHNReZgXwKLnJX1FlVEjBoQPCtPMaQ0k_cILlZTrQ8MiKuKyo3XiYzoR3NJ-xwkk1kx-7-3L4lP7_2c0wxbxpkrW9ATT3b7Yi0dZ1cf9ZgFzHzx_5AWYv0MDbzSTkj23WRLi9XLChfwAzdwYY8uFgcYwCyb8f3dHy0m_nVbyo218m0FtT-w-QMlRUYIeUPJ5_AF9EG2e1dVzTapuLUyeNV7Ijd1JV8NEgtphL8STH5GThDwE4ts0DZjVTWN6sA6iyQAWrouumN23SMQ1MmDPHCIy-f7wvHMrT3G2slC-A3ZRBnul3ccTjhHVU0NRWXI5bW8_HZTy6BvAXrshxUbCaNZTdyQuOA9e-pbUBecg11Zx6EBimL-psSJVp0Xm38QVPxocNx3tgRJePu-02YcPYalgZYncAE4cPwtKcCkgUECAQYAZIFBAgFGASgBi6AB7W33SOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDcpAPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkZaHR0cHM6Ly9zaG9wLnRld2lwYWNrLmRlL4AKAcgLAdgTDYgUCNAVAYAXAbIXHAoaCAASFHB1Yi04MDA2MTM5NTQwODkxMzUwGAA&sigh=IGojqPGgSAI&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWEH6TuUzmICpBFueaIXD2wcNYq2uumGoWf6h0hv1tpvNTwJAscNOamS-gzx1buwrPKggQDK6IghgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213106045575446951893%22,%22debug_reporting%22:true,%22destination%22:%22https://tewipack.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22998810675%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229440922870419238561%22}&andc=true

280 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html Show response
vloghealth.info/kienthuc/phan-mem-y-te/ 29 KB
9 KB 1852ms
546ms Document
text/html 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed / PHP/7.4.33

Resource Hash

d1bcfa37b5cf37d6a77fdb9e21aea0314b48c9ecff28f2732e557f2113bd9274

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 20 Aug 2023 03:53:27 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
last-modified: Sun, 20 Aug 2023 03:53:27 GMT
permissions-policy: interest-cohort=()
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-content-powered-by: K2 v2.9.0 (by JoomlaWorks)
x-content-type-options: nosniff
x-logged-in: False
x-powered-by: PHP/7.4.33

GET
H2 200 simple-line-icons.min.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 11 KB
3 KB 36ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.min.css

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 299991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2037
last-modified: Thu, 22 Jun 2023 11:18:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942e1a-7f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFPgF%2FP41xsEjxw2jmZ9wLreiOiP0DgBgdJc6rwCn1CR6EVVIdDHZuzYymJ5oIJ1WmVXPCncOqkrckekT1NPDrBX2ybdlTt%2F%2BFNVNydL6u8nvnvwGYetME%2BfcNzhALIVkCSsLMVnnLkXUFiV3V2kDdhG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f97b07ae8a9380a-FRA
expires: Fri, 09 Aug 2024 03:53:27 GMT

GET
H2 200 k2.css
vloghealth.info/components/com_k2/css/ 50 KB
8 KB 242ms
239ms Stylesheet
text/css 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/components/com_k2/css/k2.css?v=2.9.0

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

d832b849909f01bf62c2f6fb3b2e6bd2251b528b3446befba8d1e1cc16686e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8386
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 template.css
vloghealth.info/templates/protostar/css/ 161 KB
23 KB 242ms
240ms Stylesheet
text/css 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/templates/protostar/css/template.css?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

7cad81b7a63b27b45370ed849a487870de63c8a67f48486918471e4c7d2dc38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:57:14 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23905
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 02:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:27 GMT

GET
H2 200 jquery.min.js Show response
vloghealth.info/media/jui/js/ 95 KB
32 KB 516ms
515ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/jui/js/jquery.min.js?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33158
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 jquery-noconflict.js Show response
vloghealth.info/media/jui/js/ 21 B
85 B 792ms
790ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/jui/js/jquery-noconflict.js?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:40 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 jquery-migrate.min.js Show response
vloghealth.info/media/jui/js/ 10 KB
4 KB 793ms
791ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/jui/js/jquery-migrate.min.js?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:40 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3823
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 k2.frontend.js Show response
vloghealth.info/media/k2/assets/js/ 8 KB
2 KB 793ms
791ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/k2/assets/js/k2.frontend.js?v=2.9.0&sitepath=/

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

60a528221a00ff8a44a3cc2ac787fdb2b7afb49c6a56ad7abb03425205f7fd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:58:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2162
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 caption.js Show response
vloghealth.info/media/system/js/ 491 B
348 B 793ms
792ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/system/js/caption.js?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:50 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 292
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 bootstrap.min.js Show response
vloghealth.info/media/jui/js/ 28 KB
7 KB 794ms
792ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/jui/js/bootstrap.min.js?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:40 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7400
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 template.js Show response
vloghealth.info/templates/protostar/js/ 2 KB
800 B 794ms
793ms Script
application/x-javascript 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/templates/protostar/js/template.js?d751830ee06272c31f91c9553f14f523

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

7b26c692500dd71cbd9b8d7e801152aa89394511bbe0e191f79aedef0951564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:57:15 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 743
expires: Sun, 27 Aug 2023 03:53:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136430633-1

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4c9ba03ff92e0ac7a82d54ff27af8c9d71838a92ba5b1df9aeac450d02173c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 20 Aug 2023 03:53:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 451ms
423ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8006139540891350

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63a1d8c15fbd19a171f2b23ea423e623da97a64a90c9ebbb62e3d28f17729319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Origin: https://vloghealth.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51276
x-xss-protection: 0
server: cafe
etag: 9959112253664325940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:28 GMT

GET
H2 200 FMCPAY.png
vloghealth.info/images/2023/ 294 KB
294 KB 1058ms
1057ms Image
image/png 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vloghealth.info/images/2023/FMCPAY.png

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

3a3e70bf8ab8f5aefa42665811f04886eca4b95fa5cfa5ea53483a9674a97ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jun 2023 03:19:49 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 300755
expires: Sun, 27 Aug 2023 03:53:28 GMT

GET
H2 200 FMCPAY1.jpg
vloghealth.info/images/2023/ 410 KB
410 KB 247ms
247ms Image
image/jpeg 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vloghealth.info/images/2023/FMCPAY1.jpg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

1a0428ac4022ee1232f27fed6a5d4da66aa03135bbd127d5ab91ffc50223507d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jun 2023 03:35:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 419735
expires: Sun, 27 Aug 2023 03:53:28 GMT

GET
H2 200 FMCPAY2.jpg
vloghealth.info/images/2023/ 226 KB
226 KB 247ms
247ms Image
image/jpeg 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vloghealth.info/images/2023/FMCPAY2.jpg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

fd83cdf0ae5bb40aba74b612cce8a676245fd01b4448a56ddcee9c6b423a2cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Jun 2023 03:35:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 231346
expires: Sun, 27 Aug 2023 03:53:28 GMT

GET
H2 200 arrow.png
vloghealth.info/media/system/images/ 107 B
216 B 244ms
244ms Image
image/png 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vloghealth.info/media/system/images/arrow.png

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

1f52c94170d531a2e706e6eba721d81bffc13847e1873592f729ff49acf58d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:49 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 107
expires: Sun, 27 Aug 2023 03:53:28 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/vi_VN/sdk/ 316 KB
90 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6db68b1787b45ecc4f37bddbb0d9af13f4b796a86eb03aa56f4b73f894224a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 03:53:28 GMT
content-md5: jDgqpj8DgtR8Y77WORZD+A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91399
x-fb-debug: KfnB5giqrbbeIr8yO5qZRx4ROdIY2HKA+s7cazJRKvoNn5n6uxt5XdXNytIoSn8Q8nZde7+5LnohM1AiZcMKQA==
x-fb-content-md5: f962ce355c2b6e40e55dc7a906a624b3
cross-origin-opener-policy: same-origin-allow-popups
etag: "ad88bc5ff005bb9ddfc40eba5a68001f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 20 Aug 2023 04:12:15 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
19 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vloghealth.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:04:28 GMT
x-content-type-options: nosniff
age: 78540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:04:28 GMT

GET
H2 200 IcoMoon.woff
vloghealth.info/media/jui/fonts/ 25 KB
25 KB 1049ms
1049ms Font
font/woff 103.18.6.85
RUNSYSTEM-AS-VN G...

General

Check archive.org

Show headers Download Go to

Full URL

https://vloghealth.info/media/jui/fonts/IcoMoon.woff

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/templates/protostar/css/template.css?d751830ee06272c31f91c9553f14f523

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

103.18.6.85 , Viet Nam, ASN131392 (RUNSYSTEM-AS-VN GMO-Z.com Runsystem Joint Stock Company, VN),

Reverse DNS

v103-18-6-85.tenten.vn

Software

LiteSpeed /

Resource Hash

6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vloghealth.info/templates/protostar/css/template.css?d751830ee06272c31f91c9553f14f523
Origin: https://vloghealth.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 09:56:39 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25424
expires: Sun, 27 Aug 2023 03:53:28 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
fonts.gstatic.com/s/opensans/v35/ 15 KB
15 KB 27ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vloghealth.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:04:15 GMT
x-content-type-options: nosniff
age: 71353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 08:04:15 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
fonts.gstatic.com/s/opensans/v35/ 8 KB
9 KB 29ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984b36638622206bececefd75641ed6c9a8bcf92f8197edbb0731b5f47d5c91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://vloghealth.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:46:31 GMT
x-content-type-options: nosniff
age: 22017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8692
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:46:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 207 KB
75 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CCDFNY4QMZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136430633-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

380d8e4506bbd779ec4338cb2da7f992ac80d2b4823881307f343847fc869ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76291
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 20 Aug 2023 03:53:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136430633-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 20 Aug 2023 03:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 225
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 20 Aug 2023 05:49:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2040907808&t=pageview&_s=1&dl=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&ul=en-us&de=UTF-8&dt=S%C3%A0n%20fmcpay.com%20h%C6%B0%E1%BB%9Bng%20d%E1%BA%ABn%20%C4%91%C4%83ng%20k%C3%BD%20t%C3%A0i%20kho%E1%BA%A3n%20v%C3%A0%20nh%E1%BA%ADn%202500%20FMC%20coin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=745996259&gjid=1641360999&cid=1336464146.1692503608&tid=UA-136430633-1&_gid=645479993.1692503608&_r=1&gtm=457e38g0&jsscut=1&z=3187778

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vloghealth.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vloghealth.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CCDFNY4QMZ&gtm=45je38g0&_p=2040907808&cid=1336464146.1692503608&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692503608&sct=1&seg=0&dl=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&dt=S%C3%A0n%20fmcpay.com%20h%C6%B0%E1%BB%9Bng%20d%E1%BA%ABn%20%C4%91%C4%83ng%20k%C3%BD%20t%C3%A0i%20kho%E1%BA%A3n%20v%C3%A0%20nh%E1%BA%ADn%202500%20FMC%20coin&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CCDFNY4QMZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vloghealth.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 64ms
49ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8006139540891350&plah=vloghealth.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8006139540891350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14ef99d61c8b4ddf98b4b54d0b17b488ba16257f2debba199eb4a7b9e3e9daf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134727
x-xss-protection: 0
server: cafe
etag: 8721884604331825488
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 83F5 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8006139540891350

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:24:55 GMT
etag: 13776922816869014096
expires: Sun, 03 Sep 2023 03:24:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
609 B 36ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=vloghealth.info&callback=_gfp_s_&client=ca-pub-8006139540891350

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8006139540891350&plah=vloghealth.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96040f72253808ce9bcfb2d6edaf95e78c323acb8cc7c16ccd210e25fa6b3821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5565 396 KB
93 KB 823ms
822ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&adk=1812271804&adf=3025194257&lmt=1692496407&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503608789&bpp=16&bdt=1310&idt=102&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1880312394348&frm=20&pv=2&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=124

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9efe85cf7fc9bb70b19e38c4d0e9e9e07ffd444a8ce7f15d706717bf6c074e40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 94694
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:29 GMT
expires: Sun, 20 Aug 2023 03:53:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C90E 111 KB
39 KB 778ms
778ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3652936444&adf=3626467606&pi=t.aa~a.3509071772~rp.2&w=940&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=940x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503608805&bpp=1&bdt=1325&idt=115&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdw6wxIJV9&p=https%3A//vloghealth.info&dtd=118

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c455c50524c9dcf34ccdc12b89f7532288e940724738154e22ee086b65ea81cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39337
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:29 GMT
expires: Sun, 20 Aug 2023 03:53:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C90E 6 KB
802 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3652936444&adf=3626467606&pi=t.aa~a.3509071772~rp.2&w=940&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=940x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503608805&bpp=1&bdt=1325&idt=115&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=cdw6wxIJV9&p=https%3A//vloghealth.info&dtd=118

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 02:08:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C90E 2 KB
973 B 31ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51904
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:25 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10398434763005018658/ Frame C90E 68 KB
69 KB 25ms
13ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10398434763005018658/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfeb25fe57eaf2f3081ec2e27e4691dc43d89e338c6e722e6bd9a43ff7e23ae0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 23:01:53 GMT
x-content-type-options: nosniff
age: 363096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69981
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 05:08:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 23:01:53 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame C90E 23 KB
9 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C90E 3 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C90E 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C90E 180 KB
57 KB 52ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:29 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame C90E 35 KB
15 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 154 KB
52 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd92196a44e69caa066795f3228a086317acd900606b1def2ea389f8ae349218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53679
x-xss-protection: 0
server: cafe
etag: 8485319197070222144
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:29 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 31D7 157 KB
47 KB 516ms
515ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=221283946&pi=t.aa~a.3830842726~i.33~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2326&idt=-M&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280&nras=3&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=z2Xt7n5OtL&p=https%3A//vloghealth.info&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0110b2cd7ca78bb622eff230b5a3af534cbcd103d131a076d00f9636780b51ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48566
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Sun, 20 Aug 2023 03:53:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8DC 129 KB
43 KB 655ms
655ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

560ca1048cffb3558d5661135c4151971b0de9682222a52661b7c3929f0dc4db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43816
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Sun, 20 Aug 2023 03:53:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 620C 28 KB
12 KB 361ms
361ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

635c51c92b36acdd4d15fd3b09171048c980a7415646b7e6754dcf188aa26701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11913
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Sun, 20 Aug 2023 03:53:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C90E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3429db503984bb93017706ff3d950d5d4e50c105d28fd34abd93c6f386afaf87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 342A 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 4F82 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 91CF 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame AF43 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 12:24:29 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 12:24:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C90E 15 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 60312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 11:08:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C90E 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:21:37 GMT
x-content-type-options: nosniff
age: 394312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 14:21:37 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C90E 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 279913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C90E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C913jOI7hZNi6Oqan78EPpc-54Ajtl6-obtq7_aTIEd_6taLbAhABILfLliNglQKgAcmeyaIDyAEJqQI9mh0vtj2yPqgDAcgDywSqBLYCT9AEdvFB8n1YEPASacDPZgVcpS_8pcM9E0jaSSt...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214106818848566337587%22,%22debug_reporting%22:true,%22destination%22:%22https://schrauben-seidel.de%22,%22event_report_win...

0
0

56ms
40ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214106818848566337587%22,%22debug_reporting%22:true,%22destination%22:%22https://schrauben-seidel.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877809481%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214614010512818199377%22}&andc=true

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14106818848566337587","debug_reporting":true,"destination":"https://schrauben-seidel.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877809481"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"14614010512818199377"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14106818848566337587","debug_reporting":true,"destination":"https://schrauben-seidel.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877809481"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"14614010512818199377"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 342A 4 KB
671 B 21ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 02:12:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 342A 15 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6441
x-xss-protection: 0
server: cafe
etag: 6802313557646952851
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 15:18:32 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 342A 20 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8570
x-xss-protection: 0
server: cafe
etag: 11167480076894372452
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:51:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0910 624 B
246 B 33ms
26ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXZZoRZ5dvsoRmYOb-oxDxLiEzaASLMuC_FFI5ZaSr-n3obd5d6ygANl6qPWAMt1mnWdWyFjk-lgfuOUBC2dpHnHITg9t4M0myPAtvOFUbiyslMQ6Ir0c8mV2ZrIMd53q5HV8Xjtww9dnpS1ATshwW3WeZu17AEbQf0HSEjXasLW9M7BSU

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Sun, 20 Aug 2023 03:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A24F 86 KB
29 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A24F 3 KB
1 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A24F 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A24F 180 KB
56 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A24F 42 B
63 B 43ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CV6OAbGc_xrHRnTh0bcE7SUMjqM7i68GrjtrbDvlVp7UVMHqLyywHX8Q6mYgt26JQeV4iQK9aSzfugC6H1CV7zN6hx0KZiionjkLfZNqS5_SWLxP8

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A24F 0
20 B 43ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6220509865433718040&x=1&ct=76

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE73 624 B
242 B 20ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNUtt6sE9i-HQQ5QdDUvB0bwsQZypwa12cBjV5o4hxIi5nOyRx8J6w1j1xyLPNg__7DqB2OD7y6PvPqPV1KgT4C7YpsEfz00Aj11iCh-AbL9aXNve4433OZXpntyP7-alrWRpsGwdphZDs-DtOWLXhFZ_7ZV4UMm7pVFqaVM7BhmrGaWGsE

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3BC5 86 KB
29 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 3BC5 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 3BC5 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BC5 180 KB
56 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC5 42 B
63 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ADvtQG75YJX_jC4BbNaqftl7mj-VcmzaTQp0OH7PssLyjSMRHm_k1Mpc_69lxHfRfVsfMScrp-nXDp4tiOU6z0RzcaEDOMeof9qIEwt03lc4Ic6xc

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC5 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9037551511862266285&x=1&ct=76

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame EF91 4 KB
1 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 08:03:39 GMT
etag: 11900953634711111692
expires: Sun, 20 Aug 2023 08:03:39 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame AF43 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2529 143 B
166 B 9ms
8ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame AF43 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame AF43 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A07 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 80ms
41ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 03:53:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0910
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1

43 B
740 B

25ms
24ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXZZoRZ5dvsoRmYOb-oxDxLiEzaASLMuC_FFI5ZaSr-n3obd5d6ygANl6qPWAMt1mnWdWyFjk-lgfuOUBC2dpHnHITg9t4M0myPAtvOFUbiyslMQ6Ir0c8mV2ZrIMd53q5HV8Xjtww9dnpS1ATshwW3WeZu17AEbQf0HSEjXasLW9M7BSU
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Fa8qL63xt8tDLcoriKRLtU0YFbbm%2F%2BW79FKBhfIbjzcaBq7qv9aw8bMPphIk8pXHcVPB4%2Bjkgf%2Fh%2FtmqxNwgRB34RHei0FKyPIniKieOMpIz8IJXAEqjyLWYPcf8qEZNaTxZ99%2FJZPf%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7f97b08bced0366d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0910
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOGOOn77UtoCWe9hKgG9MQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1

43 B
739 B

22ms
22ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXZZoRZ5dvsoRmYOb-oxDxLiEzaASLMuC_FFI5ZaSr-n3obd5d6ygANl6qPWAMt1mnWdWyFjk-lgfuOUBC2dpHnHITg9t4M0myPAtvOFUbiyslMQ6Ir0c8mV2ZrIMd53q5HV8Xjtww9dnpS1ATshwW3WeZu17AEbQf0HSEjXasLW9M7BSU
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2ozuhNiV55ywlyxpt51zQ1yNAGs4Tf%2BkFhA6O%2FCjvl0REB%2F6puHaXGEV18m%2BUU7RvMY9aCvTjMywv%2BbS1L%2FKAylPtGQ7AOILVizBGKJ%2BBn5iYsNPVvC6JafpLyuKhau3dRgNbZbz7kqMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7f97b08c7f5a366d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 0910
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1

43 B
848 B

7ms
6ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNXZZoRZ5dvsoRmYOb-oxDxLiEzaASLMuC_FFI5ZaSr-n3obd5d6ygANl6qPWAMt1mnWdWyFjk-lgfuOUBC2dpHnHITg9t4M0myPAtvOFUbiyslMQ6Ir0c8mV2ZrIMd53q5HV8Xjtww9dnpS1ATshwW3WeZu17AEbQf0HSEjXasLW9M7BSU

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
an-x-request-uuid: fbeb5467-a642-4174-9369-05b37b5b7be1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0910
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

170 B
232 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
an-x-request-uuid: 201c659c-7d30-48fd-8787-abae53cbf175
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1

43 B
740 B

24ms
24ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNUtt6sE9i-HQQ5QdDUvB0bwsQZypwa12cBjV5o4hxIi5nOyRx8J6w1j1xyLPNg__7DqB2OD7y6PvPqPV1KgT4C7YpsEfz00Aj11iCh-AbL9aXNve4433OZXpntyP7-alrWRpsGwdphZDs-DtOWLXhFZ_7ZV4UMm7pVFqaVM7BhmrGaWGsE
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQU2Ob89tS0BG5KAPUPWKa%2B3MRM%2FxtnsexyK1RN%2FsyHm5NX6s6j%2Bg%2BuLrKqp6a0eW6xPr03UiP%2F%2FXjmB%2FsWYy%2FQvQE0ntgr09spYSbfn7d4TMLh2YcciuyxxLhXsV3k5qHL007KKqBEfEw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7f97b08bced1366d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFciWluYo3IZAfJanNTK7k8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE73
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOGOOn77UtoCWe9hKgG9MQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1

43 B
733 B

23ms
22ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNUtt6sE9i-HQQ5QdDUvB0bwsQZypwa12cBjV5o4hxIi5nOyRx8J6w1j1xyLPNg__7DqB2OD7y6PvPqPV1KgT4C7YpsEfz00Aj11iCh-AbL9aXNve4433OZXpntyP7-alrWRpsGwdphZDs-DtOWLXhFZ_7ZV4UMm7pVFqaVM7BhmrGaWGsE
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhAtkYHkOXzUX5beFOyDc3F8MRlT6X2N7YII38PmgdxZWMf8gFOYfmelK2DdYQbVvpIhUQeoVWyXCJaZ33G%2FShkJHEVSVEDrUfabU%2FigADz2BSSnS58tLbniZP1JHTP71shAhbYSjyBZ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7f97b08ccf94366d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELziDLLTPrU688OAvs55BX8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AE73
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1

43 B
847 B

7ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChD_ljkYpd7A3QEwAQ&v=APEucNUtt6sE9i-HQQ5QdDUvB0bwsQZypwa12cBjV5o4hxIi5nOyRx8J6w1j1xyLPNg__7DqB2OD7y6PvPqPV1KgT4C7YpsEfz00Aj11iCh-AbL9aXNve4433OZXpntyP7-alrWRpsGwdphZDs-DtOWLXhFZ_7ZV4UMm7pVFqaVM7BhmrGaWGsE

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
an-x-request-uuid: f7adbb25-eb14-4f6f-b9b6-4ce5ccefa095
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIf5HIBg89cAqK5OqGfQ080&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AE73
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

170 B
243 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
an-x-request-uuid: b0aee904-a38b-4eaf-ba89-64ed17abe552
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EF91 74 KB
25 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Aug 2023 08:03:40 GMT

GET
H3 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame EF91 199 KB
65 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Aug 2023 08:03:40 GMT

