hoacucxanh.com Open in urlscan Pro
203.113.174.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hoacucxanh.com/benh-phan-trang
Submission: On October 20 via api (October 20th 2023, 9:37:48 am UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 16 domains to perform 136 HTTP transactions. The main IP is 203.113.174.46, located in GJinh Lien Chieu, Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is hoacucxanh.com.
TLS certificate: Issued by R3 on October 18th 2023. Valid for: 3 months.

This is the only time hoacucxanh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	203.113.174.46 203.113.174.46	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1 30	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 7	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:780... 2a02:26f0:780::210:a440	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	141.101.90.99 141.101.90.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
136	22

26 203.113.174.46 (GJinh Lien Chieu, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
PTR: nethost-1711.inet.vn

hoacucxanh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.26.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.212 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a440 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.101.90.99 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	483 KB
26	hoacucxanh.com hoacucxanh.com	549 KB
24	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 344	344 KB
21	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443	134 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	201 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	4 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	5 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	467 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	132 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
1	o2online.de portal.o2online.de — Cisco Umbrella Rank: 112551	609 B
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1858	63 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
136	16

	Domain	Requested by
26	hoacucxanh.com	hoacucxanh.com
24	s0.2mdn.net	hoacucxanh.com s0.2mdn.net googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	hoacucxanh.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
18	tpc.googlesyndication.com	hoacucxanh.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	hoacucxanh.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.googleadservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	hoacucxanh.com www.google-analytics.com
2	fonts.googleapis.com	hoacucxanh.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	portal.o2online.de	hoacucxanh.com
1	code.createjs.com	s0.2mdn.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	hoacucxanh.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
136	23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.linkedin.com
www.youtube.com
www.pinterest.com
feeds2.feedburner.com
www.flickr.com

Subject Issuer	Validity	Valid
webdisk.jcxvxtds.nethost-1711.000nethost.com R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
portal.o2online.de E1	`2023-10-01` - `2023-12-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://hoacucxanh.com/benh-phan-trang
Frame ID: 50A85F48DB188A5690467ABF267155E5
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: FC322B687096CE5BBF92D89ADCB2D5CE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&adk=1812271804&adf=3025194257&lmt=1697787462&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662523&bpp=4&bdt=830&idt=253&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3081697358522&frm=20&pv=2&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305
Frame ID: 142B9350A61578101F313434D30E84A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=280&slotname=9452507789&adk=807784419&adf=3869674065&pi=t.ma~as.9452507789&w=1200&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=1200x280&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662527&bpp=3&bdt=834&idt=306&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JL8yJdQYRB&p=https%3A//hoacucxanh.com&dtd=312
Frame ID: 49E672BAC4371468EFA40B16C0918A7F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=90&slotname=4738950112&adk=3885293832&adf=265663406&pi=t.ma~as.4738950112&w=728&lmt=1697787462&format=728x90&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662531&bpp=1&bdt=838&idt=336&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gzc0Rp2De6&p=https%3A//hoacucxanh.com&dtd=339
Frame ID: 427A615091FFF0A002317E5791399E15
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=600&slotname=9452507789&adk=2521902887&adf=681930953&pi=t.ma~as.9452507789&w=217&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=217x600&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662533&bpp=1&bdt=840&idt=353&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad97534077849af-22d0e3039de400a8%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MZ72OREKsvTH9-DSOmxJms_MCVpag&gpic=UID%3D00000c9cd3ffb412%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MY57IBvD0V40o14oxC9WVPIKerhHQ&prev_fmts=0x0%2C1200x280%2C728x90&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xlTEFE7oSr&p=https%3A//hoacucxanh.com&dtd=356
Frame ID: AA03AECCC7605ECEE189D0F3AF13FAB8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjYnrXcATAB&v=APEucNVbbyPK4EJc91F5FkvFGXgt904soGtAWOztSDYi8X59L8upWMiUqQ1gCASmItzIcG4KZ1UD_Zv-2igtnJdJfiwoBsAj4ahr68gzDBTSc_P6LuLRMPTtapTqPvDIUPFTBxHORBbXWIKLVl66j60BXSgxiU9Nd637pWwQzwYydbyM9Y197Ww
Frame ID: 9DCD5CC2D64BB3CB0607A78F3D7BB111
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: 0E39D200DD8A883EDD93CAD24B75E5E0
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNW_Xy0c391_rgy1xA4P6kRPFOtdDrfUKOXgpRBPHaSmskfPahcTX0Vktd1-El7TKyEXMHDxSQuwx507Ft9vXOTW27ocE0zdXNbrA5GJGZS8s4_vZphHrhgx_Dx-z9dOlpxHwAdOpytkI_GKSUXtcgs5I8gZgeyWmTiQpF-ddC3LhaBa9qc
Frame ID: FCC7B6BFD673473444B39AC2F0640DB9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A96D1BA0A4ACAD32C3EA4E44E2AA1064
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 50803523E38864DB77B30E321E4E523B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250
Frame ID: F12C51328B44EC0850F85544B8ED627C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
Frame ID: 639DB05124DABD8C25182D50DC5B4FBF
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js
Frame ID: 3D5D679DA7B015176194E9E9FB3FD96F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js
Frame ID: 7407B533AA5E1200B679FAF960048661
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4DEA7FF99D9639D8FB491B96FAD56CD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC8A8496609EEC67252F89949BE94870
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bệnh phấn trắng trên cây trồng, cách nhận biết, phòng trừ, chữa trị