GET
H3 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame EF91 11 KB
2 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71390
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 20 Aug 2023 08:03:40 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A24F 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8612629826415&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A24F 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8612629826415&version=m202307240101&ct=76&x=1&cor=6220509865433718000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A24F 91 KB
37 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BokgPFwky8Em8tM6BGXGjKN96B0FHH0E1MdUrJwphKXRBMwU0huCXcNMyjgko8yalEyDJb_D7SROAq1dhJaWOuONOEdLRESsZ8ueSp197UjcYCSBvawROuJEcDtOiJtno3alQUJACKvoZz4LfJc_UDq3DcqIUwvtCfs9oBLv0qmJzju48&dbm_d=AKAmf-C00oLOv72LWAt3Nzl1pD4HCQaL_2xMxaFfB27EUB2CuEK59uJaOTW7YkPzQNjMHP0Sv1OOPPCqHM6_cjJtu3PsmI3-b37b3pOU1_aHJrARCpNKEjnxjSK6DvoFVA-_sr4Y2juCeEF_8iqG2lXsieWD_sq3OW8QBnnGINyC8nv4YIZb00Qc6sQoLAbGBQlUgt8jF4wjDehbUGGE5uO4fBHZULAT7jYDZ_5znhN1yAdvKRXHFCk0OsQ8uIFw8ipeL_B1Xhg6tSIhbIsW6yjf9vfrBcRh9lqSi7cLPYHG7PVPtGVQEEJoMSu2NZBvDNPS5IXVmICeRYEx5K3GCI2Z5uujgDAUzJddRilOecvzSvBMmBjVoUfUK3VU3wN4ET0uT66uSxyBhW6g7haK5lbyRJOLpQx6ZVByD7LOdlA_d7Jq_iPCSIf6aCdBicgbGCbJ4Ku8LnItgNIsmhanwhVaQL5kK352v-v7D6LvptM9Wr_WbkOXo1lpXXfL6oxLwQCSSzCYhsCzRP5IZ0ZsDqIjxFFHKEjz41LZ_nOClzRJPRwnmn4lZSTtJzJksBd5Fb5qllRzIHfk-6P0qYyNjpTCa7kw5ejncOGvxu7f5dhEFwA49QYcKzCa3wM-ZycTPGMNRyozbT_Yk9AzQDHX8OzqHkq__ScFbgXJrYLgjJOiUJhVDtIdYZbJxHMArN-LCX8eZuXHriFBM0_PQUby5uEZXZL8kAGt3Vu6HM1VZO5vU8lcv21cfetayhuOYRuWxgLJj8V9fU9YrONekTjMPDDw9vZKx9QY1iGhRS6VHfAYED_FvwqELSvgg8cJYG1CbOn5E0vWmXsUAfucqvhHKLRKiByEFHjEAzUCYEZYYWyzjx2QJL7jviqXwg8FsUb6JUS4_ga8nwsyJgKDE3H6UBZNJg3hEzstqa7YNBxBq_Mjr6KtZMuV8l8DGhN3uPyp44WWhFkpDAux0TaqqMFhwkZhAeL3NHbA7zlqNhLbm1rolVbCi5q7ny1qiR_DOYei8yxoLp0Aj4bUzJvfquu_jHFiDC5mdpjtsWi11XKZW2qETZhxJamGfP240mNgIlmr5hpeZ65qkW5OpCmXRpQNQ-4R7JJx2GMRPzP5Yfre3AZ_G-OjcaUKfovatI_-pOCtjfjSPd0EqSAfsv3KeYtlv38TDa4o-DnDP1wMdSIebQ6Bdbe5dT122lNjWkJSGTsCeg9TnoWjufZRdKVBgRutoouH4sMB8lAXI6rBnxgGyaJ9NPO96-gwsHvkGwccieCCNxFgLaC4gDDiVUn7g92T2Z6smh0z7M8kgQbhB6Cv_Ah2wNE4ixP2UJvVQRal3bRPg7SGqP-Qct2IF9U2Rnl4MGd8Hd8b9IHZRgG9f_H3BR6ky2YAWRL6mCq0skMS5-78N0g5mwOymwN0fmyaSNYwBZ8Oduk4eMKklDcevLaanky67HkC5_oNY8UB3ItHUHFzN-Hy9Vwcy-g0imiaISBOtrKK5hvruZJtkJGrW14IJ3PHoJEy0bAwqe5IjRihCCPuH5YB6SomYBWJnrzbhjLVn9wxAP9SdCgHSBERCoVf8rh87gkvHCzMAY79XIo4AUz3WD3JNL3vVMy9CIoHF4LHH40rUP3xOG65Rnlp9Bg3_KxNgGMhbe3RDR2_9-ipEIQo4qjlI2Z8wtO6479s0zVkKf0yysdHHnksqh8f_0vqfx7q-lqqvRdPOB7KLVd1tyfWN3hLp1cTCB5uvIqnOE_JgccVtSXvzj9MPcN_UHxKN08i6nR5RHjkjx9MFLxyK6jH_Qb8QRcnCYdN7YaFJqemQjJ3KuEf0q4dj29pjjgxxfpQqv7ytLnsURi_0bphHNJeyOY2o8VvH092zhghPT4cmDZqc5MnErddFgTScjz-CaMwh-TszuMN2wxzJw4EByxMqJ2-NIKj1H8KwH1o0Y1GXeppOlbLtFBsoNKMrIuTDvdjW8E8FMy0a3Q7lLsztVEoAZMIQcqOtxPp7zZtVYqEaNGeCyZtMDUa-lYRSDWs9CnO_dlpvbc5zxLbkfTvFVJKs2cLagy98zhsTuCJlAnU2kNl90EkxXnSRRYiXvSqThpkO8U90rh2dibG_Y4xpJSFIvdzOF253f7jdXVu1qvE-YFR7Pvo01DPL8e1JdFwM9ohvLQEoesWhacyIXYXSyz476YC4yAgWn2Znk94RaWiZywkKwrlBflxHuF0tSH2YbdvV2uh5IIXoIilPAXJNBlpxDmVrWuPkFugjRYCZ-YcTN225nnFJfOQCGC5dKfv0LJH2GmMJR7AwVJwaVByPSpO9-s5bvLfPw7hOkX8ZpnKWM51lLgItVkCc-ykuvJLvamOA0717tXqLUfgbinsko99ujI8pbCHTmmdswloShcWl_caZImc4AQ8ryuFaxcCg-CymRb02mczlPcqZn1jYOFfkYYsewGLx0druRk2wMvrFza8PmN6IA7ogMivcJOM7w_Tg-WansFBdZOoXrpQIQ0E80RS2Vv-TBiKa_ccQynlaM3XcZN8S2VrLhu-3eC3flM-0vkrv8v7HPrNoPricIOX8v2Y7vaGgoQwOfoE7MZn76aU6lEjZSmlLEzNfrt-0ocdghd6BC1uM_2X7_NCKeCTyxiiNseK9MHuGH_BfLa3p8BnT8Q3YKwyzxUA6emhh2CFcN5C5ojKv8wPG7_uLGZiGdV_Uett4P_ERGOh-pzljW54BlpScKNj2Z2QXkI1TQJbeL_y0S3SNbmvIGjHaYwcytgcbe6U6RAsYY8MJJnWnZdLmuowG-VeV4qm0BOz_pY5SqsRD-F5Nx3qy7N1jn9YxSHIEp0dvyfP5zzgJSS4-LTReq-7W9Ospq30s5_aXeXECaEzHVfXMTzfqUG0fNXiLRSYCMwxInb7gM-tYUn5QdE6dXz2gkhMUZFJxhfeppstrGwKeaGZljxgyfK-8OdOKjHGxj6VyUkiakpjp8R-ElntTs3cwam7aJPYW8P7OL8Izt8Lyvi4ZNhTnjxadLnXupF_Wf8Codc_BiLIF2WddwRnxDiJeLr3gN2z5gm3CSOPRjff_DOjPTclAvE6lIikW2RAXj6rQgQv4sb0lrCbsG7JxNO8wgePaf5sC8Et1U06tAo4VPsdACg4kQSzv7e4fqWAlxnJbU0yzTlT1BCH4irfEcfTll5sV3tu0C3MuBuTOIFELQz85b-hjtvcTM-DeJQ1MrB-lF0SEp5fCSjaSI4_qWX7t97GT5F2Zv23qLUP8Zjp-T9ModWM9E_3wgVYl3MOzI5-lDb4zfp4I3yMDDy3GANdh2dxBCfdsmRXkAcUZPRCDPw_CzzrAlfX-iggTWZQVefYfTXTKYm6kR34LI07xia8rXLDGNS0iW3RrsB4ZP4rAmXdoZ6WY13K-MMT3b7svwDd_482h8fjLWGdKrgaPYUYqdVF_l3CJdFFgk4rWTU9UHzxzzMPSMOm4gHv0L06LaddOQ6cmUMjrV35_NClNzLsYkQNaE4wFClF2gUYcx3Dbck0uQBoevJOO8VwYpdZ4P5hiLgzqugwWiyM57YqKzL2b2DkqEMYTMBWJwWJmpoaKO4Fj5-_7AkiHs1jI8aqzde-hglOOYYq-u60XiErA6ln9z7tpxGpPnGnYMCY36_9RmOy31cKTgVwzhzMOvx0bRJCRjh2zQcTU4Lr1Z5cj0o-k-eQsGv4bnFbY5TxpPa3H0WsTxg2WLR6c-8y1PDCW7oEKyMSD4jsT0W_F_Ww5-7sMQjlxyP3YyBcYIdVmfzRQ5OsrRiGLVcwvI4T-87Vmt1yzNj_C7Z7J5jvoT1i0OR32fRd2w&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fvloghealth.info%2F&ds=l&xdt=1&iif=1&cor=6220509865433718000&adk=1877897943&idt=32&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd1a27dc42b6df8682e3322049647aae8847ddbc4d488b6af49e7cf12e2d85c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 436B 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 436B 8 KB
750 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 02:16:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 436B 15 KB
3 KB 56ms
7ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 19:19:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376427
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 19:19:43 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 436B 368 KB
128 KB 57ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 18:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 18:22:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 436B 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC5 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5473217271812&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC5 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5473217271812&version=m202307240101&ct=76&x=1&cor=9037551511862266000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3BC5 91 KB
37 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Do3TK5NAVkGKIDpLtOgHQrACrXSpLlsUxq39HQriY2SBKb1bq5tM-CpXzAjOZLr6UG4tU2pkY1ytshbHOlRS6jQsmkmrdp_2vpinPyOTWAn38kXyMwDJ99jD4fggfRsCMbIvfKZhSR0XEzSynxf99dtMHeEekOCDZuRtC3RQRim4LSX_Q&dbm_d=AKAmf-C1qjIPr5HA7MdFTSFsTO2qAcpkg2zQR-JdBCcFCacB9H_E9dtpkhnPZoej5EWARYubZsAY5sfojtLLDRHxg_fQ6n3Htdre-isfBwnurLIyqeQT_lxCMQNszYRvxZVFXdG8NIFlJ4tud1i9jhjn1zeuF2tIeONz-k6FsdDCswItuOr_zEDHv-xTYLStVQqDT40XDzDuY4rYGxY-VvGteQndQIsBuMCP7WXni6erub4oJvt6eKVrVdMnRpF6YBfPCuaSw0E7_KuQkd18khxuoDFP_ck1ps0R3egcaF-AAL4LFD7_KYdh6mYSCvOlTOARU2xB-4e4-UFW04396KfDeXV1BjSOKWJlNbRFxhzM2HKxUkCaLcomUEzF2ZeJHJkpUZ_zaZhZipi72R9mG2Z_O3O41sZqeDV4DRWXsJI4gUpkuxJtY5fXaXzYL64JMTAA-iOmXoZ22twQjBEcdBHEcYsfOPtsZPMS_6IsxW5O0iypgzMwPe0d4PoemvfpjKmomLRxwTTD9L8Sb9SZBmHuYYbwDM0QS9gug5Po-UyOBkR1QSAJ7MAEXxPyCU4jWLWjtrl_CSkXpD0c0aTl8jXiCsFWZov0hGbB_ck56wG7xUqrLL0H4Jf068o0hqFEYhq_n86zcT9u3Oeufjyy0iSWpZ6tAMckFYuF98u5ofXgcH0wMndr-ONwidw2CNyEW6hDtjHWI6ucI_6DAsgOnNk4Cm61GQZ8R-EDVP0WLK7IISNnIun4DlOD3CK9w6oMRxJCGNIh6BdRHOwBAVSuzk8haIC6sjow0R6UV9A8g5nqMfTK22ciC4l887aGJtrP22x3Op7Ce8ZTOuq_OAyfIE7muiV-YIQHpNznVGHbp-8nbCl3ysLaawB8J4_eecwMg8T2skMB5TWMjpJMg7OOtCJK9TlcI4jE9qAV-DEqUP2oEPDI7PL0xIQJK8WcEXSRtkt7Bs_mDhSTS-BYt5QF8Nou2XHu2SVeQiFfLg-Ay9Vl4pbfjl44JZUGmWXv5O-6Pg44Zm-Yccuj4T8VpuXwu_nTggts6VDpqexkOQJwl7KEWdaw5ZTkrPP28PZqTOq7GHZIgzHaDSxPzckBKZ3bKjpJXzZ6XFESgq4MXuK6BzdpY04cx9SodL7hm374pJAcfOjR-qZTtQr6Xbu1rcse48tgfIsQu23JwCGnK4cdjVQ7HqmnCI47qYI2ydAwBD3mF_f0bAD455D6NyikIOYL7-km3hcFnMkhXd4gDhYZSIVEEpYTVpgNxgTZLMDZCEvjjL0regtrESb4Q40gY_QhhtgcY89kL_1w49WoEJRompXzPZvrrFyq_a1xWvxX09KjzM7AkUSIIkoMLG_u0SFe_wpzxMIQqohvrdIXVfoP1VSYSJrL3n5qqzrk2K_Wi9ZB4XMQFt7s_coFf3Bta2YuIDqxdPvt2CgljVBSnjQoyiWUIrJT8D9yOb11Pq8O0RaUuY0cIInS8bCzITSil6UKn44dUgNp4dN5_b2l8ZVNxckvcOOwZifW5H4QRBPshf7juh7rSBdQ1nchyZqP1wlUWJvZ3a4-7zZeojeB8IgrkQnc4_ryrzZ-C95_f2SkQr6XHRur1vA7ZL2LLioTLvKJOGus4GMB0ku44aQWjaenqQjw2kHm6tTaAZd5G1GTlXXx6s3pTdQEGkLoiGkTA32Pkn2Pk0nxb9xK_il298RQgMo50ukp49hes0BrJMvXEojxYiFSAdRRTIBtEi6U3SVdkY6ZwhY8KJGL4YiU6PQ8j4mt9Dcbt1IFO-ZVCYBm-FsXDmUkaE65vpnwf9xBoz3sV0xsigsqQ1WGervqMU2xZx4ALz_xV__-1s4shPn5-OtEmKQNH-Rh65iHAZ3nx91qWYBYgN1r-S8fc8UsqPX9DTd2aarb1l_N8C6R4YBHmgFDFjMZAFDIGa4wJigVPPM5T87iElZM0N_3OjUmnGJ-s1RVitcWIOfXKomRZVphNEfCWM7GKx1k0k7t1axeFmL81z64cCtsG-rKOliJfploShTQ4AesjmJWICSf1iVVRKpaViCCbGsQmJA5bgB5SJpG8G1bgx4i5K7hl_IfjcMHJAVJBUNmXWAzqmP0_psiTThL4rHSId5plLjq__Qn5IJM3BeVy_G5zd6tYQEye4d0cZ_MwjdbJoniU6EIPrsbxLZXGXhgma8bVMczb0Ua5DnhoV0gAlN9JI6pqVs7l-b1X1OFer1DG0MnmDFa4lV0LHuKHXdj_aDLgP3f_gVDWTmc6rFbjRPcQjmiKEZRHqXvXz2B06d90eZJGr5NcBG0y99QpO2Oh9WjEzzF4f8E7FQjceAptpSbUh7rZfMB9n_---8EWywmKo5f1JRAn-2OQYe5x4EgqdSQrBijAuVSadnK9HI845NC62FSr40CbMLOPN5KgxApiXO_EpCQC0CmxkYU-QMTqPHg4fbXTd0W4Bce2TUih9eXliDo1UrcJA-NLK_pxHjWB9Dkds-B3ZcsqxmQX_0oiriaaNoLWl27N0BJNYeAT4OuDR076gwOr3dP2Yd1Gf0prrC2F4ndDPOljtTRwZ6STqIUhWDhMr2WBsRZqX3KkJQde7Swx9jvaYa34WmO6gJ9TMUwOmNVMS2m_Bw70fuQ7WhCJCmFRTu3-jQWT837pdSP2OYlRCIUlSN08e8AOddgpdwoHJqxSTXGiR3oKn22bJDjt4V2C7YCmHgLcwfaE7NG7tIFoGBZAh8HIFr6UjdfRyNW02hgwcEQCej-HA8K2jZREWqSzhi5RDfI8RXL89hTweQ2JkQ8czG57ZDHYSPwy6zerqzpuLk4xVBC2DtlOm303dcxVttvSw_4BthfCArsWbKW120s1AAC4a_hYyyaugVBdq4q1DFOLuYU6jZzeiX_CD5V4SZnltEPDVCmpkwz0sLrM58Hjd2KnMxwG3DpYI2DIQDGXOmsxznytDeyKyyR0iZliztdqbzIkMpr2U5fQu_kL8-t-cCBHyh5afwx6lU83bL32KZ2aSOudYvGw29BpoQJ8_aOwTwprXHvNVeF1fUdJuPBxqLBYuqEj6eJvESyXhfpAxp1uGMDfFwXXC9WCtWnsmRnh5kL4PXwf4BW9IlBQazmUVNgMR-MtTW8-WWLv4sRpYX1OTLHhqGT8-r4odx5ZjZUqxK4T_HRcaKFGMnrgAJO_fXwHDDe81sAuXQMDZTMOiD08EuoTGuiM8v31yAbn1JkOU-XJu_3WeJxryZZrAEzS1E_eDHhaE1za4EAC8Moohq1Q2qFxAgw86uydL2MD8PyQKlQ161kmiAMRrUCQTkJci7TYv2AXUGc44ISUbGY3SaaMn-6HILrctJOW_utjQb5yyEDMjBgCMcC1KNfdf8miFJByqGzZRqWxaugpLkKG8oymEmGWhYTVTLo4d0EIOLM2a77nHnbc4fIpVDL101LKDD8mGHD9AKt_k1HWCN84TDWdXQv1_N6KRjF4jyyAKHwqcgAfFLFmBrWwOYta50OhO95TYIlMJb6G5BHkZKX0SgmUO5kG9DEiqVIrHvwQSJKg-NYnnYgUIMwONN0nHNdtily2tMmpiLEnwP85JfZa__p3lViI7JdgZZfZvfmatOBrihf2TBIT3tqqRDXyFR5JjByWKNxVbshLJLpnkIM0yhBmMW5GIuXPSmpyQgwIa_Qa9RdweJQ5ZlpqNK064GcrIeYf_I4o4QF6Jw7rkgSSq2Mv4BCqOZb2sNmEOxAQghF6giA-tbUZCmEkoJSEiH6O1u1hAxPLaXrUdHv8g5UT-PRTknN349DXdzSsEBOQmZu5eCQRksJLCIlot7gqQ&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fvloghealth.info%2F&ds=l&xdt=1&iif=1&cor=9037551511862266000&adk=929882891&idt=46&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9c095dd6ba82473b2951e532484f7d0b5057e7e8bceb9e1541c414c58e2948e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38176
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EF91 34 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 02:17:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5754
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 21 Aug 2023 02:17:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2529
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Sun, 20 Aug 2023 03:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF43 180 KB
56 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
DATA 200
OK truncated
/ Frame AF43 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bb273d3ba9ef4d0315d46b7e44f2b444ed4d5dfcf3c7236095f8e3ade05e59d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame A24F 172 KB
61 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 09:29:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame A24F 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BokgPFwky8Em8tM6BGXGjKN96B0FHH0E1MdUrJwphKXRBMwU0huCXcNMyjgko8yalEyDJb_D7SROAq1dhJaWOuONOEdLRESsZ8ueSp197UjcYCSBvawROuJEcDtOiJtno3alQUJACKvoZz4LfJc_UDq3DcqIUwvtCfs9oBLv0qmJzju48&dbm_d=AKAmf-C00oLOv72LWAt3Nzl1pD4HCQaL_2xMxaFfB27EUB2CuEK59uJaOTW7YkPzQNjMHP0Sv1OOPPCqHM6_cjJtu3PsmI3-b37b3pOU1_aHJrARCpNKEjnxjSK6DvoFVA-_sr4Y2juCeEF_8iqG2lXsieWD_sq3OW8QBnnGINyC8nv4YIZb00Qc6sQoLAbGBQlUgt8jF4wjDehbUGGE5uO4fBHZULAT7jYDZ_5znhN1yAdvKRXHFCk0OsQ8uIFw8ipeL_B1Xhg6tSIhbIsW6yjf9vfrBcRh9lqSi7cLPYHG7PVPtGVQEEJoMSu2NZBvDNPS5IXVmICeRYEx5K3GCI2Z5uujgDAUzJddRilOecvzSvBMmBjVoUfUK3VU3wN4ET0uT66uSxyBhW6g7haK5lbyRJOLpQx6ZVByD7LOdlA_d7Jq_iPCSIf6aCdBicgbGCbJ4Ku8LnItgNIsmhanwhVaQL5kK352v-v7D6LvptM9Wr_WbkOXo1lpXXfL6oxLwQCSSzCYhsCzRP5IZ0ZsDqIjxFFHKEjz41LZ_nOClzRJPRwnmn4lZSTtJzJksBd5Fb5qllRzIHfk-6P0qYyNjpTCa7kw5ejncOGvxu7f5dhEFwA49QYcKzCa3wM-ZycTPGMNRyozbT_Yk9AzQDHX8OzqHkq__ScFbgXJrYLgjJOiUJhVDtIdYZbJxHMArN-LCX8eZuXHriFBM0_PQUby5uEZXZL8kAGt3Vu6HM1VZO5vU8lcv21cfetayhuOYRuWxgLJj8V9fU9YrONekTjMPDDw9vZKx9QY1iGhRS6VHfAYED_FvwqELSvgg8cJYG1CbOn5E0vWmXsUAfucqvhHKLRKiByEFHjEAzUCYEZYYWyzjx2QJL7jviqXwg8FsUb6JUS4_ga8nwsyJgKDE3H6UBZNJg3hEzstqa7YNBxBq_Mjr6KtZMuV8l8DGhN3uPyp44WWhFkpDAux0TaqqMFhwkZhAeL3NHbA7zlqNhLbm1rolVbCi5q7ny1qiR_DOYei8yxoLp0Aj4bUzJvfquu_jHFiDC5mdpjtsWi11XKZW2qETZhxJamGfP240mNgIlmr5hpeZ65qkW5OpCmXRpQNQ-4R7JJx2GMRPzP5Yfre3AZ_G-OjcaUKfovatI_-pOCtjfjSPd0EqSAfsv3KeYtlv38TDa4o-DnDP1wMdSIebQ6Bdbe5dT122lNjWkJSGTsCeg9TnoWjufZRdKVBgRutoouH4sMB8lAXI6rBnxgGyaJ9NPO96-gwsHvkGwccieCCNxFgLaC4gDDiVUn7g92T2Z6smh0z7M8kgQbhB6Cv_Ah2wNE4ixP2UJvVQRal3bRPg7SGqP-Qct2IF9U2Rnl4MGd8Hd8b9IHZRgG9f_H3BR6ky2YAWRL6mCq0skMS5-78N0g5mwOymwN0fmyaSNYwBZ8Oduk4eMKklDcevLaanky67HkC5_oNY8UB3ItHUHFzN-Hy9Vwcy-g0imiaISBOtrKK5hvruZJtkJGrW14IJ3PHoJEy0bAwqe5IjRihCCPuH5YB6SomYBWJnrzbhjLVn9wxAP9SdCgHSBERCoVf8rh87gkvHCzMAY79XIo4AUz3WD3JNL3vVMy9CIoHF4LHH40rUP3xOG65Rnlp9Bg3_KxNgGMhbe3RDR2_9-ipEIQo4qjlI2Z8wtO6479s0zVkKf0yysdHHnksqh8f_0vqfx7q-lqqvRdPOB7KLVd1tyfWN3hLp1cTCB5uvIqnOE_JgccVtSXvzj9MPcN_UHxKN08i6nR5RHjkjx9MFLxyK6jH_Qb8QRcnCYdN7YaFJqemQjJ3KuEf0q4dj29pjjgxxfpQqv7ytLnsURi_0bphHNJeyOY2o8VvH092zhghPT4cmDZqc5MnErddFgTScjz-CaMwh-TszuMN2wxzJw4EByxMqJ2-NIKj1H8KwH1o0Y1GXeppOlbLtFBsoNKMrIuTDvdjW8E8FMy0a3Q7lLsztVEoAZMIQcqOtxPp7zZtVYqEaNGeCyZtMDUa-lYRSDWs9CnO_dlpvbc5zxLbkfTvFVJKs2cLagy98zhsTuCJlAnU2kNl90EkxXnSRRYiXvSqThpkO8U90rh2dibG_Y4xpJSFIvdzOF253f7jdXVu1qvE-YFR7Pvo01DPL8e1JdFwM9ohvLQEoesWhacyIXYXSyz476YC4yAgWn2Znk94RaWiZywkKwrlBflxHuF0tSH2YbdvV2uh5IIXoIilPAXJNBlpxDmVrWuPkFugjRYCZ-YcTN225nnFJfOQCGC5dKfv0LJH2GmMJR7AwVJwaVByPSpO9-s5bvLfPw7hOkX8ZpnKWM51lLgItVkCc-ykuvJLvamOA0717tXqLUfgbinsko99ujI8pbCHTmmdswloShcWl_caZImc4AQ8ryuFaxcCg-CymRb02mczlPcqZn1jYOFfkYYsewGLx0druRk2wMvrFza8PmN6IA7ogMivcJOM7w_Tg-WansFBdZOoXrpQIQ0E80RS2Vv-TBiKa_ccQynlaM3XcZN8S2VrLhu-3eC3flM-0vkrv8v7HPrNoPricIOX8v2Y7vaGgoQwOfoE7MZn76aU6lEjZSmlLEzNfrt-0ocdghd6BC1uM_2X7_NCKeCTyxiiNseK9MHuGH_BfLa3p8BnT8Q3YKwyzxUA6emhh2CFcN5C5ojKv8wPG7_uLGZiGdV_Uett4P_ERGOh-pzljW54BlpScKNj2Z2QXkI1TQJbeL_y0S3SNbmvIGjHaYwcytgcbe6U6RAsYY8MJJnWnZdLmuowG-VeV4qm0BOz_pY5SqsRD-F5Nx3qy7N1jn9YxSHIEp0dvyfP5zzgJSS4-LTReq-7W9Ospq30s5_aXeXECaEzHVfXMTzfqUG0fNXiLRSYCMwxInb7gM-tYUn5QdE6dXz2gkhMUZFJxhfeppstrGwKeaGZljxgyfK-8OdOKjHGxj6VyUkiakpjp8R-ElntTs3cwam7aJPYW8P7OL8Izt8Lyvi4ZNhTnjxadLnXupF_Wf8Codc_BiLIF2WddwRnxDiJeLr3gN2z5gm3CSOPRjff_DOjPTclAvE6lIikW2RAXj6rQgQv4sb0lrCbsG7JxNO8wgePaf5sC8Et1U06tAo4VPsdACg4kQSzv7e4fqWAlxnJbU0yzTlT1BCH4irfEcfTll5sV3tu0C3MuBuTOIFELQz85b-hjtvcTM-DeJQ1MrB-lF0SEp5fCSjaSI4_qWX7t97GT5F2Zv23qLUP8Zjp-T9ModWM9E_3wgVYl3MOzI5-lDb4zfp4I3yMDDy3GANdh2dxBCfdsmRXkAcUZPRCDPw_CzzrAlfX-iggTWZQVefYfTXTKYm6kR34LI07xia8rXLDGNS0iW3RrsB4ZP4rAmXdoZ6WY13K-MMT3b7svwDd_482h8fjLWGdKrgaPYUYqdVF_l3CJdFFgk4rWTU9UHzxzzMPSMOm4gHv0L06LaddOQ6cmUMjrV35_NClNzLsYkQNaE4wFClF2gUYcx3Dbck0uQBoevJOO8VwYpdZ4P5hiLgzqugwWiyM57YqKzL2b2DkqEMYTMBWJwWJmpoaKO4Fj5-_7AkiHs1jI8aqzde-hglOOYYq-u60XiErA6ln9z7tpxGpPnGnYMCY36_9RmOy31cKTgVwzhzMOvx0bRJCRjh2zQcTU4Lr1Z5cj0o-k-eQsGv4bnFbY5TxpPa3H0WsTxg2WLR6c-8y1PDCW7oEKyMSD4jsT0W_F_Ww5-7sMQjlxyP3YyBcYIdVmfzRQ5OsrRiGLVcwvI4T-87Vmt1yzNj_C7Z7J5jvoT1i0OR32fRd2w&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fvloghealth.info%2F&ds=l&xdt=1&iif=1&cor=6220509865433718000&adk=1877897943&idt=32&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 01:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 01:17:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame A24F 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A24F 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E5C6 624 B
242 B 24ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNU-RCoi6hUbXlpYIhxhuBWuKAW9Pj0NHG72WQU-0eAvckIM6vDy4FwplejfZ4D3ABM3MTew_1IZm9XloSQO0gJmWTsiRaPOd2_BIMlPllChlgy29U2qNdz3X_5k4HdMfrgvZv-gXGM1GBJULlted4PJZmjOgB6xwKk0LQpQ7N2ymprPgpU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A71 86 KB
29 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7A71 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 7A71 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7A71 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDAq5NapCybIDFHWx_AlwTGgiG5eIejOLCrVWRRdD7RvOe8W7SCuLXzydKuLRM2UjgPHdJjfoaUGr9hEZ9gS3stu015Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A71 180 KB
56 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A71 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BWW8Re4mIMO2VSLbojCxA2SLfYuSfRFk892NKMHqZxfBXx3KMdX1wZ3Ifg8ALFJpz6jc77QOS9AHV2ep3OfrcF9WVDKLqtAIB1GOW9M1UpHnw_c5I

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A71 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17549273218372597372&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3BC5 172 KB
60 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 09:29:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 3BC5 11 KB
4 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Do3TK5NAVkGKIDpLtOgHQrACrXSpLlsUxq39HQriY2SBKb1bq5tM-CpXzAjOZLr6UG4tU2pkY1ytshbHOlRS6jQsmkmrdp_2vpinPyOTWAn38kXyMwDJ99jD4fggfRsCMbIvfKZhSR0XEzSynxf99dtMHeEekOCDZuRtC3RQRim4LSX_Q&dbm_d=AKAmf-C1qjIPr5HA7MdFTSFsTO2qAcpkg2zQR-JdBCcFCacB9H_E9dtpkhnPZoej5EWARYubZsAY5sfojtLLDRHxg_fQ6n3Htdre-isfBwnurLIyqeQT_lxCMQNszYRvxZVFXdG8NIFlJ4tud1i9jhjn1zeuF2tIeONz-k6FsdDCswItuOr_zEDHv-xTYLStVQqDT40XDzDuY4rYGxY-VvGteQndQIsBuMCP7WXni6erub4oJvt6eKVrVdMnRpF6YBfPCuaSw0E7_KuQkd18khxuoDFP_ck1ps0R3egcaF-AAL4LFD7_KYdh6mYSCvOlTOARU2xB-4e4-UFW04396KfDeXV1BjSOKWJlNbRFxhzM2HKxUkCaLcomUEzF2ZeJHJkpUZ_zaZhZipi72R9mG2Z_O3O41sZqeDV4DRWXsJI4gUpkuxJtY5fXaXzYL64JMTAA-iOmXoZ22twQjBEcdBHEcYsfOPtsZPMS_6IsxW5O0iypgzMwPe0d4PoemvfpjKmomLRxwTTD9L8Sb9SZBmHuYYbwDM0QS9gug5Po-UyOBkR1QSAJ7MAEXxPyCU4jWLWjtrl_CSkXpD0c0aTl8jXiCsFWZov0hGbB_ck56wG7xUqrLL0H4Jf068o0hqFEYhq_n86zcT9u3Oeufjyy0iSWpZ6tAMckFYuF98u5ofXgcH0wMndr-ONwidw2CNyEW6hDtjHWI6ucI_6DAsgOnNk4Cm61GQZ8R-EDVP0WLK7IISNnIun4DlOD3CK9w6oMRxJCGNIh6BdRHOwBAVSuzk8haIC6sjow0R6UV9A8g5nqMfTK22ciC4l887aGJtrP22x3Op7Ce8ZTOuq_OAyfIE7muiV-YIQHpNznVGHbp-8nbCl3ysLaawB8J4_eecwMg8T2skMB5TWMjpJMg7OOtCJK9TlcI4jE9qAV-DEqUP2oEPDI7PL0xIQJK8WcEXSRtkt7Bs_mDhSTS-BYt5QF8Nou2XHu2SVeQiFfLg-Ay9Vl4pbfjl44JZUGmWXv5O-6Pg44Zm-Yccuj4T8VpuXwu_nTggts6VDpqexkOQJwl7KEWdaw5ZTkrPP28PZqTOq7GHZIgzHaDSxPzckBKZ3bKjpJXzZ6XFESgq4MXuK6BzdpY04cx9SodL7hm374pJAcfOjR-qZTtQr6Xbu1rcse48tgfIsQu23JwCGnK4cdjVQ7HqmnCI47qYI2ydAwBD3mF_f0bAD455D6NyikIOYL7-km3hcFnMkhXd4gDhYZSIVEEpYTVpgNxgTZLMDZCEvjjL0regtrESb4Q40gY_QhhtgcY89kL_1w49WoEJRompXzPZvrrFyq_a1xWvxX09KjzM7AkUSIIkoMLG_u0SFe_wpzxMIQqohvrdIXVfoP1VSYSJrL3n5qqzrk2K_Wi9ZB4XMQFt7s_coFf3Bta2YuIDqxdPvt2CgljVBSnjQoyiWUIrJT8D9yOb11Pq8O0RaUuY0cIInS8bCzITSil6UKn44dUgNp4dN5_b2l8ZVNxckvcOOwZifW5H4QRBPshf7juh7rSBdQ1nchyZqP1wlUWJvZ3a4-7zZeojeB8IgrkQnc4_ryrzZ-C95_f2SkQr6XHRur1vA7ZL2LLioTLvKJOGus4GMB0ku44aQWjaenqQjw2kHm6tTaAZd5G1GTlXXx6s3pTdQEGkLoiGkTA32Pkn2Pk0nxb9xK_il298RQgMo50ukp49hes0BrJMvXEojxYiFSAdRRTIBtEi6U3SVdkY6ZwhY8KJGL4YiU6PQ8j4mt9Dcbt1IFO-ZVCYBm-FsXDmUkaE65vpnwf9xBoz3sV0xsigsqQ1WGervqMU2xZx4ALz_xV__-1s4shPn5-OtEmKQNH-Rh65iHAZ3nx91qWYBYgN1r-S8fc8UsqPX9DTd2aarb1l_N8C6R4YBHmgFDFjMZAFDIGa4wJigVPPM5T87iElZM0N_3OjUmnGJ-s1RVitcWIOfXKomRZVphNEfCWM7GKx1k0k7t1axeFmL81z64cCtsG-rKOliJfploShTQ4AesjmJWICSf1iVVRKpaViCCbGsQmJA5bgB5SJpG8G1bgx4i5K7hl_IfjcMHJAVJBUNmXWAzqmP0_psiTThL4rHSId5plLjq__Qn5IJM3BeVy_G5zd6tYQEye4d0cZ_MwjdbJoniU6EIPrsbxLZXGXhgma8bVMczb0Ua5DnhoV0gAlN9JI6pqVs7l-b1X1OFer1DG0MnmDFa4lV0LHuKHXdj_aDLgP3f_gVDWTmc6rFbjRPcQjmiKEZRHqXvXz2B06d90eZJGr5NcBG0y99QpO2Oh9WjEzzF4f8E7FQjceAptpSbUh7rZfMB9n_---8EWywmKo5f1JRAn-2OQYe5x4EgqdSQrBijAuVSadnK9HI845NC62FSr40CbMLOPN5KgxApiXO_EpCQC0CmxkYU-QMTqPHg4fbXTd0W4Bce2TUih9eXliDo1UrcJA-NLK_pxHjWB9Dkds-B3ZcsqxmQX_0oiriaaNoLWl27N0BJNYeAT4OuDR076gwOr3dP2Yd1Gf0prrC2F4ndDPOljtTRwZ6STqIUhWDhMr2WBsRZqX3KkJQde7Swx9jvaYa34WmO6gJ9TMUwOmNVMS2m_Bw70fuQ7WhCJCmFRTu3-jQWT837pdSP2OYlRCIUlSN08e8AOddgpdwoHJqxSTXGiR3oKn22bJDjt4V2C7YCmHgLcwfaE7NG7tIFoGBZAh8HIFr6UjdfRyNW02hgwcEQCej-HA8K2jZREWqSzhi5RDfI8RXL89hTweQ2JkQ8czG57ZDHYSPwy6zerqzpuLk4xVBC2DtlOm303dcxVttvSw_4BthfCArsWbKW120s1AAC4a_hYyyaugVBdq4q1DFOLuYU6jZzeiX_CD5V4SZnltEPDVCmpkwz0sLrM58Hjd2KnMxwG3DpYI2DIQDGXOmsxznytDeyKyyR0iZliztdqbzIkMpr2U5fQu_kL8-t-cCBHyh5afwx6lU83bL32KZ2aSOudYvGw29BpoQJ8_aOwTwprXHvNVeF1fUdJuPBxqLBYuqEj6eJvESyXhfpAxp1uGMDfFwXXC9WCtWnsmRnh5kL4PXwf4BW9IlBQazmUVNgMR-MtTW8-WWLv4sRpYX1OTLHhqGT8-r4odx5ZjZUqxK4T_HRcaKFGMnrgAJO_fXwHDDe81sAuXQMDZTMOiD08EuoTGuiM8v31yAbn1JkOU-XJu_3WeJxryZZrAEzS1E_eDHhaE1za4EAC8Moohq1Q2qFxAgw86uydL2MD8PyQKlQ161kmiAMRrUCQTkJci7TYv2AXUGc44ISUbGY3SaaMn-6HILrctJOW_utjQb5yyEDMjBgCMcC1KNfdf8miFJByqGzZRqWxaugpLkKG8oymEmGWhYTVTLo4d0EIOLM2a77nHnbc4fIpVDL101LKDD8mGHD9AKt_k1HWCN84TDWdXQv1_N6KRjF4jyyAKHwqcgAfFLFmBrWwOYta50OhO95TYIlMJb6G5BHkZKX0SgmUO5kG9DEiqVIrHvwQSJKg-NYnnYgUIMwONN0nHNdtily2tMmpiLEnwP85JfZa__p3lViI7JdgZZfZvfmatOBrihf2TBIT3tqqRDXyFR5JjByWKNxVbshLJLpnkIM0yhBmMW5GIuXPSmpyQgwIa_Qa9RdweJQ5ZlpqNK064GcrIeYf_I4o4QF6Jw7rkgSSq2Mv4BCqOZb2sNmEOxAQghF6giA-tbUZCmEkoJSEiH6O1u1hAxPLaXrUdHv8g5UT-PRTknN349DXdzSsEBOQmZu5eCQRksJLCIlot7gqQ&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fvloghealth.info%2F&ds=l&xdt=1&iif=1&cor=9037551511862266000&adk=929882891&idt=46&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 01:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 01:17:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 3BC5 30 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BC5 41 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 436B 0
225 B 647ms
211ms Ping
image/gif 2800:3f0:4003:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lliwy7rj&c=2684338896752&slotId=1342169448376&qqid=CJKPkqOr6oADFXrBOwIdZAUKkg&fb=outstream-lima&sei=44730425%2C44752538%2C45390960%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4003:c01::78 Santiago, Chile, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 436B 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CGJxdOI7hZJKTOvqC78EP5IqokAm4vMWyce6BrIi6EffZ1qq8ARABILfLliNglQLIAQWpAj2aHS-2PbI-qAMByAObhICABKoEigJP0E35iSt5CszEdPnk1aLnIQkp_N08uhADY4SvksCLmP1En6rHNgT15it9YzIwY9leJeJ2Z-KwxI0eR5kRsYFDDHEKemocit0zSaPpp9JVUB55VWGOBnTP1e6DflDhpxHA7Jx6x5RWZ5D7N4pIV4ngIPAl4L5pH6K9Xf1KrWcqnY7iMOigkJocRKjHPm4frD46zaGa9475FrhbB1fMiScOstGfYmb3MxSsI8L8HlfldzoICOWmrG77J5mXmcX_5Btw_iePmgiZIQv5h9cALrOjr4moW8HEtI9yfv_VH7QKXFzI5cGQodQ-9qLwARVyfPWYcDRQoXoja_lY126v6PzfaxQMU404cSC_R8AE4feciLwE4AQDkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1692503610330&ai=CGJxdOI7hZJKTOvqC78EP5IqokAm4vMWyce6BrIi6EffZ1qq8ARABILfLliNglQLIAQWpAj2aHS-2PbI-qAMByAObhICABKoEigJP0E35iSt5CszEdPnk1aLnIQkp_N08uhADY4SvksCLmP1En6rHNgT15it9YzIwY9leJeJ2Z-KwxI0eR5kRsYFDDHEKemocit0zSaPpp9JVUB55VWGOBnTP1e6DflDhpxHA7Jx6x5RWZ5D7N4pIV4ngIPAl4L5pH6K9Xf1KrWcqnY7iMOigkJocRKjHPm4frD46zaGa9475FrhbB1fMiScOstGfYmb3MxSsI8L8HlfldzoICOWmrG77J5mXmcX_5Btw_iePmgiZIQv5h9cALrOjr4moW8HEtI9yfv_VH7QKXFzI5cGQodQ-9qLwARVyfPWYcDRQoXoja_lY126v6PzfaxQMU404cSC_R8AE4feciLwE4AQDkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 436B 0
45 B 637ms
212ms Ping
image/gif 2800:3f0:4003:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lliwy7rv&c=2684338896752&slotId=1342169448376&qqid=CJKPkqOr6oADFXrBOwIdZAUKkg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.13l&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4003:c01::78 Santiago, Chile, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 436B 29 KB
17 KB 95ms
46ms XHR
text/xml 64.233.184.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dyr5VmsdKZNOYzzp7Jo8uKnTgRq9iIC0ppM0_aDtCw8ceRm4VLwr8ZB-xdyXASE5m1EmT9A2owpDDiVxHx9h8yxfpb6g&cry=1&dbm_d=AKAmf-DJeV3oNeHDYrHdDUT-XWbm0hgMdQf1_g0DfNpr-3W_1c1KRLcFRTNtS2GSWPAq8C9qMzjf31cECO5WmZmqbBoCwyEu1v6NLmy7SQcG1AhUMNCbdrFpHAt9QfMDmpbrdK95I8o4BFBkY340ZBi6UxH-mzvA69UQhDfYQ601HUKVMDSp00y_chUhDozb4WX3RF3MoDIRtPcjEJi5I2JHP9n5tZ6ThEJkVwPHoSMhj2Kc4PCWIjrdAkk-hTleuOPFcnV0U1dgbEdeql7kLDbozrNZdvsyymYmI6lEAyRa4nVQibjv3MgiPkY-YQumUiykbFcUkivsxKyRhha8eOQyjGET7HssGxWoC6MwIEbJfzOcVfCJl1yN8ytJxxt187UC0bViF9PVvEDKJ6-gmIq6x9sdAL-xbZzB1vu_ENacqeQWowzhgYyrY5KD6xUVj6QqhYb1GCOn9ZqCZj--uTn8UdTvIqz5qnxYHG-BImno_lxWVibHoyqHC0EWqcd7n9Yh8tv33OXxjaPyso3FevXwl9yKvx0bV3Mr47lUsNWzPXPxsflY81J4AXXUXOnLd146TdAIykQKrlCh47vVfvBhHCedMRICIzVtvMkDInaOU6l2nlgrdz16wGEY0VqEJQCVtXK5ebxliFpWUVq5HLkNRQoY8sFtxX0WEpyBS62gB26IqG2pe1n8HXx4CsCRcu4a36fLpbXK8ZAbASWCc6qp4AzUBsRv9AF5cbmZc4Ez8dOQ0Kn-AmwVVkukm7SMg_jlfvl4tA3vbWguogXVSqS0WgnfGdvicjZXU78IkxsyyGbg7r0Y6KggVbg5T0lj1E3JeQozte6rheBT51kAK8vcNkiSMu1cwhwmLu5D3XwUqBXM76n8J6KTWH3Ldzy3M1iu83zBLkwxorpW-GhbwZ7i78z9InHY7KC0MVpH6cixOGXxqJzL48UPEXKTgD5tF_nY9bQhFtJ85PKkDe2dbjnfbosqpIbMwMtQvNdgdpkBk3bIXcSdEctcw0j9IdTYE8un1GQXh1Qk39w6VidPZnUh7JAtXtf0Rmr5T6oKEhYy4NBErztcGdiGRXn428joVcNHJW_Bm6jraG0QlUwSl4vuvHm2PnxeVSVO_CoW26XFVqgtCvPd4WSpqCIIdMnA4D_hubj1mJfN6JMHoq-iGAK4lLq_eIr7CXnT6TD3RRYkfVVSsaFuvE9p7sCNKLi8j85vWyns1gAeNrtDnFIjW94cn4phUGtSttOqs0VS5khmtayTobP15ZLJHZUC7YBdc-iZmNWhinmlgpML13Rw5O79FvNUpHN4voMYTQSNopt5dnt1D_8eiATHweIwXyf_B4JG1dPC26vy7iwk3Ad9u97yEyos3rjDIiP1odby0cf-z4SHBauBv4nJ_-otYOaO_fBdeQxAVz0lkaItcM0OTBg6t8DizyF76dwYuSCVSwnIqS9OsbSOc6uczcApl4U52klx0imHFh13FuqX6JTiRE9IMkmSW0o0gUlbWh3xuXulR3rOAJ-gq-3CGIhdATj7Rcf6lQM_wHWHFhGBSpJN2G3S4dP44U4_OGWEHVN4Ccc5vRxtoLbcYoWXm2aLqALNTDE4P1SXZHKRzQNmUNgz_Mq80ZEdpvDz9uItCWrnmLdhl2dZdbCx_DgQBdDzWoQn0dKgSHsM-SZHhalKBude_afPJ2Gd-I3J_ty5SZ19JmIBju-P_2FN6UkP9h3E2ZwPABGlmigc1nHwDnw7TsXLFodu882OtoAyUwQrUotHmoJqxXfjZsxhCWD7eG_IU-LazKOcQ7ankIsLshcYs7xhCpBQn8PnqLOeVOD14qnKmxOKWXjQLf4zo5PX-OIBA6YTrbJgOLD_G_vJ96SftaspFzNu3A_g-qsr6cYeleKE4wd59paKPI0xgUpEyVpQJYch_AXmXwfh0kOCA5tCSAZZPOJgno73SBvA91OfNunOL3mNln_wEGrAHTJ3nWDhok3J1MHjUeh7i4jdLpfKOEnLPDhOIE7ZqRXNW6BtjihvNvl9ZeXYwIRREgybeyJVXRLWjnRQ2K8JANhf68asdEVghnocju2vJXQS6IHD7lpUXZzXHNssfkd40BlB27fM-0-urjqUFWj2w7dADhiyeVeqXCpEbHsOPM0RxkBkiwaAHwhsHqp91N1ypz3cD-_5NEziKs5hAVnI07X7gv1XgLTT4k59hgAzsZ4SxiGS3InwG-tLEbGvKVSbsj6xRsXgAamZ4bvb9-5wtjsYblg6Ybx2STe-iBqbN6XDUfIkaoVjA-sQ_A5uzo423xMDenNI2dZddHSH6_z_J6Yvoj8fLBYNveona2ixsoqJjZFtJ4R9HbZJonxk3D-D6VnswQfWCG_SbM_0j_om6e0UQ5IffuYAUMpGvUnh0qMDZpRce1-H1M0ZqhZIfLsfyDgK8-XucaGoaMAjPRr_nx6OUFBjRyldqb8_lLxL3pxs6L8OkMzIalLKf1oqWeRjIhTJ30rb9yRnSZ8JzZEMkAmaHYeWjeHISUloPAaipqlx6tTD7vuP9H3AFiKl78KNTbfzwqRE_GP6M8LraCtN5EwPrbTcnIGAmR0NpVVvze8zxN6fFvquKn16dsEuzu9SS-a05laJJuh243jr-boS7eoM60zsDZ5d85LXa8m75pYEI4yu_JRUqbQWV43oDa-D9pJ2xlPPePR-1pRvgkVFhGWULEE3fa5vU6gxuyQIXEZNzZXIwA7r_xn_1Jf0V0XCZjQANdN01bXytTdXNJjBdPP0leG3nEvdwKqnCprpBvqGPSUZ8AtDLFcNySZH8wUwAeWV08rZmAkxi2houldKTiv2FlbS0SyF3m4DkRsD6aLYxifYw8DFSMMzufakW0O69nrTFMv6KDhLKWGh64EGKDkH88DQfHBsNPRi7T1x29HXPAUjaJWj_CFex_d7pCyS4Bqh5GdWH6YwjWhfB31dyH16SNoBBOSBMeHjeBpwQKu1DEOqLEUiZNHMDYAph0gVqSfzISKMyIoK3tygyqotgO4zAOIM-QxvpEdUovI75gMPhuV040yoQe2Bji6PwH1r-qmoRzLIXwW1gX887LcNk5vdpAG5a0CmUf8oEU88vx9yJShdA5l1b16AYEq2yiFHp-rS-pmJm2Beg8MaAHv54d9h41ZTnpkKjXZK3Ja9TRXAFMGn6FEg5IkTzimV7Bia5AnWJ3Y_YP-unZNegqg9VYD4lapmwIfssUNZ0psfSo1LPYtLPuC-d1Lh06aeQc-HRdPmflnVwFoic11iHO9GcaoBAgzKwvWYMIYLt8w-98taslk_VovyFCzivoxmgq9w1pjIn9fX2WjV_r8tDlq7HkEyKTSIv_lIbpTqQsVIRoZcmCZryx3BKO5NlrWnf25oKfgm5jHc8Uyilc9JzC6-UvX1cq_gHNsx197BIa_SXGDsY1xkvwgXYSalReXF83iiViaQu2WH7-Ff8dACqKcH3nvVsDyO9v3LiGqpIazTyaIJLtmNsgH_vbU0dwS7TeyExEP4C5x1vrzwP4fCbDZy1wmvl1EcrLAik4sSEZnysT23og7u6cSuJaFi3A9NcDFvwhKg3L4zrKZvWEGABaQccyUBlb_pen3wgBJ6G0t6a3hNNO5VRFJyhXQa876c1x_N5Go-A7CsgnmG6LbxOoopHwxCRgDn1JeYV9u0BpyxSWUslZZZyGVTAy2Qz9grYk9BC5x0gXvlmMZ-DOvvci8d5RxklcgSAZZuQ9W5B-2Q1KrQjYOjaK5mfeguKiKLJAUQD-liDuQXEIfbAwQm_zVWs4Dc&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f157.1e100.net