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

136
Requests

93 %
HTTPS

67 %
IPv6

16
Domains

23
Subdomains

22
IPs

5
Countries

2112 kB
Transfer

4798 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://hoacucxanh.com/benh-phan-trang

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://hoacucxanh.com/benh-phan-trang

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://hoacucxanh.com/benh-phan-trang&media=https://hoacucxanh.com/wp-content/uploads/2022/12/benh-phan-trang-tren-cay-trong.jpg&description=B%E1%BB%87nh%20ph%E1%BA%A5n%20tr%E1%BA%AFng%20tr%C3%AAn%20c%C3%A2y%20tr%E1%BB%93ng%2C%20c%C3%A1ch%20nh%E1%BA%ADn%20bi%E1%BA%BFt%2C%20ph%C3%B2ng%20tr%E1%BB%AB%2C%20ch%E1%BB%AFa%20tr%E1%BB%8B

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://hoacucxanh.com/benh-phan-trang&title=B%E1%BB%87nh%20ph%E1%BA%A5n%20tr%E1%BA%AFng%20tr%C3%AAn%20c%C3%A2y%20tr%E1%BB%93ng%2C%20c%C3%A1ch%20nh%E1%BA%ADn%20bi%E1%BA%BFt%2C%20ph%C3%B2ng%20tr%E1%BB%AB%2C%20ch%E1%BB%AFa%20tr%E1%BB%8B

Search URL Search Domain Scan URL

URL: https://www.facebook.com/%C4%90%C3%A0o-Kh%E1%BA%AFc-Anh-Chuy%C3%AAn-gia-n%C3%B4ng-nghi%E1%BB%87p-102654781813235

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/daokhacanh/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCEHZq6Lsa01LUPK_Xag1C8Q

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/daokhacanh

Search URL Search Domain Scan URL

URL: https://twitter.com/hoacucxanhcom

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/hoacucxanhcom

Search URL Search Domain Scan URL

URL: http://feeds2.feedburner.com/hoacucxanh

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/hoacucxanhcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCU483BeqL5amQ0nkaPfmziA

Search URL Search Domain Scan URL

URL: https://www.flickr.com/people/hoacucxanhcom/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqRaCrWh0-EQhxKqwQ6-W4&google_cver=1

Request Chain 68

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTJKZx58C0RlP68jeDPx3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1

Request Chain 69

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHOMBEXuMnq9dItz2b5wf2M&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHOMBEXuMnq9dItz2b5wf2M%26google_cver%3D1

Request Chain 70

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTJKZx58C0RlP68jeDPx3QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPzCJiv2bu0UbJZQnUFwa1E&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D

Request Chain 107

https://googleads.g.doubleclick.net/pagead/adview?ai=C2ppTZkoyZYe9NdWrxdwPiK2HkAvOsJHucbi6mbq-EWQQASC2uK1_YJXikIKgB6ABoK_7zgPIAQmpAjk0lBoOvrE-qAMByAPLBKoE_gFP0BAezPYLjdfrM5S-GwpuM2zkrdqOkPSMpQnd46E10n7zsb-8ttp5tOUDdmMdnmW_R8tjq0TGqhXm8lz7X2AE3tRlpeH2JpB15bUtyABtYmEpWd47Ywb9P9zbnBxynenbK2hD8u3pJNQ-WWFTvOy4ZFSho-2qwbu20D34p3TGmx5Mrmp1MOBORxi-SVC11CLkr4T7BMQxCAJzq06qwcaWO1t9r-OSrIgzrmlgasjNnDC94zPYqvfaCMnzJwZu6A6lmNeTi8-B2n3V4E-8J9beKm7QTJ7-QN5G9ig9kOvNwioNULMguIX3xNw6tqpAy4Hs-HdcA-2qiHjhlw9reMAEm_fa-ckEiAWMhd35S5IFBAgEGAGSBQQIBRgEoAYugAfI0IQxqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQs8IK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJcWh0dHBzOi8vanZnLXRob21hLmRlLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXktR2VybWFueSYvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheS1HZXJtYW55gAoByAsBuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi05MjY4MzQ0NzA3ODM1MzgxGAA&sigh=bbZl4r4WvcE&uach_m=[UACH]&ase=2&cid=CAQSTADICaaNRtpBchbMTY6_YR-4Ql_3iGt_pq0C-uTXxEgfNWXiCiPoLm7WEdBUeSgB-jJk075oTzGhcqk2YrYQmOw37SvhjQZuOx_Ku7IYAQ&template_id=484&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210007438229341426067%22,%22debug_reporting%22:true,%22destination%22:%22https://jvg-thoma.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970905504%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216728769698611558737%22}&andc=true

136 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request benh-phan-trang Show response
hoacucxanh.com/ 89 KB
20 KB 2171ms
544ms Document
text/html 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed / PHP/7.3.33
Resource Hash: fdf478960ea13b9f97bcbb9bb650d9927a623012e6b7a96c220a21a2e6334e64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-encoding: br
content-length: 20517
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 09:37:23 GMT
etag: "138067-1697760332;br"
link: <https://hoacucxanh.com/wp-json/>; rel="https://api.w.org/" <https://hoacucxanh.com/wp-json/wp/v2/posts/1421>; rel="alternate"; type="application/json" <https://hoacucxanh.com/?p=1421>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
x-litespeed-cache: hit
x-pingback: https://hoacucxanh.com/xmlrpc.php
x-powered-by: PHP/7.3.33

GET
H2 200 style.min.css
hoacucxanh.com/wp-includes/css/dist/block-library/ 79 KB
10 KB 275ms
273ms Stylesheet
text/css 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.8
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Mon, 02 Aug 2021 03:51:21 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 9945
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 style.min.css
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
255 B 276ms
273ms Stylesheet
text/css 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 190
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 screen.min.css
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
1 KB 276ms
274ms Stylesheet
text/css 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1250
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 fl-icons.css
hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/ 328 B
207 B 277ms
275ms Stylesheet
text/css 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/fl-icons.css?ver=3.12
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Sun, 20 Dec 2020 08:40:59 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 142
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 flatsome.css
hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/ 143 KB
27 KB 277ms
275ms Stylesheet
text/css 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/flatsome.css?ver=3.12.3
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Sun, 20 Dec 2020 08:40:59 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 27356
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 style.css
hoacucxanh.com/wp-content/themes/hoacucxanh/ 1 KB
549 B 558ms
557ms Stylesheet
text/css 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/style.css?ver=3.12.3
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 2fe91872a97abc763fb3fb600ab9b84dfa179e815f862eb01e36f8212f28a1d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Wed, 27 Jan 2021 05:08:15 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: text/css
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 483
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6546d556315a0f9d9de5308aa595b59039cb4b00eaa7038504a2342cf1fbf223

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:37:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:37:41 GMT

GET
H2 200 jquery.min.js Show response
hoacucxanh.com/wp-includes/js/jquery/ 87 KB
30 KB 560ms
558ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:23 GMT
content-encoding: br
last-modified: Mon, 02 Aug 2021 03:51:22 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 30310
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 jquery-migrate.min.js Show response
hoacucxanh.com/wp-includes/js/jquery/ 11 KB
4 KB 561ms
559ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:13:26 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 3998
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 135ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9268344707835381

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ccc10c3cf388729402f2830f42c00fe7086763269b097f55087d45e3f0897dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51115
x-xss-protection: 0
server: cafe
etag: 9231246037445102953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 09:37:42 GMT

GET
H2 200 cropped-logo-ngang-hocucxanh.png
hoacucxanh.com/wp-content/uploads/2021/09/ 69 KB
69 KB 566ms
565ms Image
image/png 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hoacucxanh.com/wp-content/uploads/2021/09/cropped-logo-ngang-hocucxanh.png
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 1783b0776cd58aa41b770d67065182633e5aeb8028382c9c0eef3c0aaf0f18dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
last-modified: Sat, 25 Sep 2021 03:17:45 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2629000, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 70955
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 dao-khac-anh.jpg
hoacucxanh.com/wp-content/uploads/2021/08/ 47 KB
47 KB 824ms
823ms Image
image/jpeg 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hoacucxanh.com/wp-content/uploads/2021/08/dao-khac-anh.jpg
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: f5d6b505668a05a58f2aafb4979a92ca726af6d4f9792ea11f05a95ae2a65ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
last-modified: Mon, 30 Aug 2021 12:59:23 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2629000, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 48041
expires: Fri, 27 Oct 2023 09:37:23 GMT