Software

cafe /

Resource Hash

6beb03ca780efe2434f83706d7604b105aefdc5ae2be4a5ead5466e33e6d765c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16887
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E5C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1

43 B
741 B

21ms
20ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNU-RCoi6hUbXlpYIhxhuBWuKAW9Pj0NHG72WQU-0eAvckIM6vDy4FwplejfZ4D3ABM3MTew_1IZm9XloSQO0gJmWTsiRaPOd2_BIMlPllChlgy29U2qNdz3X_5k4HdMfrgvZv-gXGM1GBJULlted4PJZmjOgB6xwKk0LQpQ7N2ymprPgpU
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpaF%2FqdRpHSNoaPrNSsDj9EPTAAR8xlGwG4Q8ScWZH2OhQk%2BK%2FGe7%2BFQnZxLk2J%2Bl35NwJrHD7e70uzboR9va%2FZB7DNojsRYq6HummEwCfm3z8B93FgADFK2OzF%2BqzX6fPVq%2BFGEObI9fA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7f97b08d2fdd366d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E5C6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOGOOn77UtoCWe9hKgG9MQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1

43 B
735 B

19ms
18ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNU-RCoi6hUbXlpYIhxhuBWuKAW9Pj0NHG72WQU-0eAvckIM6vDy4FwplejfZ4D3ABM3MTew_1IZm9XloSQO0gJmWTsiRaPOd2_BIMlPllChlgy29U2qNdz3X_5k4HdMfrgvZv-gXGM1GBJULlted4PJZmjOgB6xwKk0LQpQ7N2ymprPgpU
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyDy00UpV%2BbN8HRNnrXIAOSkt87LCws2SXdUHWzdZs2PY45LXzrAF4LJymJQhE57nGvUHa5no8r5s7Qa1vVAenCHTvIHDPbudFLpt1xSoJ%2FuU%2B73xc7GhDZPDe0dQ%2BE0PJ1r4Mgw444tsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7f97b08db83d366d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDVm6KHh_pl7smZGCPNRbMw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E5C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOaNk5BCkhoVxMltY5VUaRA&google_cver=1

43 B
842 B

7ms
6ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOaNk5BCkhoVxMltY5VUaRA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6vrNxQEwAQ&v=APEucNU-RCoi6hUbXlpYIhxhuBWuKAW9Pj0NHG72WQU-0eAvckIM6vDy4FwplejfZ4D3ABM3MTew_1IZm9XloSQO0gJmWTsiRaPOd2_BIMlPllChlgy29U2qNdz3X_5k4HdMfrgvZv-gXGM1GBJULlted4PJZmjOgB6xwKk0LQpQ7N2ymprPgpU

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
an-x-request-uuid: c87cfaee-14d4-4615-ba1a-1a9986d29295
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOaNk5BCkhoVxMltY5VUaRA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E5C6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
an-x-request-uuid: 7a588a97-8dd0-4d03-bcb2-4c97900d6d39
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjY1ODg3ODg1NjA1NTgzNjI2
x-proxy-origin: 138.199.38.134; 138.199.38.134; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 31D7 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=221283946&pi=t.aa~a.3830842726~i.33~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2326&idt=-M&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280&nras=3&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=z2Xt7n5OtL&p=https%3A//vloghealth.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 03:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 31D7 2 KB
892 B 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 31D7 23 KB
9 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 31D7 3 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 31D7 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 31D7 0
0 16ms
14ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRnpZSCIgjxOYdyeNhJBZ4ATRm2tO6xoWGkjk3v5W4_bEwN-M7OL-08luFcPAc2cSnG0B_V2wcCRloKvCX1f2J2j9oBA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=221283946&pi=t.aa~a.3830842726~i.33~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2326&idt=-M&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280&nras=3&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1204&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=3&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=z2Xt7n5OtL&p=https%3A//vloghealth.info&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31D7 180 KB
56 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame 31D7 35 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A71 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7757209537024&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A71 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7757209537024&version=m202307240101&ct=76&x=1&cor=17549273218372598000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7A71 104 KB
40 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd2nRSdQnjy1Q6WdmiA9P54tqRExz6FuOCNJkn-O8wMUt4btX7ipxetYqr_HrYLVW2nndpeic9T_ebcns0EMTrHvD2PRT6XdSN6G_1KFm641R4qD8-Hiwb4-U3BFJfp20cIUX_RunW15jYsRXWgnrJ61Z5IJTtLknRSLU13B4DyY9L5zU&dbm_d=AKAmf-D6HkmgWtjMphBYMHazO8dsS4hT4sARCrArOcBdxp9r6ytZm_iZML37Rkr4FVRfBv8rtkv6CQlu90aZEc2iE8HIzG2dNc-DDAzKXAX_01Mp_CKbBCHInr345YGcLOTQZpzEn5vhrJ3PurMohm--ltbLlAqfhqSB9kGwX-XmcqxVGEB2yDrQQJjZKcR_OXrnokaQ6KGZ63EjXF1rUb7D21SejhmdvbEjlW5BEIVnFEBNxmvt1KS8Y3ZN_NE4AIpb4M_wAoHBIX5R1PTMn-B8stSC_JS34QEuK8nYIgm6jYBl-CSL3NDVsAUNCv2MPYY8Z8cHlKJghRwkEQF0dOOd5HXEkD2B8xjRH4e8Snsx4vMkmfE4OWfTcQ1ZVFpbjW2Mt_ZcmGaCPo9dDEuQWXZJdPB5Ejvo_LbAxlg_GGm_hM0KmGXT37LOqVPP9gY1ELa-Ptr2e3fdYbK7CWpNSGekKnIUYeCELZufMoKxwhZZ1YVO-evxmpMP6NYjq5ejgfOi2TOARPSpHRQ77H0Y4re-W5DSI93j89Igj65sHiZnwbP_2CnSgF4rMDcbqf5YIzSzqG3MAjoNtcxUMND3MmIR9_ObEcPg9brIvy57rrCt7Lh2EWgNUp5w_owtAxA_JQARmzbX0uwYlBWrKpQ9v__R9XpougVes3qZsC5O--4PyZufl2JIY2Lwh4CvlkMN6Jf78KkCcoLXGJYcH-_MYIdYSfA9mU3lLkY4NBWqS5Ioej48EneFlJbr5iSnInnGYR01ukmBZvgAY2A8V5dIZ8R9_Kfj4RODpl-j1OMnCmVLYqnb5aOLV6nHXCTLSomXZFI_oNfJXuhJomvWV6rGxeQcH8M16nhRZxfsk0u07aFKjCrQFGN6aWwe3aTMAHZKGoPKFIT_ObxQH0ziroBoC5pZjVUHbsxAeYWYmWlAXq1BiRPGraCOGF812_6OIuUlGto2ChSQ4ug_v8g-eGB8TyxKhy33MekiRCaLxbPrPtIgB3j1OBXVV1IUdT5pB9BaldITr3srU9B07SPsgjzO_zwLPIafFUM_qGbImosgKh3KFJF1JhzLs1NNlv-vU7V50i01DXDKirRV1TSjkDn__A9puldutZhiOuoYGLC9PszcrIA6DS-0dmBzmQ2GPTkwkKvptjtTxLrCyDXYDyzx3AebnD4s-eLH7EcOYNQUeL3Vfg4X4s7PN5iBR2QEU0uWUK8j2whM9sSK03fDOkW_a2RkBPkX5zwAHiZwDXKCWVUpZ1zNO8okMHN-g6tt1F9JSoQjZ7X1OOddR_okai7RdXtto2dYV6kJi4uNC-yP1kTUfE0N5xT0Zioi4-then4QPNJ-bC0nBqKhBdAqHC_8P6OQJxbuRXREbB__5YRPgB92jlRVZ-sbGWNAlR9j9RaN0k-b_sCwqIj1uMhpJL3eJ-YnlUgG2VMtNy3lfCaN4hAYAYh5YkQ5DMq1xapF44eEVzozcpelSzBCB3VZrqZWt9VclN5CF_dOO2jqDtM4jAz2Upv7bMWs_QHbk6G2QGxox8R5c35wjGHjQ4l5uzyRPMmEpHnwEzTj0om7bDRqyLwACQkTJAWOBBtj8-xkiCLRSdqZVllNHXICNE1yLbD2KfQqToopxo7EqwuFExa2r9Bmv8yATjuGCWEgq9Zzx_Bpj48SPCjbCskLizLHuUgCBBIglbezM76_4Tdb9jet1NnAIfHH5f7Z5mqS4BuTgxdXudNQNzGx-__PPAfFU8xMNkv1tE93vFaznOUfyLMJundgtVcPvUpsGyh4ndDbCnbsCAH66IsZraEmJQ4l1asljmplOujgE2WkBw1hBUzBhetAdidMvLBFvX7vbtRh7p00Ymp0HApEvyedwK1kPwmuLPa5HmmkipMGbCaedGQIY7Itx3b_GxEM84ZVAx9hOOP-M2vzCz_kupb8RfvGku99h6E8LWNIEm6fGhMy8P5fLCIfpccr6X4jLctfg1KNpmSbINEj-oC-MCs2Eb9gNT1fjmA8PrrWBP0SW7FqQYf9_Ts-pDy2oC-gsrjDWw9VcqdPjTPUmwycBQ_Hun8zg07qZYSzJk1sArGQ2clRb8zXYECh8N-NSwb3JMviOB_9l8Tai3ePu05lEn0B9-zhcwsW0TTCGwrGO4OuNCqnrtpi4VvSTTGd11YzGqp9NB0v8buXFclakOwM678HU0KI86AJIsZprmFYNeOqcFmVEAF-OZ7lIy9GJ5CV7WR_XUm3M6z8WYKFfzGKUEp1a5N3GEa10fYqkV6yJo4_lk6vkV52s2JwaOnok1L3Z4RpweU9suDrJWz0Zpjt-jmIdX0Ts2PWqzAMTuNfy8v6SRS4ZfRqjvoXNaOhm9adSbQscbHjxgSbcp7x2gpqs8zCPh7Hy1-uLiGOiCLJNCfAUCq6T6N2iVpd1hDxVvhjyfJNtcC8l1l3U1Xw0Upnfr3dDvHSN2LejLjJzEBcry7IWHnsOZ84vBip_KJWZ2CqrtMiqiYCmAMnz1eMD2NrLsV9YGoAUyaPwJ2OQRHT-6JIiuKRYtIDAA-LgvnyFJuTyMWVGvXR1EKCvibO00oDclanAX49yJBgRXkcwjAFzg5PXLvhauli8M0yEPmEamWWmYQzsgS2Hxtt3dzWaju9PFSaISwoxYK1GEUNDxQTI8UR0DQLozgIswOGqbFp7_S9gmFZgxO1ENKCa-UqimX6C9tIIDge2IID_FcU2rN013vxrWZGLSM12Eu1xV84AWkdaJOhCP2Wpzw2Byq0m1OORIcD9iRFa1tigHLNIuSs_ut2_WO1Jhd7hxNW8YBJWETGAx0xfrobLuV-VcXJRQP2GgGFivMAaw3RsZAfWaEE45LgN26EgUhTxZWYbU9RzF10E1q3qLBNEmeRrp7vUxcsHncQfL3qZpPre33DUtev49haFxlHzJkx11xvUrRjcgW0Ijpcidy1nwTPEIZ3InfCT-RvlDjrkDmg5UiGoOTSwa1F-1ed9kk9eJkFwBlm6GB88rgL_XXLP9YsRJwMNk51QmgXPVgCDhIJg5yn2wnrB_CrBpsF3CxJsXQCyko0cc2gZTXSA5fXjm8nrjJBpdITbl4QjzbjH6BIM1JW5cp8oY2ryFh3jJ185HlmWzF2mte-qSOLI6lua5o7YGe271RTa5_3wwnUtXOtfIt0rdUO2mqCBK7bgctnV94WddvKcWwZO0N2PQw_aDxdnroGdfxBOF_Ec7lVTnw3uB3yd26xXN5Q0BRFRDo7VxomM1HJoxTRD1-luAt2DlJEviM_B0Ri6x9o7bSnRbMpAjWcn-9R8_9_EYGjOwBlO_6tC_-LgjaJLFR0Om9-82texz9CBd2P2me1b6kkFmLifioMW70yCsnt7dy4pmkoDamwm7xha1SISZDa09jso26rlMf1EHMM03V_2VsK66Ci0_yufxSh4QDetszXWJ62bi25SxJYBdzRG0NE55z1dU7_cVSOKcrnZJa7UQ8pqtypPOIA-HzgQBV_pVIEvxxJlFQumVv57qyHn4xpzvDLPzWtv2x0YpOLjZQ5HZwtr4nYhguhMwPi1vg-BrWK8kcC3exmbzsqsmsHBLAV7ppeLomkjBSg6NYO7lASRvl1ovM-njhyHwDUWjdhnrQOuKhr2BVLcjGRqO3HqjynQT85MGibbgmykQ5jqRR2XCSW6tkTy0ahsMcjq0RWTzHflEj3uiB7-mTTEGXeOleSyg6dQHlGww-JCuJ7v49vG58rK8iauurR2nICcljkk9sSxnH4n3QJ0GqjMEU5-XE&cid=CAQSPABpAlJWQaLY_ayJjkvMnFHJ6Rm7BUndpnlm58mlFrkSrXoVw0m_czzbRhZ4RQBsO5l0I9KCvpFc01du5RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fvloghealth.info%2F&ds=l&xdt=1&iif=1&cor=17549273218372598000&adk=1726166460&idt=36&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a6d48f5bbbcb88191b3e8684e79930c39b4fff0cdf07ebd29ae769a0e73c15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40759
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15925919271109001216/ Frame BA15 4 KB
987 B 29ms
14ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd143efb472626b2e41c425cf3033dd0bf803b7661e58b24c238de8ce82a93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 959
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Mon, 19 Aug 2024 03:53:30 GMT
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A24F 0
0 80ms
52ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3ioCFgaXVq5Vv-TaldT_Q0TWic0RGoy7rP3JJFnfK5cbPRNqU9EbE9LwEHkfuUoVDi8oR_79lre_bJ1l0MgjYnTxeaY1UPdy3m4k7An93qCqHDZ1TKa6gwQqzjow6wVmCI7ealFit-IFnWFXezRzzONmotXbz9862VuhVCrfNVfiD3NHBPpu3iW7AAQpjlyizdrIpJt22s6MV-_dRMQtyHsD04FnRUL2x4fCxx-fc6igMOKf9ZSPzIhIHPpgrrf7eFMpZhfUUo33OU7B_2ART55m0OzSzFgcvuB0avf_PIlnDYDDWu15kjX-pNEHHVFj7wdphtJqWOTwJrTHYI9wf0te7VOX-oVqRHts2GRNKMuIBwe_Vz__I8WPSyPj_0XXYkIQdN9m9u_Jr1YtTUt0EvoEBVmqVfVTj3TjuIVmChJf0OgYMJXtdEGTI2-HJj3-VTmKIhIyZsWS8c7D5v5Apg87E3mVJcMYJgYIRXIlVA7iL_L5cj9iNv_oqW1kdZWdAtQ8MZIoKKgZ1rQFOUIQKuytw9r8GayEDv37z0MSvbt9W2kl9Cs_fhE0Fo98bW7jQ2Az_aww_W1rwpLd4fpV3tFH00l61s-V1aKDioy_a5ecQxE10kMZoEU_6pfmNiIW6WpIY_znJ4d0NIUQ84fKoSfca8hHcWta5RYQY7uz7GsaHYDlK3Zgqy36-YuPYBIPL7LntMDwLKghe7_6oVwHY9KXJAlE8neqYRU9ggs72tRrGO1eYwTDoWEHYp8tYQjaeEXE1JduqE5SQiuSG5H8fOrUehdx4oRthYkSgbO1lIx8-f0xNc7dPDIgtCbZzGoL2iiwRxCeBFfq2MX6QzL4r9i3kljjK00q1B001yAvak_cNxO4H_C6XR4BJNk339fzBekZmCMGj3s4jN3PQYRWunKWMqbnF0adOZTk4tBvkjKtcoNSKRTs-EACqIVRJyaCMeF2HLZR3VWVQa8oStsTqEnDjWX79pWxGH_8l3VmR-TzzJsP46z-Y2i8flKizTu0c3FtWR9J_OgpbEsYaAk0uLVEpfoKnGQ6qugOE-E_PO19w75jqCVf9V5epkCfv4jIs_tmz-SGP29l6ETADiJsHGmKshj6V3CIOQVb-IruvCn6FxQ2nNZdTrUbPoNoydybEdzWewe4Atk6keJpDaxAMySyLoI6KLD-hZBOuVKl70Tnt9SaoL6cHJyFoOo14p0Z6feywdvXTB-3_LDnN3_3-7Ah_v7PsuSQ6fELAku5J9MZyRybmIj1fJyvghGtsUTxyK7G7Og&sai=AMfl-YThqMu2iKhhLRPGuvIyYxh0aumaQdtDemhFeSwV4iJpUAL6_5DYRuVC9iLk5DZ3rPAFe2enb76eOLwLky7CLOXF3OF_oSHeNbk2JgpGz55mFn3J6S-DwoXu-vLRaAr0YolS5YIFTFaXVs-qt1e-JtQdiEAu27fVKFNKrvRonZW7pz4cmgI&sig=Cg0ArKJSzIXhgAch42lkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&cbvp=1&cstd=211&cisv=r20230816.07162&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H2 200 data=lNK4EAQaeg6_dHv36YoGHLSvVuYMB0k6_83nCig3FVOacsL5T5eGXN7Jwo4nxS8Aepyi_2s3sk_OhncivSgJHw
mts0.google.com/vt/ Frame 31D7 37 KB
37 KB 151ms
85ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=lNK4EAQaeg6_dHv36YoGHLSvVuYMB0k6_83nCig3FVOacsL5T5eGXN7Jwo4nxS8Aepyi_2s3sk_OhncivSgJHw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

fd1a68e37f3af17c579ca07a30114cfd64fb4b42ac05f73fc51e368397192a0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=75
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37664
x-xss-protection: 0
x-server-version-bin: CggIBBDwoPemBg==
server: scaffolding on HTTPServer2
etag: 04533ad5c13586f41
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
expires: Sun, 20 Aug 2023 04:53:30 GMT

GET
DATA 200
OK truncated
/ Frame 31D7 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 31D7 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 31D7 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 31D7 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15925919271109001216/ Frame DFE1 4 KB
987 B 16ms
16ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd143efb472626b2e41c425cf3033dd0bf803b7661e58b24c238de8ce82a93f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 959
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:30 GMT
expires: Mon, 19 Aug 2024 03:53:30 GMT
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3BC5 0
0 59ms
54ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLziJLc2FRxDLk39bmrk23eDxMS4-IhVtQ-Ji3NNaXMigk6RGVSAFZbVjLb3QSaZoZuz2_fA2Gp_VyhwYjF-TVENMFIoQOjjsL_bUj6Fa12kY51bXPJEI8CRyYxx8-aFdtvge_eWQzdq4Mgm4PXWGVc5K4U4agMI-wqgJi_tnG06h9Us9NjuzTRKOjvWyEQEaKIJHcPbBnIRluy2z-DPk1vKwvSb_ZH3fpIRGLAJz0RyIlqEk-l6Kxy6NIjfxpFmtiTkZgea7dleejDQ0U3C61PE2-W_khmtSA-EKYahsoEThQk9D8lgidAu7VEO8xw8E8FZ5CTfggqzisy28_hrYH4_G8LBri1nZZRllWkoGwALxKcoWgUawkR7aIA5UqVLmcukTNI9-HDEO7ooJnqsz7RPguEKCr8yBOB6rnAB4XLhtQJfnfabKiimOABE19RCNlIWGYrR9YvgXKUj53bCI0ULbTdUUaugyWk6l6F0QAjLj40iDkBCZe_FyiId99ezIETWrQLqyU4wG3msFkS7oAT8rgkbIeEcoJLMjESDb6tLdp24k99mPxr-Fscc4UQcM6zZjfL94SS433YqJerjQbK7-5vaOAVN2KlSW1ueGcQs0-9mMAWBbRzkSec4l0--yIReMF-LlK8689lf_iepJ6VFUzk3wnvw7SqKcB_ALoOIdM4LL0njfnaYs-HGk0Ib7xTJpRd6M2A9C6RU8xea2s5UjQ7Nkhi87L0_YPI5LW3b4VZzZ8hWLb2UbEOvi9EML2M7ZkgT3vDEjocQITYIkG7pUdoYMfx_pcaZY8mZWZVhC9N7iePwXSJzcJAyuqVYjrdjL_cvZ5SbW8irCGQV5LU_e5IH1k8DIgLPpd5uMXIvtHEqOeDKFSwJLsCmal8SEh2_ApHO4gNu-DDUePWzoAnYIATgZbDww6R0cxVwehPfDDiwZzHJokqWSOy8FjGdGQwcWS30F-2ab9rGmzHIUipzbOTYNzRzJgQNvz7qutS5ZEeM8mmgMBir_pQEUmdjWswX28x2bpug91arDN_AR-2YjkQkLCi3iS9M5ItyeA2osKKEX3TYRMnIJKkRCD_uE6EJfWvxyOFoD1jltEWYzrJztB05SIE3zzDNq9WMl03URk_IPnH3MwOYfiZVQI70Ay0jWrOLrcJZuwUax1RdiqzbmAqGa2gHpF8GFDwsrLCCWXY-66iJLS0QIQmerslUW6NBR5z3xeBYrDM_dqP2Tq5no8SuN-EFMDlyIjx7vJU7AG3-9GUxTcXn3__RIdf_UsQ5KqPg&sai=AMfl-YQRbDlPEkXEKRxucZzH9KaXrgdQKMbrXiqTY2b74qiCjcMqXfk9ZY4qqlalS5SgSb8Sgd60evu3GBvp3s8xtwe5NT4ibK8ALzoMpnNOkkfHJofIEYYKxbAbnIEbRVauN04PrhjvDFZ5Rm_BFoZDELX2Il3_MCYMJRnfPpM4Be6obMTUWtU&sig=Cg0ArKJSzAxe1c8qkxQAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=193&cisv=r20230816.89016&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B5A0 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 436B 0
45 B 481ms
211ms Ping
image/gif 2800:3f0:4003:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lliwy7s6&c=2684338896752&slotId=1342169448376&qqid=CJKPkqOr6oADFXrBOwIdZAUKkg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4003:c01::78 Santiago, Chile, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 436B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 436B
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

62ms
6ms

Fetch
video/mp4

2a00:1450:401e:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/58D95FE15A898A4ED11736DE4A47299507B20EE3.394182088C5200FEB5C03CF2096EDF47AF8EA364/key/cms1/cms_redirect/yes/mh/C5/mip/2a02:6ea0:c71b:0:1011:cb94:c9b0:818e/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1692503117/mv/u/mvi/2/pl/48/file/file.mp4

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

HTTP/1.1

Server

2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:30 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
Last-Modified: Wed, 05 Jul 2023 13:14:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 20 Aug 2023 03:53:30 GMT

Redirect headers

date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/58D95FE15A898A4ED11736DE4A47299507B20EE3.394182088C5200FEB5C03CF2096EDF47AF8EA364/key/cms1/cms_redirect/yes/mh/C5/mip/2a02:6ea0:c71b:0:1011:cb94:c9b0:818e/mm/42/mn/sn-4g5ednsr/ms/onc/mt/1692503117/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame AF43
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=COZS4OI7hZJWTOvqC78EP5IqokAmIqLWictLb8fnWEZH3x_eDAhABILfLliNglQKgAdWU_scDyAEJqQI9mh0vtj2yPqgDAcgDy4SAgASqBLcCT9AxM47BUwrOcwirfZpYZo_0SWfrE_EeO2K...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213529935382722177220%22,%22debug_reporting%22:true,%22destination%22:%22https://stepstone.de%22,%22event_report_window%22:...