GET
H2 200 flatsome-live-search.js Show response
hoacucxanh.com/wp-content/themes/hoacucxanh/inc/extensions/flatsome-live-search/ 16 KB
5 KB 273ms
273ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.12.3
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Sun, 20 Dec 2020 08:40:59 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 4821
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 hoverIntent.min.js Show response
hoacucxanh.com/wp-includes/js/ 1 KB
700 B 273ms
273ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Mon, 02 Aug 2021 03:51:22 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 657
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 flatsome.js Show response
hoacucxanh.com/wp-content/themes/hoacucxanh/assets/js/ 169 KB
47 KB 274ms
273ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/js/flatsome.js?ver=3.12.3
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Sun, 20 Dec 2020 08:40:59 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 48371
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 comment-reply.min.js Show response
hoacucxanh.com/wp-includes/js/ 3 KB
1 KB 511ms
504ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/js/comment-reply.min.js?ver=5.8.8
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:13:27 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1230
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 wp-embed.min.js Show response
hoacucxanh.com/wp-includes/js/ 1 KB
769 B 511ms
505ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/js/wp-embed.min.js?ver=5.8.8
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Tue, 16 May 2023 20:57:15 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 703
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 jquery.smooth-scroll.min.js Show response
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/ 5 KB
2 KB 512ms
505ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1677
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 js.cookie.min.js Show response
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 2 KB
1 KB 512ms
506ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 995
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 3 KB
1 KB 513ms
506ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1173
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 front.min.js Show response
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/assets/js/ 5 KB
2 KB 513ms
507ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.17-1642562404
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 1568
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 wp-emoji-release.min.js Show response
hoacucxanh.com/wp-includes/js/ 18 KB
4 KB 514ms
507ms Script
application/javascript 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.8
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
content-encoding: br
last-modified: Mon, 02 Aug 2021 03:51:22 GMT
server: LiteSpeed
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 4542
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 133 KB
51 KB 87ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5XXWGHZ

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4d46623d394b7ecd1400a3616bf71b4662366c3c6564f98e28eead5751a29ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52118
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Oct 2023 09:37:42 GMT

GET
H2 200 cropped-logo-ngang-hocucxanh.png
hoacucxanh.com/wp-content/uploads/2021/09/ 69 KB
69 KB 514ms
508ms Image
image/png 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hoacucxanh.com/wp-content/uploads/2021/09/cropped-logo-ngang-hocucxanh.png
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 1783b0776cd58aa41b770d67065182633e5aeb8028382c9c0eef3c0aaf0f18dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
last-modified: Sat, 25 Sep 2021 03:17:45 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2629000, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 70955
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 184ms
110ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9268344707835381

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9db25adb32dac7bda8721b87ccd2c96173f7c200f812b1ebbb99ccfae121a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51114
x-xss-protection: 0
server: cafe
etag: 9559777904136490510
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 09:37:42 GMT

GET
H2 200 benh-phan-trang-tren-cay-trong.jpg
hoacucxanh.com/wp-content/uploads/2022/12/ 123 KB
123 KB 505ms
504ms Image
image/jpeg 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hoacucxanh.com/wp-content/uploads/2022/12/benh-phan-trang-tren-cay-trong.jpg
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 18f11c0082be5b1b8cfe10c29efd019a77d165a8e331973e7c1a5a87ae1879f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
last-modified: Sat, 22 Apr 2023 14:14:13 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2629000, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 125874
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 66ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 04:39:37 GMT
x-content-type-options: nosniff
age: 104285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 04:39:37 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 75ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 21:18:33 GMT
x-content-type-options: nosniff
age: 476349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 21:18:33 GMT

GET
H2 200 fl-icons.woff2
hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/icons/ 6 KB
6 KB 504ms
503ms Font
font/woff2 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/icons/fl-icons.woff2
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/fl-icons.css?ver=3.12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67

Request headers

Referer: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/css/fl-icons.css?ver=3.12
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
last-modified: Sun, 20 Dec 2020 08:40:59 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 6536
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 57ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 55283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:16:19 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwaPGR_p.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 70ms
26ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwaPGR_p.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:05:58 GMT
x-content-type-options: nosniff
age: 55904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5368
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 18:05:58 GMT

GET
H2 200 S6uyw4BMUTPHjxAwXjeu.woff2
fonts.gstatic.com/s/lato/v24/ 5 KB
5 KB 54ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:26:34 GMT
x-content-type-options: nosniff
age: 126668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 22:26:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 16 KB
16 KB 33ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:02:44 GMT
x-content-type-options: nosniff
age: 142498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16424
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:41:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:02:44 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 34 KB
34 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3Aregular%2C700%7CLato%3Aregular%2C400%2C700%7CDancing+Script%3Aregular%2C400&display=swap&ver=3.9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:41:03 GMT
x-content-type-options: nosniff
age: 147399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35120
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:03:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 16:41:03 GMT

GET
H2 200 benh-phan-trang-tren-cay-trong.jpg
hoacucxanh.com/wp-content/uploads/2022/01/ 75 KB
75 KB 435ms
435ms Image
image/jpeg 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hoacucxanh.com/wp-content/uploads/2022/01/benh-phan-trang-tren-cay-trong.jpg
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: b97a21734bf03c7256f449179e68b00674ef505199a509e1c03e53da5891e6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/benh-phan-trang
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:24 GMT
last-modified: Tue, 18 Jan 2022 10:07:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2629000, public
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 76589
expires: Fri, 27 Oct 2023 09:37:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 57ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XXWGHZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 07:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6369
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 20 Oct 2023 09:51:33 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 394 KB
134 KB 101ms
85ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9268344707835381&plah=hoacucxanh.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9268344707835381