0
0

42ms
41ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213529935382722177220%22,%22debug_reporting%22:true,%22destination%22:%22https://stepstone.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22956271189%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22479249478669481153%22}&andc=true

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13529935382722177220","debug_reporting":true,"destination":"https://stepstone.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956271189"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"479249478669481153"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13529935382722177220","debug_reporting":true,"destination":"https://stepstone.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["956271189"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"479249478669481153"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame C8DC 14 KB
1 KB 20ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 02:09:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C8DC 2 KB
892 B 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame C8DC 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C8DC 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C8DC 20 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 13:28:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C8DC 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdXYI52wKrnIuNnX6Fb2NvKTpMHbOmk0EQr9s4VI0lSbtgdY9_2995GNHIeyGC4hGRo6lK22cCLTzYFkeg7kU3SYr3iQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C8DC 180 KB
56 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame C8DC 35 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358572
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/15925919271109001216/css/ Frame BA15 16 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26f776ca399eda2533efb3f9a1ca37202720955134c1ad219e5b175d4cd066e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2202
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:24:36 GMT

GET
H3 200 script.min.js Show response
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame BA15 2 KB
687 B 13ms
12ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/js/script.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 658
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 00:20:54 GMT

GET
H3 200 global.min.js Show response
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame BA15 6 KB
2 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/js/global.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 11:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 11:03:31 GMT

GET
H3 200 main.min.js Show response
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame BA15 5 KB
858 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/js/main.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4843f0ad8f0ec9243501986b7edce08d88daf5cb2512dd2843a5ccfa68b1a79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 20:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 829
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 20:46:25 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BA15 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=r1d0FkPa9G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 09:29:05 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6A94 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 122265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 styles.min.css
s0.2mdn.net/sadbundle/15925919271109001216/css/ Frame DFE1 16 KB
2 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a26f776ca399eda2533efb3f9a1ca37202720955134c1ad219e5b175d4cd066e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23334
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2202
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 21:24:36 GMT

GET
H3 200 script.min.js Show response
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame DFE1 2 KB
687 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/js/script.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 658
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 15 Aug 2024 00:20:54 GMT

GET
H3 200 global.min.js Show response
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame DFE1 6 KB
2 KB 7ms
6ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/js/global.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 11:03:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2173
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 11:03:31 GMT

GET
H3 200 main.min.js Show response
s0.2mdn.net/sadbundle/15925919271109001216/js/ Frame DFE1 5 KB
858 B 7ms
6ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/js/main.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4843f0ad8f0ec9243501986b7edce08d88daf5cb2512dd2843a5ccfa68b1a79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 20:46:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457625
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 829
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Aug 2024 20:46:25 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame DFE1 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/index.html?e=69&leftOffset=0&topOffset=0&c=7u3XgajoqN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 09:29:05 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 92A8 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 122265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634098/ Frame 7A71 250 KB
75 KB 127ms
32ms Script
application/javascript 52.51.98.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634098/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-8006139540891350&ias_chanId=1&ias_placementId=20338656462&bidurl=https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gdJaZNp3h_Z-uG_X75LeHd
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.98.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-98-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1492cd6da83bda39b8f677393d2868bc18d8bf1d17ac6c36de70861c5b2ac3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7A71 111 KB
39 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 18:51:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 7A71 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cd2nRSdQnjy1Q6WdmiA9P54tqRExz6FuOCNJkn-O8wMUt4btX7ipxetYqr_HrYLVW2nndpeic9T_ebcns0EMTrHvD2PRT6XdSN6G_1KFm641R4qD8-Hiwb4-U3BFJfp20cIUX_RunW15jYsRXWgnrJ61Z5IJTtLknRSLU13B4DyY9L5zU&dbm_d=AKAmf-D6HkmgWtjMphBYMHazO8dsS4hT4sARCrArOcBdxp9r6ytZm_iZML37Rkr4FVRfBv8rtkv6CQlu90aZEc2iE8HIzG2dNc-DDAzKXAX_01Mp_CKbBCHInr345YGcLOTQZpzEn5vhrJ3PurMohm--ltbLlAqfhqSB9kGwX-XmcqxVGEB2yDrQQJjZKcR_OXrnokaQ6KGZ63EjXF1rUb7D21SejhmdvbEjlW5BEIVnFEBNxmvt1KS8Y3ZN_NE4AIpb4M_wAoHBIX5R1PTMn-B8stSC_JS34QEuK8nYIgm6jYBl-CSL3NDVsAUNCv2MPYY8Z8cHlKJghRwkEQF0dOOd5HXEkD2B8xjRH4e8Snsx4vMkmfE4OWfTcQ1ZVFpbjW2Mt_ZcmGaCPo9dDEuQWXZJdPB5Ejvo_LbAxlg_GGm_hM0KmGXT37LOqVPP9gY1ELa-Ptr2e3fdYbK7CWpNSGekKnIUYeCELZufMoKxwhZZ1YVO-evxmpMP6NYjq5ejgfOi2TOARPSpHRQ77H0Y4re-W5DSI93j89Igj65sHiZnwbP_2CnSgF4rMDcbqf5YIzSzqG3MAjoNtcxUMND3MmIR9_ObEcPg9brIvy57rrCt7Lh2EWgNUp5w_owtAxA_JQARmzbX0uwYlBWrKpQ9v__R9XpougVes3qZsC5O--4PyZufl2JIY2Lwh4CvlkMN6Jf78KkCcoLXGJYcH-_MYIdYSfA9mU3lLkY4NBWqS5Ioej48EneFlJbr5iSnInnGYR01ukmBZvgAY2A8V5dIZ8R9_Kfj4RODpl-j1OMnCmVLYqnb5aOLV6nHXCTLSomXZFI_oNfJXuhJomvWV6rGxeQcH8M16nhRZxfsk0u07aFKjCrQFGN6aWwe3aTMAHZKGoPKFIT_ObxQH0ziroBoC5pZjVUHbsxAeYWYmWlAXq1BiRPGraCOGF812_6OIuUlGto2ChSQ4ug_v8g-eGB8TyxKhy33MekiRCaLxbPrPtIgB3j1OBXVV1IUdT5pB9BaldITr3srU9B07SPsgjzO_zwLPIafFUM_qGbImosgKh3KFJF1JhzLs1NNlv-vU7V50i01DXDKirRV1TSjkDn__A9puldutZhiOuoYGLC9PszcrIA6DS-0dmBzmQ2GPTkwkKvptjtTxLrCyDXYDyzx3AebnD4s-eLH7EcOYNQUeL3Vfg4X4s7PN5iBR2QEU0uWUK8j2whM9sSK03fDOkW_a2RkBPkX5zwAHiZwDXKCWVUpZ1zNO8okMHN-g6tt1F9JSoQjZ7X1OOddR_okai7RdXtto2dYV6kJi4uNC-yP1kTUfE0N5xT0Zioi4-then4QPNJ-bC0nBqKhBdAqHC_8P6OQJxbuRXREbB__5YRPgB92jlRVZ-sbGWNAlR9j9RaN0k-b_sCwqIj1uMhpJL3eJ-YnlUgG2VMtNy3lfCaN4hAYAYh5YkQ5DMq1xapF44eEVzozcpelSzBCB3VZrqZWt9VclN5CF_dOO2jqDtM4jAz2Upv7bMWs_QHbk6G2QGxox8R5c35wjGHjQ4l5uzyRPMmEpHnwEzTj0om7bDRqyLwACQkTJAWOBBtj8-xkiCLRSdqZVllNHXICNE1yLbD2KfQqToopxo7EqwuFExa2r9Bmv8yATjuGCWEgq9Zzx_Bpj48SPCjbCskLizLHuUgCBBIglbezM76_4Tdb9jet1NnAIfHH5f7Z5mqS4BuTgxdXudNQNzGx-__PPAfFU8xMNkv1tE93vFaznOUfyLMJundgtVcPvUpsGyh4ndDbCnbsCAH66IsZraEmJQ4l1asljmplOujgE2WkBw1hBUzBhetAdidMvLBFvX7vbtRh7p00Ymp0HApEvyedwK1kPwmuLPa5HmmkipMGbCaedGQIY7Itx3b_GxEM84ZVAx9hOOP-M2vzCz_kupb8RfvGku99h6E8LWNIEm6fGhMy8P5fLCIfpccr6X4jLctfg1KNpmSbINEj-oC-MCs2Eb9gNT1fjmA8PrrWBP0SW7FqQYf9_Ts-pDy2oC-gsrjDWw9VcqdPjTPUmwycBQ_Hun8zg07qZYSzJk1sArGQ2clRb8zXYECh8N-NSwb3JMviOB_9l8Tai3ePu05lEn0B9-zhcwsW0TTCGwrGO4OuNCqnrtpi4VvSTTGd11YzGqp9NB0v8buXFclakOwM678HU0KI86AJIsZprmFYNeOqcFmVEAF-OZ7lIy9GJ5CV7WR_XUm3M6z8WYKFfzGKUEp1a5N3GEa10fYqkV6yJo4_lk6vkV52s2JwaOnok1L3Z4RpweU9suDrJWz0Zpjt-jmIdX0Ts2PWqzAMTuNfy8v6SRS4ZfRqjvoXNaOhm9adSbQscbHjxgSbcp7x2gpqs8zCPh7Hy1-uLiGOiCLJNCfAUCq6T6N2iVpd1hDxVvhjyfJNtcC8l1l3U1Xw0Upnfr3dDvHSN2LejLjJzEBcry7IWHnsOZ84vBip_KJWZ2CqrtMiqiYCmAMnz1eMD2NrLsV9YGoAUyaPwJ2OQRHT-6JIiuKRYtIDAA-LgvnyFJuTyMWVGvXR1EKCvibO00oDclanAX49yJBgRXkcwjAFzg5PXLvhauli8M0yEPmEamWWmYQzsgS2Hxtt3dzWaju9PFSaISwoxYK1GEUNDxQTI8UR0DQLozgIswOGqbFp7_S9gmFZgxO1ENKCa-UqimX6C9tIIDge2IID_FcU2rN013vxrWZGLSM12Eu1xV84AWkdaJOhCP2Wpzw2Byq0m1OORIcD9iRFa1tigHLNIuSs_ut2_WO1Jhd7hxNW8YBJWETGAx0xfrobLuV-VcXJRQP2GgGFivMAaw3RsZAfWaEE45LgN26EgUhTxZWYbU9RzF10E1q3qLBNEmeRrp7vUxcsHncQfL3qZpPre33DUtev49haFxlHzJkx11xvUrRjcgW0Ijpcidy1nwTPEIZ3InfCT-RvlDjrkDmg5UiGoOTSwa1F-1ed9kk9eJkFwBlm6GB88rgL_XXLP9YsRJwMNk51QmgXPVgCDhIJg5yn2wnrB_CrBpsF3CxJsXQCyko0cc2gZTXSA5fXjm8nrjJBpdITbl4QjzbjH6BIM1JW5cp8oY2ryFh3jJ185HlmWzF2mte-qSOLI6lua5o7YGe271RTa5_3wwnUtXOtfIt0rdUO2mqCBK7bgctnV94WddvKcWwZO0N2PQw_aDxdnroGdfxBOF_Ec7lVTnw3uB3yd26xXN5Q0BRFRDo7VxomM1HJoxTRD1-luAt2DlJEviM_B0Ri6x9o7bSnRbMpAjWcn-9R8_9_EYGjOwBlO_6tC_-LgjaJLFR0Om9-82texz9CBd2P2me1b6kkFmLifioMW70yCsnt7dy4pmkoDamwm7xha1SISZDa09jso26rlMf1EHMM03V_2VsK66Ci0_yufxSh4QDetszXWJ62bi25SxJYBdzRG0NE55z1dU7_cVSOKcrnZJa7UQ8pqtypPOIA-HzgQBV_pVIEvxxJlFQumVv57qyHn4xpzvDLPzWtv2x0YpOLjZQ5HZwtr4nYhguhMwPi1vg-BrWK8kcC3exmbzsqsmsHBLAV7ppeLomkjBSg6NYO7lASRvl1ovM-njhyHwDUWjdhnrQOuKhr2BVLcjGRqO3HqjynQT85MGibbgmykQ5jqRR2XCSW6tkTy0ahsMcjq0RWTzHflEj3uiB7-mTTEGXeOleSyg6dQHlGww-JCuJ7v49vG58rK8iauurR2nICcljkk9sSxnH4n3QJ0GqjMEU5-XE&cid=CAQSPABpAlJWQaLY_ayJjkvMnFHJ6Rm7BUndpnlm58mlFrkSrXoVw0m_czzbRhZ4RQBsO5l0I9KCvpFc01du5RgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fvloghealth.info%2F&ds=l&xdt=1&iif=1&cor=17549273218372598000&adk=1726166460&idt=36&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 01:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Sep 2023 01:17:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 7A71 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48519
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Sep 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A71 41 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Aug 2024 03:22:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3671 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7A71 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7ce70cf816cfb1e9c221d2cccc81b961cca6dd63f2628d3f3779ed1745b103b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8F53 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70636
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 03:53:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame EF91 6 KB
706 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 20 Aug 2023 03:53:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 20 Aug 2023 02:33:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 20 Aug 2023 03:53:30 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12699650682045246823/ Frame C8DC 15 KB
15 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12699650682045246823/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec8bcea52c02ff3bad9522c60afbd61e122c3359e3368720cda2b8cb45e9faaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:33:36 GMT
x-content-type-options: nosniff
age: 47994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15575
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 14:17:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 18 Aug 2024 14:33:36 GMT

GET
DATA 200
OK truncated
/ Frame C8DC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C8DC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 12300746433394990337
tpc.googlesyndication.com/simgad/ Frame EF91 85 KB
85 KB 8ms
7ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12300746433394990337

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6bf5677549ee0c35f3023d329458d72a163be55c6be119208abe5c1befa8b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:10:20 GMT
x-content-type-options: nosniff
age: 416590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87011
x-xss-protection: 0
last-modified: Thu, 27 Apr 2023 09:56:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 08:10:20 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EF91 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
DATA 200
OK truncated
/ Frame 31D7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f40a0622047c8c9e092c6ae8ac08706f56a0e5aa478b8033e155941706aa4bed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B5A0
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPeM3xtVsNqf1teTSaIx1H4&google_cver=1&google_push=AXcoOmRb6PZK_hr_BvpyoFlXZgdAekudUwn9s4dHoWwTqQe2ioAWiqGLX9wMBbjkDoiLc3gj207lElcI9D5eAN-fxlE25P48z9d_3Bw
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzUyMTM3MzgzNjY4MDk1NjgwMg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqGwAKo2wPVLr3Rh7zXUCo&google_cver=1

43 B
398 B

56ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqGwAKo2wPVLr3Rh7zXUCo&google_cver=1
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEqGwAKo2wPVLr3Rh7zXUCo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A0
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECkeGeiZA1NIb0hrcKo4HT4&google_push=AXcoOmTIMXhFwNKSLjBEVGa_7eMbtXayu0JoOEqNwqxG-r5qAjpRyhMFTC...

170 B
188 B

19ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECkeGeiZA1NIb0hrcKo4HT4&google_push=AXcoOmTIMXhFwNKSLjBEVGa_7eMbtXayu0JoOEqNwqxG-r5qAjpRyhMFTCSwKnuoy4Y4kGuzn1dpiy5HVvDCG_eVvLg9_v8pbQz6288

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220048-FRA
pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1692503611.755216,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECkeGeiZA1NIb0hrcKo4HT4&google_push=AXcoOmTIMXhFwNKSLjBEVGa_7eMbtXayu0JoOEqNwqxG-r5qAjpRyhMFTCSwKnuoy4Y4kGuzn1dpiy5HVvDCG_eVvLg9_v8pbQz6288
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMhwINiRdEREZN4Q-wC-yKo&google_cver=1&google_push=AXcoOmRNxfm0hE4_YOD2GxdnQ1nXRUncPbS1zTrxcPrfO6Kg2e4SZGadE4fO-d_psGcG9wE0PswBcx_V26QFSZEBYWwtebt5i6b8s10
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmRNxfm0hE4_YOD2GxdnQ1nXRUncPbS1zTrxcPrfO6Kg2e4SZGadE4fO-d_psGcG9wE0PswBcx_V26QFSZE...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmRNxfm0hE4_YOD2GxdnQ1nXRUncPbS1zTrxcPrfO6Kg2e4SZGadE4fO-d_psGcG9wE0PswBcx_V26QFSZEBYWwtebt5i6b8s10

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 20 Aug 2023 03:53:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmRNxfm0hE4_YOD2GxdnQ1nXRUncPbS1zTrxcPrfO6Kg2e4SZGadE4fO-d_psGcG9wE0PswBcx_V26QFSZEBYWwtebt5i6b8s10
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 19 Aug 2023 03:53:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A0
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEJNDNm78RnCRmhrDlSzePWA&google_cver=1&google_push=AXcoOmSqYDURAZy-fRdAsDOHYg9wLoZGA374AUVyNGsFABsbbC4WIwx-Oi0yDw-juTG7AmzhZQGM3_5...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEJNDNm78RnCRmhrDlSzePWA&google_cver=1&google_push=AXcoOmSqYDURAZy-fRdAsDOHYg9wLoZGA374AUVyNGsFABsbbC4WIwx-Oi0yDw-juTG7A...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=fNswnIxFQbSsWQOAdthYJ2Thjjo

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=fNswnIxFQbSsWQOAdthYJ2Thjjo

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=fNswnIxFQbSsWQOAdthYJ2Thjjo
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A0
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELs82mAEPLUxwFhUXJVMskw&google_cver=1&google_push=AXcoOmTNZNogYYn5DU-9EBxjqUHfzzz2xkD_a-QBqeiIbtBcgr8QFzFeqkwEOj3iADcDX7J9C4iLtiXSnSu...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNZNogYYn5DU-9EBxjqUHfzzz2xkD_a-QBqeiIbtBcgr8QFzFeqkwEOj3iADcDX7J9C4iLtiXSnSuiVopKkRi17r7gPMJ3IvU&google_hm=Y3mnESRyTQuX2IlrG...

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNZNogYYn5DU-9EBxjqUHfzzz2xkD_a-QBqeiIbtBcgr8QFzFeqkwEOj3iADcDX7J9C4iLtiXSnSuiVopKkRi17r7gPMJ3IvU&google_hm=Y3mnESRyTQuX2IlrGXRg8oY

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNZNogYYn5DU-9EBxjqUHfzzz2xkD_a-QBqeiIbtBcgr8QFzFeqkwEOj3iADcDX7J9C4iLtiXSnSuiVopKkRi17r7gPMJ3IvU&google_hm=Y3mnESRyTQuX2IlrGXRg8oY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMNiOZX4eDV7Xz2xg5NrXuQ&google_cver=1&google_push=AXcoOmRCBNtZT7o3p5SmeKqXvZffyYYiNojucXoToi_hkb3jTL-kH109XaHshIfAbSkMk28WWZiondZMcKihYw...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmRCBNtZT7o3p5SmeKqXvZffyYYiNojucXoToi_hkb3jTL-kH109XaHshIfAbSkMk28WWZiondZMcKihYwcBZn...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmRCBNtZT7o3p5SmeKqXvZffyYYiNojucXoToi_hkb3jTL-kH109XaHshIfAbSkMk28WWZiondZMcKihYwcBZn5QVYIoncmq_Nw

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmRCBNtZT7o3p5SmeKqXvZffyYYiNojucXoToi_hkb3jTL-kH109XaHshIfAbSkMk28WWZiondZMcKihYwcBZn5QVYIoncmq_Nw
Date: Sun, 20 Aug 2023 03:53:30 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B5A0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEK1bO7e62pUUozbfLOFg7IM&google_cver=1&google_push=AXcoOmRmHdNwOEtjqmomsk6sn_rhR1RtZ7PT84OYfgrFcxmqrzDBdm1iKagOlnQtYjYOzGvtwGSwSJQW7x_6f90pXcBE0X_...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmHdNwOEtjqmomsk6sn_rhR1RtZ7PT84OYfgrFcxmqrzDBdm1iKagOlnQtYjYOzGvtwGSwSJQW7x_6f90pXcBE0X_SM6J4ow&google_hm=eS0zRFZBNTdKRTJwRV9Z...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmHdNwOEtjqmomsk6sn_rhR1RtZ7PT84OYfgrFcxmqrzDBdm1iKagOlnQtYjYOzGvtwGSwSJQW7x_6f90pXcBE0X_SM6J4ow&google_hm=eS0zRFZBNTdKRTJwRV9ZaC5BTElYVW9kVU11Q2ExRmFybn5B

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 20 Aug 2023 03:53:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRmHdNwOEtjqmomsk6sn_rhR1RtZ7PT84OYfgrFcxmqrzDBdm1iKagOlnQtYjYOzGvtwGSwSJQW7x_6f90pXcBE0X_SM6J4ow&google_hm=eS0zRFZBNTdKRTJwRV9ZaC5BTElYVW9kVU11Q2ExRmFybn5B
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B5A0 0
12 B 15ms
14ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lv1YCEdKX8xIQkH2eLL8YcExRjymfJUwQiRJEqZ3VmHZFiiu18EMrbj68xU7pT8oojPon2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3177 23 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 428283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 04:55:27 GMT
expires: Wed, 14 Aug 2024 04:55:27 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF91 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 279914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 31D7 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 340742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:14:28 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPj0UvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 31D7 8 KB
8 KB 13ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPj0UvaYr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e4a28fcb3cda22808c2e150e6e7255050a2c02fc32c4880ef152ed83278f3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:52:53 GMT
x-content-type-options: nosniff
age: 79237
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8148
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:37:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:52:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REFtVk9Wc2UxUXh6dms1&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cver=1&google_push=AXcoOmRn-UU0hITJ0tI-XXj6S247UyNjTcwYSGIHfx7GuGX...

170 B
188 B

18ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REFtVk9Wc2UxUXh6dms1&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cver=1&google_push=AXcoOmRn-UU0hITJ0tI-XXj6S247UyNjTcwYSGIHfx7GuGX0g1EbtRsHlmvczLy7OxCZ9NhT1Ix0Fhj4cUQ9h4N09kNLCckvNWPKDlg

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 20 Aug 2023 03:53:30 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0f5e39ca57a5c2bae@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=REFtVk9Wc2UxUXh6dms1&google_gid=CAESEJT4vfFet3m7Px_cAskWvMQ&google_cver=1&google_push=AXcoOmRn-UU0hITJ0tI-XXj6S247UyNjTcwYSGIHfx7GuGX0g1EbtRsHlmvczLy7OxCZ9NhT1Ix0Fhj4cUQ9h4N09kNLCckvNWPKDlg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKB7n5Ia6IWQ71H-h5IgBjw&google_cver=1&google_push=AXcoOmQaXOsK8gGRl-JQUEUUYzBoi2UoFW26K8YCgxoJnnd3f-HkyGDLXNd4Gp8O-OG5nWsApv-Um_RRJD_z_AwC...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQaXOsK8gGRl-JQUEUUYzBoi2UoFW26K8YCgxoJnnd3f-HkyGDLXNd4Gp8O-OG5nWsApv-Um_RRJD_z_AwCy_wkIAIb-KzPCZM

170 B
188 B

19ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQaXOsK8gGRl-JQUEUUYzBoi2UoFW26K8YCgxoJnnd3f-HkyGDLXNd4Gp8O-OG5nWsApv-Um_RRJD_z_AwCy_wkIAIb-KzPCZM

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 20 Aug 2023 03:53:30 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x30 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmQaXOsK8gGRl-JQUEUUYzBoi2UoFW26K8YCgxoJnnd3f-HkyGDLXNd4Gp8O-OG5nWsApv-Um_RRJD_z_AwCy_wkIAIb-KzPCZM
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 20 Aug 2023 03:53:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN7BD6Gmew1c51IPqSYjyKc&google_cver=1&google_push=AXcoOmQ394n0JhiLnoJC9ApYPVBx5BaDRcZEQBqN8tO_W1026fmHmx1CFONLrOf-CuK_ovVCPCS81YfrTpJ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ394n0JhiLnoJC9ApYPVBx5BaDRcZEQBqN8tO_W1026fmHmx1CFONLrOf-CuK_ovVCPCS81YfrTpJRSlFYv0ANxVckFUi68bE&google_hm=Y3mnESRyTQuX2IlrG...

170 B
188 B

16ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ394n0JhiLnoJC9ApYPVBx5BaDRcZEQBqN8tO_W1026fmHmx1CFONLrOf-CuK_ovVCPCS81YfrTpJRSlFYv0ANxVckFUi68bE&google_hm=Y3mnESRyTQuX2IlrGXRg8oY

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQ394n0JhiLnoJC9ApYPVBx5BaDRcZEQBqN8tO_W1026fmHmx1CFONLrOf-CuK_ovVCPCS81YfrTpJRSlFYv0ANxVckFUi68bE&google_hm=Y3mnESRyTQuX2IlrGXRg8oY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 3671 43 B
146 B 44ms
7ms Image
image/gif 35.156.89.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELMPgWmiNoNz9QpEYR6BN5M&google_cver=1&google_push=AXcoOmQEF5h8vN8dx5JnB78yM4LqZ4N1KP1_PzF0ZOwFpfsz8L11MKZPDvCxoKJNtdEkRNqG1v8_B7qOhH1298iHGy41IucgqSW_wI4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.89.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-89-101.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEKLV11Hds11iS8E6hPrHq4o&google_cver=1&google_push=AXcoOmQRG3wF3ONBqEVJvBue9WpXB0ENPq2VWIVsBu1C3alVDSj4hu7c6THaHXKNzthyDk3UEwoEntujUrR8wGiDGDnnwTs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRG3wF3ONBqEVJvBue9WpXB0ENPq2VWIVsBu1C3alVDSj4hu7c6THaHXKNzthyDk3UEwoEntujUrR8wGiDGDnnwTsTl1DoJd8&google_hm=eS1hZ1M0OGQ5RTJwRXp...

170 B
188 B

19ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRG3wF3ONBqEVJvBue9WpXB0ENPq2VWIVsBu1C3alVDSj4hu7c6THaHXKNzthyDk3UEwoEntujUrR8wGiDGDnnwTsTl1DoJd8&google_hm=eS1hZ1M0OGQ5RTJwRXpQdDczMW1QajRzQ25RcmczZ25DZX5B

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 20 Aug 2023 03:53:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQRG3wF3ONBqEVJvBue9WpXB0ENPq2VWIVsBu1C3alVDSj4hu7c6THaHXKNzthyDk3UEwoEntujUrR8wGiDGDnnwTsTl1DoJd8&google_hm=eS1hZ1M0OGQ5RTJwRXpQdDczMW1QajRzQ25RcmczZ25DZX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3671 43 B
363 B 66ms
16ms Image
image/gif 178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSOGeHZsaQDT6PgORvxIrzzFLDtbhKMZHdppQqkgP1A6ats9F1CtzT4oyFIkYWMjaRNkp6QjXUm_clPO6b1DqMZxCm9xB_MX7Y&google_gid=CAESEAxBJHV1BaHYBePCDtWMtdI&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 198253
expires: Sun, 20 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3671
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAdO3JBWyFj1kVCkE9VxJjA&google_cver=1&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhatKr...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAdO3JBWyFj1kVCkE9VxJjA&google_cver=1&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWb...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwMDM1Mzg1OTE5NjQ2MTYzNg&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhat...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwMDM1Mzg1OTE5NjQ2MTYzNg&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhatKrA_5JKayOfIVhlvvuPKBjjoI

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjIwMDM1Mzg1OTE5NjQ2MTYzNg&google_push=AXcoOmQRrSxOQxymo0raiSfuM5W7fBBkFDA3PP5CD_EgtEQqk5nhe54f7bs-MCfjuBywLUeldWbhatKrA_5JKayOfIVhlvvuPKBjjoI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3671 0
12 B 17ms
14ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13In94XWS6kWJEfvjHbASJGIgCVxgUcx2Yp1PoWJMu8EoRvw69oTeDdKQ70ZoqwcVla-S8_Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8F53 0
104 B 93ms
22ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECwCPyUzRW1pLtyIAUUConY&google_cver=1&google_push=AXcoOmRFKHO70PgzpAEepz01wwuFwZ3Uwlpu1Av7xvHZo6E4wJUt9e6Olph-cDGUkmW5bPGSnjkeSy9QOrC8Uf93TJmZ6WV0phpKIdo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8F53
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF4xoELF7dU-1_J0yNHiTc4&google_cver=1&google_push=AXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf1...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4xoELF7dU-1_J0yNHiTc4&google_cver=1&google_push=AXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8nt...

43 B
439 B

185ms
175ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4xoELF7dU-1_J0yNHiTc4&google_cver=1&google_push=AXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f97b0913dfc5b26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3583
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF4xoELF7dU-1_J0yNHiTc4&google_cver=1&google_push=AXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQGNCjPl9-HFOZ1k4bD6HrKS29-3ZjUz6YKeH5y-7UWfh2JcQgvQuF7S3qZbRCqmsb7k_kKK4J5VOPAy0BWhsjebS5X8ntf14g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7f97b08fcd435b26-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F53
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEOmpThPKPR3U6xkrpOVfwd0&google_cver=1&google_push=AXcoOmTjwYPdVTRfe6Cj7ZM8vCEK8li1cNU7I8ZpkXdyoL1T58bvxDhJB6fQ1kYru1Knw7VKRkIMoFLiHPLKSF3D5J7nZ5tG7UTY2w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmTjwYPdVTRfe6Cj7ZM8vCEK8li1cNU7I8ZpkXdyoL1T58bvxDhJB6fQ1kYru1Knw7VKRkIMoFLiHPLKSF3...

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmTjwYPdVTRfe6Cj7ZM8vCEK8li1cNU7I8ZpkXdyoL1T58bvxDhJB6fQ1kYru1Knw7VKRkIMoFLiHPLKSF3D5J7nZ5tG7UTY2w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 20 Aug 2023 03:53:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=FC95AC9F2481413482BE4A3F0BB8AB91&google_push=AXcoOmTjwYPdVTRfe6Cj7ZM8vCEK8li1cNU7I8ZpkXdyoL1T58bvxDhJB6fQ1kYru1Knw7VKRkIMoFLiHPLKSF3D5J7nZ5tG7UTY2w
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 19 Aug 2023 03:53:30 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F53
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDTt49KL8uYpAmEYx5l7US8&google_cver=1&google_push=AXcoOmS4VFuaKpG5aPP0JASwB69aOru45rBdFsvMC9kZhbWG51W8UMLwODury7i_A3jho6KRxYO0iSJ44t8...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS4VFuaKpG5aPP0JASwB69aOru45rBdFsvMC9kZhbWG51W8UMLwODury7i_A3jho6KRxYO0iSJ44t8ceIPjlkb57XHT0Qow1f0&google_hm=Y3mnESRyTQuX2IlrG...

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS4VFuaKpG5aPP0JASwB69aOru45rBdFsvMC9kZhbWG51W8UMLwODury7i_A3jho6KRxYO0iSJ44t8ceIPjlkb57XHT0Qow1f0&google_hm=Y3mnESRyTQuX2IlrGXRg8oY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:29 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmS4VFuaKpG5aPP0JASwB69aOru45rBdFsvMC9kZhbWG51W8UMLwODury7i_A3jho6KRxYO0iSJ44t8ceIPjlkb57XHT0Qow1f0&google_hm=Y3mnESRyTQuX2IlrGXRg8oY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F53
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENMMd-beHuFbuBwqvlDMhr4&google_cver=1&google_push=AXcoOmQsdFTvhespRwGoEJNURklj_AgpPQCctDqAGLWudEiLI75ixrOZ8Vq9KxPI3R_uirWZBYvnp0tnEZvogq...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmQsdFTvhespRwGoEJNURklj_AgpPQCctDqAGLWudEiLI75ixrOZ8Vq9KxPI3R_uirWZBYvnp0tnEZvogqGILy...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmQsdFTvhespRwGoEJNURklj_AgpPQCctDqAGLWudEiLI75ixrOZ8Vq9KxPI3R_uirWZBYvnp0tnEZvogqGILyLOJAOb9emxRd4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2OTI0NzY1MzMyMTgzMjU5OQ%3D%3D&google_push=AXcoOmQsdFTvhespRwGoEJNURklj_AgpPQCctDqAGLWudEiLI75ixrOZ8Vq9KxPI3R_uirWZBYvnp0tnEZvogqGILyLOJAOb9emxRd4
Date: Sun, 20 Aug 2023 03:53:30 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F53
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEB2NHkueK2IOt-SGY-IrU_o&google_cver=1&google_push=AXcoOmT_enCCDgwVXuLu0eoRxU2Sm0YDjnwnWtz2ZkaqZdLXOu_iHNv9tMtGg7HlIEcI8IILIU_9aT8uAu8yQDJY...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zdIXHIYhQxqO_mLfIFlAHQ2&google_push=AXcoOmT_enCCDgwVXuLu0eoRxU2Sm0YDjnwnWtz2ZkaqZdLXOu_iHNv9tMtGg7HlIEcI8IILIU_9aT8uAu8yQDJY8iRAPXeNywL4IM8

170 B
188 B

20ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zdIXHIYhQxqO_mLfIFlAHQ2&google_push=AXcoOmT_enCCDgwVXuLu0eoRxU2Sm0YDjnwnWtz2ZkaqZdLXOu_iHNv9tMtGg7HlIEcI8IILIU_9aT8uAu8yQDJY8iRAPXeNywL4IM8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 20 Aug 2023 03:53:30 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zdIXHIYhQxqO_mLfIFlAHQ2&google_push=AXcoOmT_enCCDgwVXuLu0eoRxU2Sm0YDjnwnWtz2ZkaqZdLXOu_iHNv9tMtGg7HlIEcI8IILIU_9aT8uAu8yQDJY8iRAPXeNywL4IM8
x-host: tde-deliveryengine-production-6ffbf575ff-95kjr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F53
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELyV7oRRulmWSWveqORGqCM&google_cver=1&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc21Z...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELyV7oRRulmWSWveqORGqCM&google_cver=1&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_nj...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNjEzMTExNDMxOTIwNjcyMA&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc2...

170 B
188 B

17ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNjEzMTExNDMxOTIwNjcyMA&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc21ZuHKhfjvqZ0jVewlj1HKuPf4

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgwNjEzMTExNDMxOTIwNjcyMA&google_push=AXcoOmSLdLMk4v7B4FzxmQC2h3DNMczpbn0ZdvxYU3auF7WHuAecz3bFBIFtCpV4DvSuNqvj_njoc21ZuHKhfjvqZ0jVewlj1HKuPf4
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8F53 0
12 B 17ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JfO-WyWjgeFRX27rsVccv367F7QQT_L6URdHrVyUTeUkiazyk2qhpEfK0xiq5nlM5oNd38

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A94 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 92A8 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF91 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 60313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 11:08:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EF91 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 14:21:37 GMT
x-content-type-options: nosniff
age: 394313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 14:21:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 31D7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFbAZOY7hZLbwMtH6x_APnLeuoA7rv7akcKXb_JyjEfq0jPG-ARABILfLliNglYKAgJQHoAGXobzOAsgBCakCPZodL7Y9sj6oAwHIA8sEqgTBAk_QjW-yA8-eU0etyXTvMsjgadiqPbML1gq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22598119739979209328%22,%22debug_reporting%22:true,%22destination%22:%22https://jander-buchfuehrung.de%22,%22event_report_wi...

0
0

45ms
43ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22598119739979209328%22,%22debug_reporting%22:true,%22destination%22:%22https://jander-buchfuehrung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22701436055%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213329147250238000145%22}&andc=true

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"598119739979209328","debug_reporting":true,"destination":"https://jander-buchfuehrung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["701436055"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"13329147250238000145"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"598119739979209328","debug_reporting":true,"destination":"https://jander-buchfuehrung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["701436055"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"13329147250238000145"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 7A71
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634098/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-8006139540891350&ias_chanId=1&ias_placementId=20338656462&bidurl=https://vloghealth.info/k...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Oo7hZOPGGpbAx_APqtSYmAU&cbFunctionName=goog_wrapCb_Oo7hZOPGGpbAx_APqtSYmAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

11ms
11ms

Script
application/javascript

2600:9000:26da:f200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Oo7hZOPGGpbAx_APqtSYmAU&cbFunctionName=goog_wrapCb_Oo7hZOPGGpbAx_APqtSYmAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Server: 2600:9000:26da:f200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: R3AxWwopGHaaV3xj068LUxj.lgAg56jC
content-encoding: gzip
via: 1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
date: Tue, 15 Aug 2023 19:01:32 GMT
x-amz-cf-pop: MUC50-P4
age: 377520
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 08 Aug 2023 19:01:30 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 8KA3_1XLw17oqWXsAywHUcweWMa2fTMN0cNkBezw1cfJJvZVeFLSsw==

Redirect headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:30 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Oo7hZOPGGpbAx_APqtSYmAU&cbFunctionName=goog_wrapCb_Oo7hZOPGGpbAx_APqtSYmAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 5C1A 91 KB
92 KB 48ms
12ms Script
application/javascript 2600:9000:26da:f200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:f200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 0cf0bde9f9a6be1798d8b39249b30bc4.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 1926600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: LaywHVgWVg3pfGcf-7VU_skpUXja6hBDWeWgdmord3XSdapffb0kUQ==

GET
H3 206 file.mp4
r2---sn-4g5ednsr.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1724039610/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 436B 2 MB
2 MB 16ms
7ms Media
video/mp4 2a00:1450:401e:28::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:401e:28::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 20 Aug 2023 03:53:30 GMT
date: Sun, 20 Aug 2023 03:53:30 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2208367/2208368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
last-modified: Wed, 05 Jul 2023 13:14:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FBF4 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 122265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10256918388168393334/ Frame 11FC 148 KB
23 KB 11ms
7ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 82615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23597
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 04:56:35 GMT
expires: Sun, 18 Aug 2024 04:56:35 GMT
last-modified: Wed, 09 Feb 2022 10:34:13 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A71 0
0 52ms
52ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9t4HQlfitVyJO59Bf3J4UqD-4eXZyUVAYBgP1fEqOcGS5ukOpaVd9ICW8p8C0tk1o6hq_NzcdLGikTqaJkNddYfvfCCuu83WNyt8PZD7wS6QT66y1zAehjodHgcG8cD5Wq-0zHTqw2WB5VnLNnW0w5J_NmNSp6wwe2o7Hf3omOT2ZuqzEXmAhp8doIRDbMaR3arpF3k3dk7Om5Cx-uY3BEA033bPTZ84FomeJkCz343ApCTnDsLwebB5XbqYf0TdKU2esffeHzWeSFDxa289Ff3oHSsUBFHzDg1smome6vr9p1-RSAbMo_aIpTNLwuYsONgsfZLOgtHdA14pF-UrJT-zelf9x1oYvW1JRxE4J1cGwa3VdSbnNwOKXEP373EsoTbMffDf13K_6W2sfm6v5Q2_BWLQIYNyaHO47ywMo2ZV0kMWqbp1InB22xQNJ5uM725qha_3J87VfXntDREQPKJTyi1azv2Q538Jvvv_NrUw011tkJu5y_u_SkEG-YcxfCMxnNz1gq2rQD4spBPAd8qXGsWNXJE421orhCmSaQP1Amf-ejy1ibVrtpHW1093cM1JGjZoIFLNuGtn0ZOC_sFOrUSIPxeMy48GZv-Pfk9zMMWNU_AJI_WZX8yE6bDl0ie4GxJHu59-xRulCVOokXOmTMXeb_NPPijiSbCZo5OWAg-YTGQ4bGVUvoci5g5z3lhBz9N6e44nYD36biLjyAgAal_rn8LWhON2eOy8Isf2ZfUd6CCmBsAX8OM9ypZC--4MJw6dmfrFE7RAmAE2dqxRTSZmJe5kDDoqal10AMZ097rg3N8ju1DddIritTHnbR2xeUWYJgHg09SNLEmnfItEwqykoQod01rRG6MrG3jiv1HHAppj7bg97TOUMTrrgYLvgJqGzEGQheG8QIK9vHC4BH9RPDPyAf8wleabSck7wpVze7zfC7AdbuhcxsFjPomNQponZ_o3AxvV3E9JTh2ZuGG3ORayfrwy6H4aXQSCa6QUOwUQaiB7vGnI9ArFe_D7XbBRTc8gV2HUIZ6j2IcoQA7kRjbqjWpBzz6RdCe3dJjafD-6-ZcdRuT7uCleO2mRIPD9vi0Kr4Pqq06bq5zcE-_FyDFPUIHMx5I0UK8tKoam0-HSUACT-wqZERAqbEBCAVdE81SSvko317RU9flBTgf2hS0K_f39e0jIUoV4dA0WQY_PwRB6YwsODt2gOUUrylmXHyoWGRJGGCyneboV7kUjWg0PxnTWLLZCtWll5XLDqRz_KByPVXewOys9zO_abP3tp5cNNyURBXOgsyvtRJz4n_QWHKWRhdLNgb0TpJYRMS7kpOhlp_oYfuDf3yz_OHg&sai=AMfl-YR7QhjzQBUqgUXXqhXy06bLXpE4BrlmoTzlALMYj2NT8db42lrzRuihl3MNiptCQqo_W0pHaAgFjGkSF5QvIJFLdCBaK-6UqklD-O40UOsg8ujOjJ4Eu0kmqamd_7ylIWBp_JuOiRHqsyAqpEF4rEU8ASJFqUeXYwgbkrsv34t45b4EPej6sCaYG-EqhIHO55fk37z2iJ70KDubAgmfCZkKop82XXZVliPqeV5UjUAZp0ENX6t3qeF6v2wC1Qur_u7FbIM&sig=Cg0ArKJSzKUgVdOVP96zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=383&cbvp=1&cstd=380&cisv=r20230816.83452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 20 Aug 2023 03:53:31 GMT

GET
DATA 200
OK truncated
/ Frame C8DC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 342705bd786d8998c781ba47d1e3386727015033229565807773c111d9924e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F94 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A24F 0
0 51ms
50ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3ioCFgaXVq5Vv-TaldT_Q0TWic0RGoy7rP3JJFnfK5cbPRNqU9EbE9LwEHkfuUoVDi8oR_79lre_bJ1l0MgjYnTxeaY1UPdy3m4k7An93qCqHDZ1TKa6gwQqzjow6wVmCI7ealFit-IFnWFXezRzzONmotXbz9862VuhVCrfNVfiD3NHBPpu3iW7AAQpjlyizdrIpJt22s6MV-_dRMQtyHsD04FnRUL2x4fCxx-fc6igMOKf9ZSPzIhIHPpgrrf7eFMpZhfUUo33OU7B_2ART55m0OzSzFgcvuB0avf_PIlnDYDDWu15kjX-pNEHHVFj7wdphtJqWOTwJrTHYI9wf0te7VOX-oVqRHts2GRNKMuIBwe_Vz__I8WPSyPj_0XXYkIQdN9m9u_Jr1YtTUt0EvoEBVmqVfVTj3TjuIVmChJf0OgYMJXtdEGTI2-HJj3-VTmKIhIyZsWS8c7D5v5Apg87E3mVJcMYJgYIRXIlVA7iL_L5cj9iNv_oqW1kdZWdAtQ8MZIoKKgZ1rQFOUIQKuytw9r8GayEDv37z0MSvbt9W2kl9Cs_fhE0Fo98bW7jQ2Az_aww_W1rwpLd4fpV3tFH00l61s-V1aKDioy_a5ecQxE10kMZoEU_6pfmNiIW6WpIY_znJ4d0NIUQ84fKoSfca8hHcWta5RYQY7uz7GsaHYDlK3Zgqy36-YuPYBIPL7LntMDwLKghe7_6oVwHY9KXJAlE8neqYRU9ggs72tRrGO1eYwTDoWEHYp8tYQjaeEXE1JduqE5SQiuSG5H8fOrUehdx4oRthYkSgbO1lIx8-f0xNc7dPDIgtCbZzGoL2iiwRxCeBFfq2MX6QzL4r9i3kljjK00q1B001yAvak_cNxO4H_C6XR4BJNk339fzBekZmCMGj3s4jN3PQYRWunKWMqbnF0adOZTk4tBvkjKtcoNSKRTs-EACqIVRJyaCMeF2HLZR3VWVQa8oStsTqEnDjWX79pWxGH_8l3VmR-TzzJsP46z-Y2i8flKizTu0c3FtWR9J_OgpbEsYaAk0uLVEpfoKnGQ6qugOE-E_PO19w75jqCVf9V5epkCfv4jIs_tmz-SGP29l6ETADiJsHGmKshj6V3CIOQVb-IruvCn6FxQ2nNZdTrUbPoNoydybEdzWewe4Atk6keJpDaxAMySyLoI6KLD-hZBOuVKl70Tnt9SaoL6cHJyFoOo14p0Z6feywdvXTB-3_LDnN3_3-7Ah_v7PsuSQ6fELAku5J9MZyRybmIj1fJyvghGtsUTxyK7G7Og&sai=AMfl-YThqMu2iKhhLRPGuvIyYxh0aumaQdtDemhFeSwV4iJpUAL6_5DYRuVC9iLk5DZ3rPAFe2enb76eOLwLky7CLOXF3OF_oSHeNbk2JgpGz55mFn3J6S-DwoXu-vLRaAr0YolS5YIFTFaXVs-qt1e-JtQdiEAu27fVKFNKrvRonZW7pz4cmgI&sig=Cg0ArKJSzIXhgAch42lkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=766&vt=11&dtpt=546&dett=3&cstd=211&cisv=r20230816.07162&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:31 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 47ms
46ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 03:53:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7A71 43 B
216 B 316ms
95ms Image
image/gif 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3646a265-9671-4450-7201-dd9895288155&tv=%7Bc:lNTj03,pingTime:-3,time:109,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:160,h:600,t:105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:109,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B101~0%5D,as:%5B97~0.0,4~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNruFrc+11%7C12%7C131%7C141%7C142%7C151%7C161*.990511-61634098%7C1611%7C1612%7C1711%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a1%7C1a2,idMap:161*,rmeas:1,rend:0,renddet:svg.us,siq:26%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7A71 43 B
215 B 315ms
97ms Image
image/gif 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3646a265-9671-4450-7201-dd9895288155&tv=%7Bc:lNTj04,pingTime:-6,time:110,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B102~0%5D,as:%5B97~0.0,5~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNruFrc+11%7C12%7C131%7C141%7C142%7C151%7C161*.990511-61634098%7C1611%7C1612%7C1711%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a1%7C1a2,idMap:161*,rmeas:1,rend:0,renddet:svg.us,siq:26%7D&tpiLookup=ao:vloghealth.info*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C8DC 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 05:14:28 GMT
x-content-type-options: nosniff
age: 340743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 05:14:28 GMT

GET
DATA 200
OK truncated
/ Frame A24F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28958359186dad422869a7bdc9d25fbd63c3ba144116e52b3976bc39dc9b93be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3BC5 0
0 47ms
45ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLziJLc2FRxDLk39bmrk23eDxMS4-IhVtQ-Ji3NNaXMigk6RGVSAFZbVjLb3QSaZoZuz2_fA2Gp_VyhwYjF-TVENMFIoQOjjsL_bUj6Fa12kY51bXPJEI8CRyYxx8-aFdtvge_eWQzdq4Mgm4PXWGVc5K4U4agMI-wqgJi_tnG06h9Us9NjuzTRKOjvWyEQEaKIJHcPbBnIRluy2z-DPk1vKwvSb_ZH3fpIRGLAJz0RyIlqEk-l6Kxy6NIjfxpFmtiTkZgea7dleejDQ0U3C61PE2-W_khmtSA-EKYahsoEThQk9D8lgidAu7VEO8xw8E8FZ5CTfggqzisy28_hrYH4_G8LBri1nZZRllWkoGwALxKcoWgUawkR7aIA5UqVLmcukTNI9-HDEO7ooJnqsz7RPguEKCr8yBOB6rnAB4XLhtQJfnfabKiimOABE19RCNlIWGYrR9YvgXKUj53bCI0ULbTdUUaugyWk6l6F0QAjLj40iDkBCZe_FyiId99ezIETWrQLqyU4wG3msFkS7oAT8rgkbIeEcoJLMjESDb6tLdp24k99mPxr-Fscc4UQcM6zZjfL94SS433YqJerjQbK7-5vaOAVN2KlSW1ueGcQs0-9mMAWBbRzkSec4l0--yIReMF-LlK8689lf_iepJ6VFUzk3wnvw7SqKcB_ALoOIdM4LL0njfnaYs-HGk0Ib7xTJpRd6M2A9C6RU8xea2s5UjQ7Nkhi87L0_YPI5LW3b4VZzZ8hWLb2UbEOvi9EML2M7ZkgT3vDEjocQITYIkG7pUdoYMfx_pcaZY8mZWZVhC9N7iePwXSJzcJAyuqVYjrdjL_cvZ5SbW8irCGQV5LU_e5IH1k8DIgLPpd5uMXIvtHEqOeDKFSwJLsCmal8SEh2_ApHO4gNu-DDUePWzoAnYIATgZbDww6R0cxVwehPfDDiwZzHJokqWSOy8FjGdGQwcWS30F-2ab9rGmzHIUipzbOTYNzRzJgQNvz7qutS5ZEeM8mmgMBir_pQEUmdjWswX28x2bpug91arDN_AR-2YjkQkLCi3iS9M5ItyeA2osKKEX3TYRMnIJKkRCD_uE6EJfWvxyOFoD1jltEWYzrJztB05SIE3zzDNq9WMl03URk_IPnH3MwOYfiZVQI70Ay0jWrOLrcJZuwUax1RdiqzbmAqGa2gHpF8GFDwsrLCCWXY-66iJLS0QIQmerslUW6NBR5z3xeBYrDM_dqP2Tq5no8SuN-EFMDlyIjx7vJU7AG3-9GUxTcXn3__RIdf_UsQ5KqPg&sai=AMfl-YQRbDlPEkXEKRxucZzH9KaXrgdQKMbrXiqTY2b74qiCjcMqXfk9ZY4qqlalS5SgSb8Sgd60evu3GBvp3s8xtwe5NT4ibK8ALzoMpnNOkkfHJofIEYYKxbAbnIEbRVauN04PrhjvDFZ5Rm_BFoZDELX2Il3_MCYMJRnfPpM4Be6obMTUWtU&sig=Cg0ArKJSzAxe1c8qkxQAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=744&vt=11&dtpt=544&dett=3&cstd=193&cisv=r20230816.89016&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:31 GMT

GET
H3 200 -ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3177 37 KB
14 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-ux6i5uap_kgdJqLbszgrDc8lL0DO2SEHIjb65WwLNE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Thu, 17 Aug 2023 05:27:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 253587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14754
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Aug 2024 05:27:04 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 11FC 29 KB
10 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 14:31:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 14:31:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7A71 43 B
215 B 276ms
96ms Image
image/gif 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3646a265-9671-4450-7201-dd9895288155&tv=%7Bc:lNTj0J,pingTime:-2,time:151,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:642,beZ:644,mfA:647,cmA:649,inA:649,inZ:653,prA:653,prZ:662,si:667,poA:669,poZ:692,cmZ:692,mfZ:692,loA:753,loZ:755,ltA:793,ltZ:793%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:160,h:600,t:105%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:151,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B143~0%5D,as:%5B97~0.0,46~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tNruFrc+11%7C12%7C131%7C141%7C142%7C151%7C161*.990511-61634098%7C1611%7C1612%7C1711%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913%7C1a1%7C1a2,idMap:161*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:svg.us,siq:26,sinceFw:124,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=600&adk=3657419734&adf=2368597302&pi=t.aa~a.3665119889~rp.4&w=220&fwrn=4&fwrnh=100&lmt=1692496407&rafmt=1&to=qs&pwprc=3504796014&format=220x600&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609822&bpp=1&bdt=2342&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280%2C700x280&nras=5&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1050&ady=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=tGzvZYWubW&p=https%3A//vloghealth.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 3BC5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d0370b018bcb07ddc635019060408814d4d8d4869d24b36e47d1b996004c40f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C8DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C7ittOY7hZLmaM8WK1PIP-vis6A_I3eXgXp73n5GWCv3tpf2eGBABILfLliNglQKgAbPIotwDyAEJqQI9mh0vtj2yPqgDAcgDywSqBLYCT9CHNReZgXwKLnJX1FlVEjBoQPCtPMaQ0k_cILl...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213106045575446951893%22,%22debug_reporting%22:true,%22destination%22:%22https://tewipack.de%22,%22event_report_window%22:%...