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

991065215c4dca2da3626a50f6c2b8ceb2dbc7e151407134f7ac2f95fd7bb3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137107
x-xss-protection: 0
server: cafe
etag: 17362332071065903788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 09:37:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame FC32 10 KB
5 KB 37ms
9ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9268344707835381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56066
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 18:03:16 GMT
etag: 2603938475786422795
expires: Thu, 02 Nov 2023 18:03:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
220 B 15ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=700958517&t=pageview&_s=1&dl=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&ul=en-us&de=UTF-8&dt=B%E1%BB%87nh%20ph%E1%BA%A5n%20tr%E1%BA%AFng%20tr%C3%AAn%20c%C3%A2y%20tr%E1%BB%93ng%2C%20c%C3%A1ch%20nh%E1%BA%ADn%20bi%E1%BA%BFt%2C%20ph%C3%B2ng%20tr%E1%BB%AB%2C%20ch%E1%BB%AFa%20tr%E1%BB%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=290968500&gjid=1909751186&cid=1428663930.1697794663&tid=UA-208518343-1&_gid=1713874327.1697794663&_r=1&_slc=1&gtm=45He3ai0n815XXWGHZ&z=1722232285

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d1c2e40ed9e98fd9e35c1416a84a0cb2041b9827c46c2de8a9f48d843703ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hoacucxanh.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hoacucxanh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
81 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CWZ6Y3D71T&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0c07faf1ceaf31b42f8456d79a61689dac86f1b3db9eb73a199c992e784fcf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82959
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 09:37:42 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 46ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-CWZ6Y3D71T&gtm=45je3ai0&_p=700958517&_gaz=1&ul=en-us&sr=1600x1200&cid=1428663930.1697794663&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&dt=B%E1%BB%87nh%20ph%E1%BA%A5n%20tr%E1%BA%AFng%20tr%C3%AAn%20c%C3%A2y%20tr%E1%BB%93ng%2C%20c%C3%A1ch%20nh%E1%BA%ADn%20bi%E1%BA%BFt%2C%20ph%C3%B2ng%20tr%E1%BB%AB%2C%20ch%E1%BB%AFa%20tr%E1%BB%8B&sid=1697794662&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWZ6Y3D71T&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hoacucxanh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 63ms
17ms Ping
text/plain 2a00:1450:400c:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CWZ6Y3D71T&cid=1428663930.1697794663&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CWZ6Y3D71T&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hoacucxanh.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 67ms
37ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CWZ6Y3D71T&cid=1428663930.1697794663&gtm=45je3ai0&aip=1&z=713624534

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
467 B 29ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hoacucxanh.com&callback=_gfp_s_&client=ca-pub-9268344707835381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9268344707835381&plah=hoacucxanh.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e0c2a894cd4b1d2efb95bba3f638c377abeb2ea36e111bdbb1eddc2c62ad17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 142B 0
19 B 263ms
262ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&adk=1812271804&adf=3025194257&lmt=1697787462&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662523&bpp=4&bdt=830&idt=253&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3081697358522&frm=20&pv=2&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=305

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:43 GMT
expires: Fri, 20 Oct 2023 09:37:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49E6 125 KB
40 KB 1405ms
1405ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=280&slotname=9452507789&adk=807784419&adf=3869674065&pi=t.ma~as.9452507789&w=1200&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=1200x280&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662527&bpp=3&bdt=834&idt=306&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JL8yJdQYRB&p=https%3A//hoacucxanh.com&dtd=312

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6010f5cddda626ce7d6bfb6baa5db3882bc06ec9dbb5f493e8b68f5f88b298a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41360
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:44 GMT
expires: Fri, 20 Oct 2023 09:37:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 427A 103 KB
43 KB 802ms
802ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=90&slotname=4738950112&adk=3885293832&adf=265663406&pi=t.ma~as.4738950112&w=728&lmt=1697787462&format=728x90&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662531&bpp=1&bdt=838&idt=336&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gzc0Rp2De6&p=https%3A//hoacucxanh.com&dtd=339

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62cda9b20ea556a9c54bf2a888febd28f5be42d08e5c04375f0795a8deec7823

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43945
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:43 GMT
expires: Fri, 20 Oct 2023 09:37:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA03 117 KB
44 KB 539ms
538ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=600&slotname=9452507789&adk=2521902887&adf=681930953&pi=t.ma~as.9452507789&w=217&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=217x600&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662533&bpp=1&bdt=840&idt=353&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad97534077849af-22d0e3039de400a8%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MZ72OREKsvTH9-DSOmxJms_MCVpag&gpic=UID%3D00000c9cd3ffb412%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MY57IBvD0V40o14oxC9WVPIKerhHQ&prev_fmts=0x0%2C1200x280%2C728x90&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xlTEFE7oSr&p=https%3A//hoacucxanh.com&dtd=356

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e25463347022713a899a05b608465cfcc38c435db5644d16b48f380be6aba92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:43 GMT
expires: Fri, 20 Oct 2023 09:37:43 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ez-toc-icomoon.woff2
hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ 580 B
668 B 274ms
273ms Font
font/woff2 203.113.174.46
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 203.113.174.46 GJinh Lien Chieu, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: nethost-1711.inet.vn
Software: LiteSpeed /
Resource Hash: 9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7

Request headers

Referer: https://hoacucxanh.com/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Origin: https://hoacucxanh.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:25 GMT
last-modified: Wed, 19 Jan 2022 03:20:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="35,39,43,44"
content-length: 580
expires: Fri, 27 Oct 2023 09:37:25 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9DCD 624 B
246 B 49ms
49ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjYnrXcATAB&v=APEucNVbbyPK4EJc91F5FkvFGXgt904soGtAWOztSDYi8X59L8upWMiUqQ1gCASmItzIcG4KZ1UD_Zv-2igtnJdJfiwoBsAj4ahr68gzDBTSc_P6LuLRMPTtapTqPvDIUPFTBxHORBbXWIKLVl66j60BXSgxiU9Nd637pWwQzwYydbyM9Y197Ww

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=600&slotname=9452507789&adk=2521902887&adf=681930953&pi=t.ma~as.9452507789&w=217&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=217x600&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662533&bpp=1&bdt=840&idt=353&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad97534077849af-22d0e3039de400a8%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MZ72OREKsvTH9-DSOmxJms_MCVpag&gpic=UID%3D00000c9cd3ffb412%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MY57IBvD0V40o14oxC9WVPIKerhHQ&prev_fmts=0x0%2C1200x280%2C728x90&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xlTEFE7oSr&p=https%3A//hoacucxanh.com&dtd=356

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=600&slotname=9452507789&adk=2521902887&adf=681930953&pi=t.ma~as.9452507789&w=217&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=217x600&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662533&bpp=1&bdt=840&idt=353&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad97534077849af-22d0e3039de400a8%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MZ72OREKsvTH9-DSOmxJms_MCVpag&gpic=UID%3D00000c9cd3ffb412%3AT%3D1697794662%3ART%3D1697794662%3AS%3DALNI_MY57IBvD0V40o14oxC9WVPIKerhHQ&prev_fmts=0x0%2C1200x280%2C728x90&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1109&ady=1619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=xlTEFE7oSr&p=https%3A//hoacucxanh.com&dtd=356
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:43 GMT
expires: Fri, 20 Oct 2023 09:37:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 0E39 172 KB
61 KB 67ms
8ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 07:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 07:14:36 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 0E39 7 KB
3 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 23:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 23:19:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 0E39 23 KB
9 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 22:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 22:38:35 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E39 41 KB
14 KB 52ms
10ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 16:21:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 0E39 3 KB
1 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 12:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 0E39 20 KB
9 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:21:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E39 187 KB
59 KB 113ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 09:37:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0E39 42 B
63 B 44ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AjgBF4OxoEHnAqQepap8gRtKmR65p5fuK7G6AR5nZpxVHgtOHGB9ndbFBg56H_YGuiiA7nV3BKyE6mU0cMbRS0N4p_hEaAbGwlYF8HqAIDGSjRxno

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 427A 42 B
63 B 58ms
54ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ckvsi-yEhl4efUbST9pRb-tELF0-XwuiQb4MpyyB8aZ8mzEJqOdU4i_zSJnwnVb1tsDICVIQs_4I0MCR3POyPe0ZlI9oz3rNrO2gu_afemRxZaU_o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=90&slotname=4738950112&adk=3885293832&adf=265663406&pi=t.ma~as.4738950112&w=728&lmt=1697787462&format=728x90&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662531&bpp=1&bdt=838&idt=336&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gzc0Rp2De6&p=https%3A//hoacucxanh.com&dtd=339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 427A 3 KB
1 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 12:15:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 427A 20 KB
8 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:21:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 427A 187 KB
59 KB 114ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 09:37:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FCC7 624 B
246 B 51ms
49ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNW_Xy0c391_rgy1xA4P6kRPFOtdDrfUKOXgpRBPHaSmskfPahcTX0Vktd1-El7TKyEXMHDxSQuwx507Ft9vXOTW27ocE0zdXNbrA5GJGZS8s4_vZphHrhgx_Dx-z9dOlpxHwAdOpytkI_GKSUXtcgs5I8gZgeyWmTiQpF-ddC3LhaBa9qc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=90&slotname=4738950112&adk=3885293832&adf=265663406&pi=t.ma~as.4738950112&w=728&lmt=1697787462&format=728x90&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662531&bpp=1&bdt=838&idt=336&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=324&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Gzc0Rp2De6&p=https%3A//hoacucxanh.com&dtd=339
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:43 GMT
expires: Fri, 20 Oct 2023 09:37:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 427A 111 KB
39 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:21:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 16:21:57 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/ Frame 427A 7 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 23:19:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 23:19:55 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 427A 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 22:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 22:38:35 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 427A 41 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 148546
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 16:21:57 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9DCD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqRaCrWh0-EQhxKqwQ6-W4&google_cver=1