0
0

42ms
41ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213106045575446951893%22,%22debug_reporting%22:true,%22destination%22:%22https://tewipack.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22998810675%22],%224%22:[%2208-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229440922870419238561%22}&andc=true

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13106045575446951893","debug_reporting":true,"destination":"https://tewipack.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["998810675"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"9440922870419238561"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13106045575446951893","debug_reporting":true,"destination":"https://tewipack.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["998810675"],"4":["08-20"],"6":["true"]},"priority":"500","source_event_id":"9440922870419238561"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK UIBH_SUMMER-AWON_160x600.jpg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame BA15 23 KB
23 KB 134ms
46ms Image
image/jpeg 52.218.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/UIBH_SUMMER-AWON_160x600.jpg
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b60446db91da357515f68dd0b38dcb8c5a453c0c0a72603dfa1f088caf7a5e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:32 GMT
Last-Modified: Fri, 19 May 2023 10:15:08 GMT
Server: AmazonS3
x-amz-request-id: 7SA6WME6BVT47EG2
ETag: "348b07411d321b68db04494adb8fc1ce"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23495
x-amz-id-2: RfCKPTHsDhtiOcxy0IEXB7p6G94oHLkmH9hcJmjSzA7ciXBVhGMzqaq/pJGDbj17il9opvKgkgg=

GET
H3 200 HelveticaNeueLTStd-BlkCn.otf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame BA15 29 KB
21 KB 8ms
8ms Font
font/otf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/HelveticaNeueLTStd-BlkCn.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21019
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 08:03:14 GMT

GET
H3 200 RobotoCondensed-Bold.ttf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame BA15 165 KB
88 KB 11ms
10ms Font
font/ttf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/RobotoCondensed-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89788
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 07:54:44 GMT

GET
H3 200 RobotoCondensed-Regular.ttf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame BA15 166 KB
87 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/RobotoCondensed-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89507
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 09:47:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA15 7 KB
6 KB 20ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71e12610aa6460301f2cccf4e3a10f9cff6d1f092d4727b5da2a5e4eb60c0481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5649
x-xss-protection: 0

GET
H/1.1 200
OK logo_ushuaia_blanco.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame BA15 16 KB
16 KB 113ms
46ms Image
image/svg+xml 52.218.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_blanco.svg
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:32 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:05 GMT
Server: AmazonS3
x-amz-request-id: 7SAC005D4VSFZMB5
ETag: "e915bfb094df409135d1b25c9becfb88"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 16030
x-amz-id-2: QrimVRYJcNSHmAaomhiURxBKr49vgCXGUt1BP9W/rnzwHTU3DgahF8/1410n/P0V9A0iM0gAAjI=

GET
H/1.1 200
OK logo_ushuaia_rojo.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame BA15 17 KB
17 KB 116ms
49ms Image
image/svg+xml 52.218.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_rojo.svg
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:32 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:06 GMT
Server: AmazonS3
x-amz-request-id: 7SAB6HDB45F6FGVJ
ETag: "b0c04b645a75b4acf16eddd9b9c9e8d1"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 17084
x-amz-id-2: cmeoBvfCZLfn3COFnuF4Ei3H6j3uxes471lvtPGfk54tU8CtaiykymyAePWhtuofugPnP/ZlO/c=

GET
H/1.1 200
OK logo_ushuaia_blanco.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame DFE1 16 KB
16 KB 109ms
44ms Image
image/svg+xml 52.218.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_blanco.svg
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:32 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:05 GMT
Server: AmazonS3
x-amz-request-id: 7SAABQ205PNMPBJ0
ETag: "e915bfb094df409135d1b25c9becfb88"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 16030
x-amz-id-2: 1gmP3wd7jHXyPFBjEuUppfa5oxW87w3M6/qIJlriiVB9JaniYinRPdlqXJyG7IeSNkGm0GgDD3w=

GET
H/1.1 200
OK logo_ushuaia_rojo.svg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame DFE1 17 KB
17 KB 112ms
46ms Image
image/svg+xml 52.218.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/logo_ushuaia_rojo.svg
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:32 GMT
Last-Modified: Tue, 24 Jan 2023 16:43:06 GMT
Server: AmazonS3
x-amz-request-id: 7SA7AGXA6TQP2JPE
ETag: "b0c04b645a75b4acf16eddd9b9c9e8d1"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 17084
x-amz-id-2: Vl0U9anihPlHM6k1CPp5eZBUHfk9U9ajjvySs5bCXJSUvgoIsthSifLwoCttlo2O0bTrGPVn92Y=

GET
H/1.1 200
OK UIBH_SUMMER-AWON_160x600.jpg
t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/ Frame DFE1 23 KB
23 KB 112ms
47ms Image
image/jpeg 52.218.121.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t2ocreaspalladium.s3-eu-west-1.amazonaws.com/creatividades2021/UIBH_SUMMER-AWON_160x600.jpg
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.121.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b60446db91da357515f68dd0b38dcb8c5a453c0c0a72603dfa1f088caf7a5e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sun, 20 Aug 2023 03:53:32 GMT
Last-Modified: Fri, 19 May 2023 10:15:08 GMT
Server: AmazonS3
x-amz-request-id: 7SACXCEPMAZKVVHX
ETag: "348b07411d321b68db04494adb8fc1ce"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 23495
x-amz-id-2: D9kExeq3XrPzpD4w6ychXI9cR2VkRXBo/GTHNxlg4M+MMEhamsQqqC2nRxAkxXzEQZqmIl+HhH8=

GET
H3 200 HelveticaNeueLTStd-BlkCn.otf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame DFE1 29 KB
21 KB 7ms
7ms Font
font/otf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/HelveticaNeueLTStd-BlkCn.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 08:03:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21019
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 08:03:14 GMT

GET
H3 200 RobotoCondensed-Bold.ttf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame DFE1 165 KB
88 KB 8ms
8ms Font
font/ttf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/RobotoCondensed-Bold.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89788
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 07:54:44 GMT

GET
H3 200 RobotoCondensed-Regular.ttf
s0.2mdn.net/sadbundle/15925919271109001216/fonts/ Frame DFE1 166 KB
87 KB 9ms
8ms Font
font/ttf 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15925919271109001216/fonts/RobotoCondensed-Regular.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15925919271109001216/css/styles.min.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65143
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89507
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 10:43:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 09:47:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DFE1 7 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ede79296a199004efc95e53b327e08c60c75e582d2a047e64209b7f7ff01cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5728
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B1F 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8006139540891350&output=html&h=280&adk=3893243934&adf=3542136047&pi=t.aa~a.3830842726~i.35~rp.4&w=700&fwrn=4&fwrnh=100&lmt=1692496407&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3504796014&ad_type=text_image&format=700x280&url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&fwr=0&pra=3&rh=175&rw=700&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692503609806&bpp=1&bdt=2327&idt=1&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db931e54a1e3d2f7f-2217cffb55de0016%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g&gpic=UID%3D00000c647fb94090%3AT%3D1692503608%3ART%3D1692503608%3AS%3DALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ&prev_fmts=0x0%2C940x280%2C700x280&nras=4&correlator=1880312394348&frm=20&pv=1&ga_vid=1336464146.1692503608&ga_sid=1692503609&ga_hid=2040907808&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=1529&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077018%2C31077086%2C31077148%2C44798934%2C31076998&oid=2&psts=AOrYGskjrsTByT4Ep_rb0t_ot0ncZqZGJhFyPmp_sNKyVI1QS7U1ccBBAMpAS2r_h6QfSnXe7X8EPPzkFDFZH-N4YbEV&pvsid=1777953992731972&tmod=276692491&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xtLyq6cFs5&p=https%3A//vloghealth.info&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C90E 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIyP71ZgK78pkxjaVVr40gbiL5VJwh-w6gO2PqlA6C0LKnnP2J6fZB9dCsjc3fGrd2N0cuMdTZIVVcPmrWyJyuRBSn7z40pMP4FaHW_CUtdd8LoP4ZqB8uLO3q6HO82aoJEIBBqNja1MpF&sai=AMfl-YRvT-mW77A7n0FblbGEI-0TisdWjiEex2CX6Er0VwfnYuIrzHN7_FtZKwsfXHal42Xq2-25wT6RBQzz&sig=Cg0ArKJSzBwwQrPknAq-EAE&cid=CAQSGwBpAlJWGjATZsUj7Z4uaEm55jGSk4OI7UvQZhgB&id=lidar2&mcvt=1145&p=0,0,280,940&mtos=1145,1145,1145,1145,1145&tos=1145,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3652936444&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692503608925&rpt=1052&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 44ms
43ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 20 Aug 2023 03:53:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA15 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 03:53:31 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DFE1 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 03:53:31 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FBF4 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A71 0
0 46ms
45ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9t4HQlfitVyJO59Bf3J4UqD-4eXZyUVAYBgP1fEqOcGS5ukOpaVd9ICW8p8C0tk1o6hq_NzcdLGikTqaJkNddYfvfCCuu83WNyt8PZD7wS6QT66y1zAehjodHgcG8cD5Wq-0zHTqw2WB5VnLNnW0w5J_NmNSp6wwe2o7Hf3omOT2ZuqzEXmAhp8doIRDbMaR3arpF3k3dk7Om5Cx-uY3BEA033bPTZ84FomeJkCz343ApCTnDsLwebB5XbqYf0TdKU2esffeHzWeSFDxa289Ff3oHSsUBFHzDg1smome6vr9p1-RSAbMo_aIpTNLwuYsONgsfZLOgtHdA14pF-UrJT-zelf9x1oYvW1JRxE4J1cGwa3VdSbnNwOKXEP373EsoTbMffDf13K_6W2sfm6v5Q2_BWLQIYNyaHO47ywMo2ZV0kMWqbp1InB22xQNJ5uM725qha_3J87VfXntDREQPKJTyi1azv2Q538Jvvv_NrUw011tkJu5y_u_SkEG-YcxfCMxnNz1gq2rQD4spBPAd8qXGsWNXJE421orhCmSaQP1Amf-ejy1ibVrtpHW1093cM1JGjZoIFLNuGtn0ZOC_sFOrUSIPxeMy48GZv-Pfk9zMMWNU_AJI_WZX8yE6bDl0ie4GxJHu59-xRulCVOokXOmTMXeb_NPPijiSbCZo5OWAg-YTGQ4bGVUvoci5g5z3lhBz9N6e44nYD36biLjyAgAal_rn8LWhON2eOy8Isf2ZfUd6CCmBsAX8OM9ypZC--4MJw6dmfrFE7RAmAE2dqxRTSZmJe5kDDoqal10AMZ097rg3N8ju1DddIritTHnbR2xeUWYJgHg09SNLEmnfItEwqykoQod01rRG6MrG3jiv1HHAppj7bg97TOUMTrrgYLvgJqGzEGQheG8QIK9vHC4BH9RPDPyAf8wleabSck7wpVze7zfC7AdbuhcxsFjPomNQponZ_o3AxvV3E9JTh2ZuGG3ORayfrwy6H4aXQSCa6QUOwUQaiB7vGnI9ArFe_D7XbBRTc8gV2HUIZ6j2IcoQA7kRjbqjWpBzz6RdCe3dJjafD-6-ZcdRuT7uCleO2mRIPD9vi0Kr4Pqq06bq5zcE-_FyDFPUIHMx5I0UK8tKoam0-HSUACT-wqZERAqbEBCAVdE81SSvko317RU9flBTgf2hS0K_f39e0jIUoV4dA0WQY_PwRB6YwsODt2gOUUrylmXHyoWGRJGGCyneboV7kUjWg0PxnTWLLZCtWll5XLDqRz_KByPVXewOys9zO_abP3tp5cNNyURBXOgsyvtRJz4n_QWHKWRhdLNgb0TpJYRMS7kpOhlp_oYfuDf3yz_OHg&sai=AMfl-YR7QhjzQBUqgUXXqhXy06bLXpE4BrlmoTzlALMYj2NT8db42lrzRuihl3MNiptCQqo_W0pHaAgFjGkSF5QvIJFLdCBaK-6UqklD-O40UOsg8ujOjJ4Eu0kmqamd_7ylIWBp_JuOiRHqsyAqpEF4rEU8ASJFqUeXYwgbkrsv34t45b4EPej6sCaYG-EqhIHO55fk37z2iJ70KDubAgmfCZkKop82XXZVliPqeV5UjUAZp0ENX6t3qeF6v2wC1Qur_u7FbIM&sig=Cg0ArKJSzKUgVdOVP96zEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=857&vt=11&dtpt=474&dett=3&cstd=380&cisv=r20230816.83452&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 20 Aug 2023 03:53:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AF43 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrieThbA31Oex8cyMf6z05Y0Zg-Odw8NI32K0Jf9U3mRGQnlq4V46jI5MQCNyfJ8tRsTa_ZOyYlWy7dQMCVaRvXRD_1pL73L5m17L3A8889lTyO4T1eYcjrlNR9SEh1B4Gz3L5ah1InevG&sai=AMfl-YSD0Xgti6tlJIPohEq4WFDj_vrfa3sJeo_RGKwMhMVX2w0YezXnZSK9ygtCqFEsezx-VDMhW56bQok4&sig=Cg0ArKJSzKrFqgj25Wd8EAE&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&id=lidar2&mcvt=1107&p=0,0,124,1005&mtos=160,836,1107,1107,1107&tos=160,676,271,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692503609923&rpt=485&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A71F 37 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F819 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 436B 0
45 B 211ms
210ms Ping
image/gif 2800:3f0:4003:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lliwy7wi&c=2684338896752&slotId=1342169448376&qqid=CJKPkqOr6oADFXrBOwIdZAUKkg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.183~vfl.1ya~vil.1yj&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4003:c01::78 Santiago, Chile, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 11FC 6 KB
2 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:41:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 03:56:55 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 11FC 2 KB
1 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 03:55:06 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 11FC 3 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 805
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 03:55:06 GMT

GET
H3 200 head2_5line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 11FC 12 KB
3 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_5line_paare.svg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3331
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:00:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 03:57:35 GMT

GET
H3 200 head1_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 11FC 4 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_paare.svg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1686
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:00:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 03:57:35 GMT

GET
H3 200 160x600_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 11FC 37 KB
37 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/160x600_kv_paar.jpg

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10256918388168393334/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:42:35 GMT
x-content-type-options: nosniff
age: 656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37561
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 08:15:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 03:57:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7A71 43 B
215 B 96ms
96ms Image
image/gif 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=3646a265-9671-4450-7201-dd9895288155&tv=%7Bc:lNTjbB,pingTime:-10,time:825,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE2LjAuNTg0NS45NiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1692503611731%7C%7C3f63110299175311d90cff182f8bb102%7C%7Ccb248b5d7f94b197f4c81a7a58714f7d%7C%7Cc087dc5ea6e40ab5b035090b0c884a51%7C%7C3daefdd96526764d14a49a065cc88414%7C%7C9ba939542aef9aef6f988e78e2a93983%7C%7C52fc3435dd8f5386289042b516757f71%7C%7C9f16c0b302ebda33a4309770a5abcb3f%7C%7C1663701684,im:%7Bpci:%7Btdr:532%7D%7D%7D
Requested by: Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:57e3:7e3e:608c:5e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A94 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7ALcOo7hZOTyB-WD4gH0xLmwCQAAAAA4AeAEAg&bg=!t7SltODNAAZGPLJIZjw7ADkAdvg8WkVJp64ntPYBxdXbTYFb9-bSCR4PttxI20wxP-Zn0luwUmPsnoSVsDUgRa8sgGMNGKw7nAsCAAACi1IAAAAIaAEHmQMMd_kr5EnLWaH0I1ASm9oGfGxdV4imgwawNGL5cfOQo9vkn_XM1l_M8sWLGlXgZpaEY5QFmzQb0k2Nl-TQbCkTnyFkdh_NXEekcRt7gIvWjhHO5BDTvvBpvPNSRuPP53sfFrlXrZ8qNeGmRXXjXPVepSsxlToy2k-9lcxY11CSQ3WR9jXi9qA5-nWaMd0zLV3WU0UmbASUivi5HRKLxiQU51zEcFSwC36sH8kGePeARsi6orACY13JRB6XCFaTSaqzE--LdqZGcYQSbEn80b1vpmlO4s-ChlkzFnnvgy7awPgpYF4E8dATQC8nSjJrVdae7MNpL_K2GmbxBzCf2Mk08PwHOTKp0TjbZxSZ4-jsiRIL7jVnLO4BLL3UMCgulcBTYV3_rC1E6ogaY5bHNpjnA0J7x2ho9aZY3U9Cvmeo0F8MuvqLDAOG9HVRRv951ljEbS14VRt5ZGnwdzEvvz51VcBZ35qOsSqFpVR4FjnYSY6LfEehiHoO_iyLg2fgLuvNT5dtAD1NQcaR_Pb_GB32hophQNkFF_0JpyBCc0lnReeVyjjRvNgHSHx79A4vHdjUruHQ8ZNws6UlvXd8aq1Gv5G2noIJmprrCj-sbGTqv2bN-iYzCNe-Wye2wLvJoCVTvVBQyxj50U3wGvZ6kF9RUgJfreBa8yPRSY_BjOWwkJM3uXqQz42gitVhCOHtU_lloQ-p0TDGRBGhn3AmF7VJebpaQjun7zw_sqE6wlX7lRjRi_NLV2jyGxGrnhEUfopkAxCp0EV1DWWYexUWAPhI_WqTjP9yN_8jBPZbGc1CjI2YCVtY7MmUuKDk1LSRCGUocpKOiGfjyAYsWv3i6Er7GTuSWn5Nnk3Rk8UAi7Ia81UAOvOank7wGyKxxuBQOd7RWz437BP2B0UHta5gLXM7NxIBYNwhZtoI0epeSrksJLPj4XzoPuDedaSXITWcEdJpDbYuWv1nQ176fAgrhJKgraI0CsEhkrb1smYV1wyPhicXfQnnFfpeOPVgpJhSVMNUqu48znhClVK7tfMt

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92A8 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvJQNOo7hZOHSCbbAx_AP8aqI2A0AAAAAOAHgBAI&bg=!hoWlhdHNAAZGPLJIZjw7ADkAdvg8Wnn8AyqMuS8_kZGxhR_jLhXAVoXsSEAlsuDPHSqINcs7WThUbuCFNZ8tptoKHYGeO5ESE4oCAAACyFIAAAAJaAEHmQMV-8ogu-esXZqLviKh1axtwJc3jmBwbnFamBUFKlzIFW5jX8g1ueiBS9ohdQbUOIPc_N5MH9gERj4-fKTx3B6AWskjFkD5SJJEV1au3XlIPQKSsqprJoDSRrFQrH8P90fMnxD8eQrdlZ5UR263Mu-CKgp2NYK0xCE2YTzwM702HblXCNqUeO8R380_O7jmEAZLwHVwlZVJMdH7lY3QXHDXcChLIE5uAvgWCjrOURk8e6VeD9pb6CNS0H3tVw55E5Wg6DJ_du0lnJx18IvV1sk8x-VUBSqG_7JbHfe4vBLkqDb6JpHgcdIy4dv2uZbdfiX1JCsXnD6ai7-cDlJcuaPYY8nkncvIOxJXyQI8Cqq50qegYWuzdFXwmzoJjVhmJDFXyA6yCvV-RhdeJTBHpKHC81bpox2O2MKtroiaMMs0ZNk17nnxYztIxLC3XQaShKeKew4gZeyNKBPyniH3wPnbMC9IEcFzgJn258GQO1v9vHjfnvKIsLypiUaKn4Ddy3gB8eSRw3O5L1y3D_W0yOfCs4GLEUpSeXCP5DNjhppfjX0VVFo295bXFfxKAb0ORQjDvGJ69CrgU2UYjmCQIbK4726wNuv-QaPgweSBGh7IAFDQ5atkbo1rDZ_Nb45G-yldHXnYXMWLs67_RfPp072PEGGWWNSC3Of-po8YTusC6cUKOKGOiRPGXmbqyNZlh-z_1sn4GvPyONHgGY4yu_J-q2HnaCWLUcyapLzp-G605W9dhrm8FHNsSPJ6Ywd_y_uogq1TtPTjYn4VYOK-LdpmonDDyvEFlvD9_F2DiP7mYn-w-xDI9xhf-SVXmiACrQ150mxZ5KDdG9bKOSmsXKZpnRGEzBku_D-UFV6NbI_YKl2hKw3okNFu06MOAPuiNotxDPNoH4PRYKtHfjeOZxZ2lHzXXWCkli5Qnz-t-MbJfBnNBGnR14T2Svz4bRa--O7iV4KsmVR2hHmyLIXxnen8RgUdIaDBOu1v0bjabPgkM39NZBCa6f1LAKC5gqh7WpmncJskGb3gUtlrbaVhxh_5UWizsg2G