43 B
334 B

24ms
22ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqRaCrWh0-EQhxKqwQ6-W4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjYnrXcATAB&v=APEucNVbbyPK4EJc91F5FkvFGXgt904soGtAWOztSDYi8X59L8upWMiUqQ1gCASmItzIcG4KZ1UD_Zv-2igtnJdJfiwoBsAj4ahr68gzDBTSc_P6LuLRMPTtapTqPvDIUPFTBxHORBbXWIKLVl66j60BXSgxiU9Nd637pWwQzwYydbyM9Y197Ww
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDfttadlJMMmfu1%2BxPfr0gelfpznkjueAzi%2F5upNiXptb3SbSECgP8nyxwv5GelsTCpcbcyfgCbXQk1sz6hLIShvni6RMA9m77CmcGYjApI5SygSrs1Rd8CL5ifStvls2h0I0xekpGvOMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819048a8af5592ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOqRaCrWh0-EQhxKqwQ6-W4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9DCD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTJKZx58C0RlP68jeDPx3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1

43 B
738 B

29ms
27ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjYnrXcATAB&v=APEucNVbbyPK4EJc91F5FkvFGXgt904soGtAWOztSDYi8X59L8upWMiUqQ1gCASmItzIcG4KZ1UD_Zv-2igtnJdJfiwoBsAj4ahr68gzDBTSc_P6LuLRMPTtapTqPvDIUPFTBxHORBbXWIKLVl66j60BXSgxiU9Nd637pWwQzwYydbyM9Y197Ww
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvVKlZwhXvfI9D2zuH%2BTOnlTaUsQ1YLGcYOV3%2BkbZ2AyBkdf3CxVAdsSCn5dfw%2BJPVAxdVPdWR%2B84ZyyBLfYdiJmLgBd%2B1Ngfgz3bufPP9JYjh78kPKn4YGWUdsHy8ARLMWRsLieyswcjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819048a92f338fd4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 9DCD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHOMBEXuMnq9dItz2b5wf2M&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHOMBEXuMnq9dItz2b5wf2M%26google_cver%3D1

43 B
896 B

17ms
15ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHOMBEXuMnq9dItz2b5wf2M%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjYnrXcATAB&v=APEucNVbbyPK4EJc91F5FkvFGXgt904soGtAWOztSDYi8X59L8upWMiUqQ1gCASmItzIcG4KZ1UD_Zv-2igtnJdJfiwoBsAj4ahr68gzDBTSc_P6LuLRMPTtapTqPvDIUPFTBxHORBbXWIKLVl66j60BXSgxiU9Nd637pWwQzwYydbyM9Y197Ww

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
an-x-request-uuid: f330249e-e0ad-41d3-80c2-3e77250ac493
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.132; 138.199.38.132; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
an-x-request-uuid: 434bf425-46b6-4f7b-900d-22e83a82203f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHOMBEXuMnq9dItz2b5wf2M%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9DCD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
an-x-request-uuid: a1a4418b-b411-446e-a35b-a50ec7ff7139
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0E39 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af44d0354e138244eb083d1a98a2f9894572cd30efc4bd13fd640edd480c5304

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A96D 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 16:21:58 GMT
expires: Thu, 17 Oct 2024 16:21:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5080 22 KB
8 KB 12ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 Oct 2023 16:21:58 GMT
expires: Thu, 17 Oct 2024 16:21:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FCC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1

43 B
774 B

28ms
27ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNW_Xy0c391_rgy1xA4P6kRPFOtdDrfUKOXgpRBPHaSmskfPahcTX0Vktd1-El7TKyEXMHDxSQuwx507Ft9vXOTW27ocE0zdXNbrA5GJGZS8s4_vZphHrhgx_Dx-z9dOlpxHwAdOpytkI_GKSUXtcgs5I8gZgeyWmTiQpF-ddC3LhaBa9qc
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvvceca85R7zbLbJrYJZUs%2F7%2F0Nw%2FhdPbdJydX8wA52t1Z2NANq7qXBDGBB8YuPXh3cZq70Tvmssg%2B0Mw5l9TwoMx5gCKqBoMfnyURnX%2BJ4nq8dHpr7WLcLuQ2%2BcPyxuCNmhhxh6SnDDOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819048a8dee18fd4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FCC7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTJKZx58C0RlP68jeDPx3QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1