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3177 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=By9qIOo7hZNnyGNWW9fgPpJ6G4AoAAAAAOAHgBAI&bg=!wsGlwZXNAAZGPLJIZjw7ADkAdvg8WsHHcFlFKrdVg3wK0sss194W9_jsIM7rbjWACX87bKXD4COJXfth0_kxGs1F8k3sDa77ssECAAAB7FIAAAAJaAEHCgAUDn_6yJnrF3K21IvHDL8Ax-thh-6ZAw_NRzBJ8qARUN7rirOqSOXZnVzuKgbJUJXbL97sT-wcMK8S8QccZ1m4MCNhc-L0JG6xGyW7qLpr8fYFc_8Sx-eTQqTGWWlsevaurb3Hu-quEsS8qmV8RyzSPBpjKIUpg8DBVeaBWqLz11Gq3RAdd-QduFLvBkmsdcBQKBk8dXsRImyz6_DsAEdwZS0fsBPPmJnzAYI8tJQ7sbao6441J89qqsMOThXuW9a28BzZu6ulZVFiiKxpJNKomFAbcXpPuet58KzOp0P3-osaDnfZJBalyu2ZT6bSawHN9M-H1u7NY2a4eE_vQVybCoAxYxN6atxl02yN13zVj5Xysn48DjL-Brrf7YVCgjjlK2Pchi2uBF0Bcg7_A0RZq-3AdIzQLGA3_63IZmSkXneYaTtryZaZ2G4DRCGqjgPG-Jn9XQqtUkXAW-kbIixnOcsgEGNAJT6J_e6-EUTSbfisRmmAaRbEyug-ymus04v9DTAZNPBHn51AJFHmvCwY9ayGxBqkd9tZnHYVbMmTmOAeBRWbivmVq_4kc6fmQi5vOvVlXFkydCLOGjpYg1xJLy_cs9Mq1XaapnOzBRpzQtHasnm0Gt8sJl8PzHXsalZmKhS1IQ5u055HTHPi91_YwOqlLE2g0x7seTWrytuVgJ5iMJ3gE5-Jhdd2JetJjxsJLBGtXEDL_w_6i8kNAQVSBztQPpjoevODbMG0bwJCQ_ekU9vrT-gnxioVlH04cdf8kps-AmbmtKddzugs7plLwNWd4Bu9zkMJImBppgbJRlTQwOPGKFfxUMLB4XdfjbrngOdO6X9x9d-4uC2BFefXnkBhS_yVUh5GlkSblQd7WoEqP-6MYlTOj9cF-dE4es8M4rMSJbOuGli3uyUVhANrxDigVVVYXyzm-etwr0fvL57SSDXYe7NUZ9-t0NwIAQ4oXVDqqR5osXt-yJyKCnJWOYcAHRDDLStMf4EzDraHHAXckUrypDPiN9o3MEKrmqGtVIYQsN92WaTHed5zKKW7bZo18OCDlsTatomfUWE7N384ohBTEFU

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FBF4 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGjB8Oo7hZOPGGpbAx_APqtSYmAUAAAAAOAHgBAI&bg=!R0SlRBDNAAZGPLJIZjw7ADkAdvg8Wv5fC1iOaioo4pFanWxVENpdcMI1itx1Ln4wxhUaoDKBdnWiTLQZNvF_Pq-Zf6-hfcPsU8MCAAABn1IAAAAHaAEHCgAyIIonqMIUQbVc-luW3dkWS_LgkCK4XhFjMZvmcn1KPACOstioC6RVHDIbIHkfnGMQ8MmZAwig6MolOfpnwG7dB5udj6l4-Pa9oteYA7iyoIw8REbYV0rF7vsOjegvhKIb4cPG69Gb2ZVOs3XVdziLooBesUcPcSwNGLmqVTVxiDWoX-HJaqq6REEwlK81rc0LyCMNQmmRACmRt6f6OqfoMtft7MZPcI_oeoTwKGFqqNK-7vUBNyV6LTRfejDIIPZ2xZ4r9YKNSF3xMiFwsMNl2FaCH65IP2LmG_hdNaeeuiBhOhF6QPeEnv_x1yShYuoGm7YKzF9evoNHRV7JaPKGBJry1qfadKqExJu1clZdLSEgNCMv5FhBa6D6O2MR2Ki75VPwrDk84YppC-Q7NEXScSAer6hUlNk-m1zTTQpl7Hmv0cHCEPvWrbqufmMXhhYiL_2lz2hitUFl9xK8i-SK5s_OQwhX1kjCI-c6eKOXkSHvwmu_dy6J952MpDdn5tLY33ac4vcQwCQ0rEzlAFHgQWywqjkTZ4BIOwVZMBvssouycK5Oxi1RkIaoioKHYmkCWMcwMhsejwQu9IhIr4kS8CJton2UyJM2_78hDNHzmll4NmyU32XROUIYtB01FAb-joTeAPCGOaUzKZRw9Y91-fRmZ6A5Ry8jU_YPr14Vw4S9VF-dXwAlb0HVzSiCBpPT_21bnb7jESpqBpR6dzISIdUHEJ5nD9tM7BjnpTZ3vUTJQk4TEyf8ZTnBuvZLtoB369u7FR_CGI9S2DbOrQ5W9WHL23g7CmxRkRAP6PM0wFwJ9_x_I0Ki-Eixh0ftqgRKyRokFx4vk2n_gXv-j7FkRSw4FxdksXQ-WBqjLcC87VtuUe6mkwnuFF0BQiRK86HTjQw3LruEhih9ZddtFKfTg38U1C46qz3yXyd5eeTR1EXPvGmZyEjtlUaOD1sbsoUEhwK4xSzwc7Rk_1-OswH2tTxpuzzYLd5G6oSVCa2L1UJAN05ovRwFqkOE36RvQzzQht1x503f1JfCKfeM6DnW5HVD6OONxP-TOgbyWGWR4MEiHkwanRw70320dzPkIPD92ORZo1CasHyX9vkGcA

Requested by

Host: vloghealth.info
URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A24F 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8612629826415&version=m202307240101&ct=76&x=1&cor=6220509865433718000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BC5 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5473217271812&version=m202307240101&ct=76&x=1&cor=9037551511862266000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A24F 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9FABz6NcUE-OzzllC31SAAqqwbosJ7QZOmqavmP7G3_pnNxbkm_V3bnc0gKJFW8FDtQxF6gawManGwhOU7bFg1ifvNm-RijWGIKyNRRqiu82Di5CHa_YQMn95PwS2J5Es4BO1xs-Wez-S&sai=AMfl-YRBU5CG7mJ5KXBq13ACxIf29rVAYTw988s2bm6JEu5i3VXz9tIRmn68P93pyxarBa55l5sf_HgbeLNM&sig=Cg0ArKJSzImKPATBPUlLEAE&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692503609998&rpt=436&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BC5 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteyuPexKIwDiO_aR26WyJX7trB9A_01kbmjqLY05BQdYecGjJVOmF19PCYVx2K9uu19lldnd7MdBHe0qVz_lqiRVVDdmmnin5hn0Qbk-ZhD9OXTCrC5ukVN61Ozk9fPE-40S_1buNdh7-u&sai=AMfl-YTUf9aNQfHCJkkuL-_AOdnaj7QPZCdp2PCzBi_sUe6YrzMRd3zjnGwOZ1-J7fv29V6ig47ZEQNZu6sP&sig=Cg0ArKJSzA6ltxq4enyYEAE&cid=CAQSGwBpAlJWtSH0EA6PD3fOXxXfdANoLSBBeoYzUxgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692503610033&rpt=453&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A71 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7757209537024&version=m202307240101&ct=76&x=1&cor=17549273218372598000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 20 Aug 2023 03:53:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.facebook.com/plugins/customer_chat/SDK/ 0
0

GET
H2 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 1 KB
2 KB 123ms
73ms XHR
application/json 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&is_loaded_by_facade=true&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503612917&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

997ef84ff452b59df36f0617d360fe5ab44d50164fc503efd2612b1b4b618f6f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 20 Aug 2023 03:53:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: eihWsavhoUfYMqIfGM2NQKaqzqt090dNY9mycs3li7CLJlljwogEkUuS3wjjySJBnLh4G28S5YSJCFkzr16mzA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
x-frame-options: DENY
access-control-allow-origin: https://vloghealth.info
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 23ms
23ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6272f074c4fcef04459f7a74db9132cd99081806491140087e121ca1448d2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11779
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 20 Aug 2023 03:53:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B989 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:38:01 GMT
expires: Mon, 19 Aug 2024 03:38:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4288 829 B
560 B 18ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1e0a127b33b0d363d73d2d1c35e66b44553680b1060a415c3c080d6f19dcbb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-86Qp7VTP_s8atZ9zkqgpQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vloghealth.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-86Qp7VTP_s8atZ9zkqgpQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 20 Aug 2023 03:53:32 GMT
expires: Sun, 20 Aug 2023 03:53:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B989 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4288 0
0 40ms
40ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=1777953992731972&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET /
www.facebook.com/plugins/customer_chat/SDK/ 0
0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B989 0
12 B 7ms
6ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rhwF3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 03:53:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=1777953992731972&bg=!dHeldyPNAAZGPLJIZjw7ADkAdvg8WiUHko7hqITje6zlxHNkJP0zMm5EpHfRLKI2odlUtBGM4iayOY7P779jzN2mAEt3_KwNgOgCAAAAZ1IAAAAJaAEHmQLFy2Opoze7n11JFUwHcV7zotDs2M9DZnVF1yShUgbjE8BYgBhx-Q9qHVPpMV-KgJoOV8ZkijciClSJhm_-8tyn5NoYuMTC5ehhon5ZkAAAqFEFi_NMNjVfEqde2tkvYgeinya_e62nTqFniuckhuZOKEUfFgL9rd35eF2S8sEWRPy3SaTXiNo8v9WeVv8kIGsB-Nb8PcWZD2BRfHARDuFshhgoGlA529Tls7PS--NxmMO3OwCBQrErhP6PPfyuUcD8W6oFcjRLEKJepyaKXhmUObeEhBc3ybRBd7hvwDnF-aKYhugrfZTlNcGxVZiio6M49UpIiXCSlITFY3dDX1_TUjTFiZeZ-ZktuNd5JQtMyDFqmW0_oG2a6swQSrqB97nEB_-7HJLBfb8Jscr9Nca274D505qINYqsFeD61gJrb_dbEUyjMqt3n1YOXdb4LoMCV505ZbNEJurNm9CD_QYf_Nb3Vghrtq-cRmjzu9m122fgiMn4Lbg1k-aKPAo_xqdYUyzbXwTnkHK4b2oIqDI2PRHlLmtq_-7LbJltvpPUrlPoMNC2WocOW1gp61MSSfzistmOSYPeYm_IqauMcOFtRLz_FkJYOk3TwW2_996UskmLVKPvx2mbRW-xmQCtQFcO07VSCb8u0gotbojlZEzi9JXxgI05Qli_iOjU1F-70RLrY5NgGPYpiDqfYtYUA9agVR7HSn53OlsRSyFjBmV1fqxo_uyyQlEzSrTnj8XZqt4MEh2aCMuewDa_WjUXHH01IdOk1BB4NQ-FFJB_F_3Dp8BkhK_Hcl8b1FCfcEqvzd7xmlcAFO0rKUUtzealDppjiga6ubwDvQrKcQ7bAQwqZqlJS29ytX_sYgcRvEN1cwZ1ichBgEs_nX1JQ4-b7ZQzJhOYJMgFaflwf5yzUNkswQHb399TEIucozWVjeelzq-BA1VKfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vloghealth.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503612917&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Domain: www.facebook.com
URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=127&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503613044&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
vloghealth.info/	1969-12-31 23:59:59	Name: 372dda146eae1239d007ae035e1fb7dd Value: 6cc42b888ef3faaee80fea9b260d163f
.vloghealth.info/	1970-01-20 14:09:50	Name: _gid Value: GA1.2.645479993.1692503608
.vloghealth.info/	1970-01-20 14:08:23	Name: _gat_gtag_UA_136430633_1 Value: 1
.vloghealth.info/	1970-01-20 23:44:23	Name: _ga_CCDFNY4QMZ Value: GS1.1.1692503608.1.0.1692503608.0.0.0
.vloghealth.info/	1970-01-20 23:44:23	Name: _ga Value: GA1.1.1336464146.1692503608
.vloghealth.info/	1970-01-20 23:29:59	Name: __gads Value: ID=b931e54a1e3d2f7f-2217cffb55de0016:T=1692503608:RT=1692503608:S=ALNI_MYzqPfbxZyDEEgyDLgqPA0kQoJI5g
.vloghealth.info/	1970-01-20 23:29:59	Name: __gpi Value: UID=00000c647fb94090:T=1692503608:RT=1692503608:S=ALNI_MYXLCGFZk3UzXQGJV8z5knvdrifUQ
.adnxs.com/	1970-01-20 16:17:59	Name: uuid2 Value: 665887885605583626
.casalemedia.com/	1970-01-20 22:53:59	Name: CMID Value: ZOGOOn77UtoCWe9hKgG9MQAA
.casalemedia.com/	1970-01-20 16:17:59	Name: CMPS Value: 1101
.casalemedia.com/	1970-01-20 16:17:59	Name: CMPRO Value: 1101
.doubleclick.net/	1970-01-20 18:27:35	Name: APC Value: AfxxVi7rOAuWdS33kuFBqr0q-WJLc1m8SX_bVNpycO7EbBUX3ckvGQ
.googleadservices.com/	1970-01-20 16:17:59	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:08:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:29:59	Name: IDE Value: AHWqTUkwGDBaGhhzjodfiCmZXAGtDki7gQs3Db0X_Tnl_a4LWPe4wLA8aSsJw43fXqk
.adnxs.com/	1970-01-20 16:17:59	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilb<)f4>!@wnfH8K6pQK`!5=E<L5?%KHi7f<f_5J08LQcaZc3aM25X-(?12#K`hQ@@%nugO%v4VB%nnrX*05Iv
.ctnsnet.com/	1970-01-20 22:53:59	Name: gid_CAESELs82mAEPLUxwFhUXJVMskw Value: 1
.adfarm1.adition.com/	1970-01-20 16:17:59	Name: UserID1 Value: 7269247653321832599
.sitescout.com/	1970-01-20 22:53:59	Name: ssi Value: 7cdb309c-8c45-41b4-ac59-038076d85827#1692503610771
.simpli.fi/	1970-01-20 22:55:26	Name: suid Value: FC95AC9F2481413482BE4A3F0BB8AB91
.ctnsnet.com/	1970-01-20 22:53:59	Name: cid Value: 6379a71124724d0b97d8896b197460f2
.ctnsnet.com/	1970-01-20 22:53:59	Name: gid_CAESEN7BD6Gmew1c51IPqSYjyKc Value: 1
.sitescout.com/	1970-01-20 14:51:35	Name: _ssuma Value: e30
.ctnsnet.com/	1970-01-20 22:53:59	Name: gid_CAESEDTt49KL8uYpAmEYx5l7US8 Value: 1
.yahoo.com/	1970-01-20 22:54:21	Name: A3 Value: d=AQABBDqO4WQCEHOu0ultq_2RVlxTZeAxjh0FEgEBAQHf4mTrZAAAAAAA_eMAAA&S=AQAAAunlQZP78_svAUUwq6_QhiU
.everesttech.net/	1970-01-20 22:53:59	Name: everest_g_v2 Value: g_surferid~ZOGOOgAAAH7ecgAb
.w55c.net/	1970-01-20 23:40:04	Name: wfivefivec Value: DAmVOVse1Qxzvk5
.travelaudience.com/	1970-01-20 23:40:04	Name: _tracker Value: %7B%22UUID%22%3A%22CDD2171C-8621-431A-8EFE-62DF2059401D%22%7D
.mathtag.com/	1970-01-20 14:51:35	Name: mt_mop Value: 4:1692503611
.adform.net/	1970-01-20 14:53:02	Name: C Value: 1
.w55c.net/	1970-01-20 14:51:35	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 15:34:47	Name: uid Value: 2806131114319206720
.turn.com/	1970-01-20 18:27:35	Name: uid Value: 7521373836680956802
.tribalfusion.com/	1970-01-20 16:17:59	Name: ANON_ID Value: a0ntXLS3n0gryoxDmDmSWc7COnkxYZb7LNbZaZdOKPyCDZdltD8ZdfgZbWWs4pJY4ikWha43MKajr0ZbCXEEGTZcaZdRTJqMv9sOl

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
javascript	error	URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503612917&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://vloghealth.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503612917&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://vloghealth.info/kienthuc/phan-mem-y-te/940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html Message: Access to XMLHttpRequest at 'https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=127&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503613044&sdk=joey&should_use_new_domain=false&suppress_http_code=1' from origin 'https://vloghealth.info' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df341f9d5d0918c%26domain%3Dvloghealth.info%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fvloghealth.info%252Ff38aeca62fdab38%26relation%3Dparent.parent&current_url=https%3A%2F%2Fvloghealth.info%2Fkienthuc%2Fphan-mem-y-te%2F940-dang-ky-tai-khoan-fmcpay-com-nhan-aidrop-2500fmc.html&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=127&locale=vi_VN&log_id=e239f915-9e07-4446-b9e8-738ca05b9edf&page_id=410045446228011&request_time=1692503613044&sdk=joey&should_use_new_domain=false&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
bid.g.doubleclick.net
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
r2---sn-4g5ednsr.c.2mdn.net
region1.google-analytics.com
s.tribalfusion.com
s0.2mdn.net
static.adsafeprotected.com
sync-tm.everesttech.net
sync.mathtag.com
t2ocreaspalladium.s3-eu-west-1.amazonaws.com
tpc.googlesyndication.com
um.simpli.fi
vloghealth.info
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
www.facebook.com
103.18.6.85
142.250.186.162
151.101.2.49
172.217.16.194
172.64.148.101
178.250.7.11
185.29.132.241
2001:4860:4802:32::36
216.58.206.34
2600:1f18:1aca:4280:57e3:7e3e:608c:5e72
2600:9000:26da:f200:8:48e:53c0:93a1
2606:4700::6811:190e
2606:4700::6812:18ad
2800:3f0:4003:c01::78
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:401e:28::7
2a02:fa8:8806:13::1400
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:3875:a2f1:5d10:86ec
35.156.89.101
35.186.193.173
35.190.0.66
35.204.74.118
37.157.2.234
37.252.171.52
46.228.164.11
52.218.121.50
52.29.174.244
52.51.98.172
64.233.184.157
85.114.159.118
98.98.134.243
0110b2cd7ca78bb622eff230b5a3af534cbcd103d131a076d00f9636780b51ae
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05d31c760df3e6f0c64e3da1cd299e5f73df51c974c6528a60d0685859bbc1ba
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f10bf3f7984d28d4d736065b50ba65eeb3f4b146ef6ec38f55943595c64a997
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1492cd6da83bda39b8f677393d2868bc18d8bf1d17ac6c36de70861c5b2ac3ed
14ef99d61c8b4ddf98b4b54d0b17b488ba16257f2debba199eb4a7b9e3e9daf2
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0428ac4022ee1232f27fed6a5d4da66aa03135bbd127d5ab91ffc50223507d
1bd143efb472626b2e41c425cf3033dd0bf803b7661e58b24c238de8ce82a93f
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f52c94170d531a2e706e6eba721d81bffc13847e1873592f729ff49acf58d4b
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28958359186dad422869a7bdc9d25fbd63c3ba144116e52b3976bc39dc9b93be
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2ab6793dc8e7ecc84e623176376fac17df0d4513fc68ab392d3850200da5f13b
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e047ef4f0df4b7a920fa4098e5f3b2b3c43da69b10462c37112606228b222c0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
342705bd786d8998c781ba47d1e3386727015033229565807773c111d9924e7d
3429db503984bb93017706ff3d950d5d4e50c105d28fd34abd93c6f386afaf87
380d8e4506bbd779ec4338cb2da7f992ac80d2b4823881307f343847fc869ccc
3a3e70bf8ab8f5aefa42665811f04886eca4b95fa5cfa5ea53483a9674a97ec5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
439db95fd72eacf019f9a0cd934c5cd77866206f7e50ed358b3322a0260d96a9
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4843f0ad8f0ec9243501986b7edce08d88daf5cb2512dd2843a5ccfa68b1a79f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4a6d48f5bbbcb88191b3e8684e79930c39b4fff0cdf07ebd29ae769a0e73c15f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fc65e436756cddb5fdfe98535eb5c0dadda31f81801a21fa4c0839d45daebd9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
560ca1048cffb3558d5661135c4151971b0de9682222a52661b7c3929f0dc4db
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5d0370b018bcb07ddc635019060408814d4d8d4869d24b36e47d1b996004c40f
5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12
60a528221a00ff8a44a3cc2ac787fdb2b7afb49c6a56ad7abb03425205f7fd90
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635c51c92b36acdd4d15fd3b09171048c980a7415646b7e6754dcf188aa26701
63a1d8c15fbd19a171f2b23ea423e623da97a64a90c9ebbb62e3d28f17729319
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6beb03ca780efe2434f83706d7604b105aefdc5ae2be4a5ead5466e33e6d765c
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
6e4a28fcb3cda22808c2e150e6e7255050a2c02fc32c4880ef152ed83278f3fa
71e12610aa6460301f2cccf4e3a10f9cff6d1f092d4727b5da2a5e4eb60c0481
72753d9c161c945abd26063319579145a36f24ae089e9bc384aa708a4ef9fe55
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7b26c692500dd71cbd9b8d7e801152aa89394511bbe0e191f79aedef0951564b
7bb273d3ba9ef4d0315d46b7e44f2b444ed4d5dfcf3c7236095f8e3ade05e59d
7cad81b7a63b27b45370ed849a487870de63c8a67f48486918471e4c7d2dc38e
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8d6d8aa9116c8538da4416d44de1532dcf9f5ec4ddc85f4d524714e8ed918ee2
905aa6b670126f63df5d271c7b9e452a9b37ace952407b46bff60a96b461e696
96040f72253808ce9bcfb2d6edaf95e78c323acb8cc7c16ccd210e25fa6b3821
984b36638622206bececefd75641ed6c9a8bcf92f8197edbb0731b5f47d5c91a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
997ef84ff452b59df36f0617d360fe5ab44d50164fc503efd2612b1b4b618f6f
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9efe85cf7fc9bb70b19e38c4d0e9e9e07ffd444a8ce7f15d706717bf6c074e40
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a26f776ca399eda2533efb3f9a1ca37202720955134c1ad219e5b175d4cd066e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a6bf5677549ee0c35f3023d329458d72a163be55c6be119208abe5c1befa8b53
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6db68b1787b45ecc4f37bddbb0d9af13f4b796a86eb03aa56f4b73f894224a3
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b240d68de7c3795c87771f510527c201d7d67f0e065d973b16bf86855932f9a2
b471e554c1d66aaf8729ba3070cc8d80a31d7b0c21b7dc1cc5f3d44d3c0c987f
b4c9ba03ff92e0ac7a82d54ff27af8c9d71838a92ba5b1df9aeac450d02173c5
b60446db91da357515f68dd0b38dcb8c5a453c0c0a72603dfa1f088caf7a5e0a
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c455c50524c9dcf34ccdc12b89f7532288e940724738154e22ee086b65ea81cf
c69976cd568b69a76e60900676f5e45c901c66b2cd4b0181e1ac468bc28c986c
c7ce70cf816cfb1e9c221d2cccc81b961cca6dd63f2628d3f3779ed1745b103b
cd1a27dc42b6df8682e3322049647aae8847ddbc4d488b6af49e7cf12e2d85c4
cd92196a44e69caa066795f3228a086317acd900606b1def2ea389f8ae349218
cfeb25fe57eaf2f3081ec2e27e4691dc43d89e338c6e722e6bd9a43ff7e23ae0
d1ab7a9092d779eb7eb97f3f7d4563c857e86572fb829c42f2972a8e232ec67d
d1bcfa37b5cf37d6a77fdb9e21aea0314b48c9ecff28f2732e557f2113bd9274
d265615b79f98fdfff370ea32da7b4b02317fc6017b898cfb9c657a65618ac07
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d832b849909f01bf62c2f6fb3b2e6bd2251b528b3446befba8d1e1cc16686e05
dd3956a4bdd2086c9fa2f84f911bd4078fc6ea2cd3184d82377fe9cb69108d39
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6272f074c4fcef04459f7a74db9132cd99081806491140087e121ca1448d2de
e9c095dd6ba82473b2951e532484f7d0b5057e7e8bceb9e1541c414c58e2948e
ec8bcea52c02ff3bad9522c60afbd61e122c3359e3368720cda2b8cb45e9faaf
eced437d4bb8a726d823bb80013c37e1e0eb81069618e7cc57ff1eadf0d0cff4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ab6c1eade444bbf4e3e00710756e95c2a1d09a10425967149802219c0c0cb
f1e0a127b33b0d363d73d2d1c35e66b44553680b1060a415c3c080d6f19dcbb8
f40a0622047c8c9e092c6ae8ac08706f56a0e5aa478b8033e155941706aa4bed
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8ede79296a199004efc95e53b327e08c60c75e582d2a047e64209b7f7ff01cd
faec7a8b9b9aa7f920749a8b6ecce0ac373c94bd033b64841c88dbeb95b02cd1
fd1a68e37f3af17c579ca07a30114cfd64fb4b42ac05f73fc51e368397192a0f
fd83cdf0ae5bb40aba74b612cce8a676245fd01b4448a56ddcee9c6b423a2cf3
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

vloghealth.info Open in urlscan Pro 103.18.6.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

280 Requests

86 %HTTPS

55 %IPv6

33 Domains

49 Subdomains

37 IPs

10 Countries

6762 kBTransfer

12328 kBSize

34 Cookies

10 Outgoing links

Redirected requests

280 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

vloghealth.info Open in urlscan Pro
103.18.6.85 Public Scan

Screenshot
Live screenshot

Full Image

280
Requests

86 %
HTTPS

55 %
IPv6

33
Domains

49
Subdomains

37
IPs

10
Countries

6762 kB
Transfer

12328 kB
Size

34
Cookies

280 HTTP transactions
13 data transactions