43 B
733 B

31ms
28ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNW_Xy0c391_rgy1xA4P6kRPFOtdDrfUKOXgpRBPHaSmskfPahcTX0Vktd1-El7TKyEXMHDxSQuwx507Ft9vXOTW27ocE0zdXNbrA5GJGZS8s4_vZphHrhgx_Dx-z9dOlpxHwAdOpytkI_GKSUXtcgs5I8gZgeyWmTiQpF-ddC3LhaBa9qc
Protocol: H3
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gu1GqV8PWeZsMhDPer3EI36xHh0vJSjm8OYxfe%2FNowFRzwJleFzwDJYcntySvXuVzsrggEKveOKnzW5cdadNsSasgdRE6gEIa51inYDA6%2BbAzFIzCi4mkJeYfR%2BDuBfzmuFKgVz8Sosdlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819048a92f358fd4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKC48m7GvOopPM0T2OseXp4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame FCC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPzCJiv2bu0UbJZQnUFwa1E&google_cver=1

43 B
847 B

14ms
14ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPzCJiv2bu0UbJZQnUFwa1E&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhic9cDjATAB&v=APEucNW_Xy0c391_rgy1xA4P6kRPFOtdDrfUKOXgpRBPHaSmskfPahcTX0Vktd1-El7TKyEXMHDxSQuwx507Ft9vXOTW27ocE0zdXNbrA5GJGZS8s4_vZphHrhgx_Dx-z9dOlpxHwAdOpytkI_GKSUXtcgs5I8gZgeyWmTiQpF-ddC3LhaBa9qc

Protocol

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
an-x-request-uuid: 1873c70c-70e8-4465-9d38-613bdeae980a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPzCJiv2bu0UbJZQnUFwa1E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FCC7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D

170 B
188 B

30ms
28ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:43 GMT
an-x-request-uuid: 5f5674c7-3803-4026-b0f6-9bb91ef922b8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzMxNjE4OTgzNDg2MzU2MTUxNw%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 427A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 736e356d10ed42216b18cf0eb23443e1acadc6686dfa0e8e2b10a49c81d4667b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 160x600.html Show response
s0.2mdn.net/sadbundle/5793540040533475328/ Frame F12C 47 KB
12 KB 38ms
22ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38cd707764af5e7610feaee1542d30cfd86a74d0eee75df12aaf6b1d0ded65e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:43 GMT
expires: Sat, 19 Oct 2024 09:37:43 GMT
last-modified: Wed, 15 Feb 2023 15:29:42 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E39 0
0 121ms
55ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdda_2vUjEMKVdKyEKagZCv28ZUza0yKqdfOydytAiBw3HgGb4DXXqFYWIUVHkpw46QjlSGveqAHMY9Iru55wC0xyBdXfogJhIR3HsFs0gcqPQ7POQTRTRbcUp1YSMHHjODYavEh9xqy2QwWrbdfNX15Pud0X6m5bhf8jOgG4krKI6LGAd5_NJyahSfZ3bd1sA5Vq1TVWZdX2HmItyMK41PrlaQSg217P7eqiil_Q_AoUIdJQVpeE5dRFKb5zorpn6vi9ghh_9xsmhoVkPX_nqrKNyntMgARqH8wQGPcFACTQjrbSOYjsMt-a3vera9KXhbtvFDriv1VQz25k1Dwnu8gwNAdxxvSYKZm49O_Ps-ODBKT8xdq79hxxznLfQ7efVLvb8p247lbKYmBfxN0r1DTZhywiRfZ2JCP2imaTML1FKRZR7FqJjQCanIWogCo54hFQCe4hO58J6KR2_XMsWKjtXqJPUd581-akWOVMmJObScUSZM5yMK1kn_tPxnwePNrMPraxygDbPHmuDRfhz8_MsfJC7x6aOnKUJTIhgPlU2q_gDiBjubGIkUZ-uECPxnhb_GYFAjBdPWb6t70MS3ugUI_cu4tMEH6DHt1lKDTewQNSuxnH-trKhgWOGN_SS9MuxRdxbHg4WYCgLXlefmiUCNhBrDs7v_SaEem4tNSZSI38k4AdvuNKhaVy93JwR7p_Q8KT9iIh7qqKftjp752Yi9qn_wOp9G76cu44BF4T3VgU7euIoAgNo9d205NMfDUyaGwE7p2KNAVJLTMAFW-3aUVAJIxrvbPquRR_PC4YigYXk_cfFZ0EpNRS3Kq80y-cU5b1CJ7TOfqqqRH0WJN7tDS751SnXyJdZNcOIw4FZ3wXcXBW4jrFg2KBjoFyeFTgB26ZpQO4GPhj9TJjgBOGGRMA-4lI7P7IfLIjTwm85YLj0rNgRAioZFIuyMcKJOWpqTB3_LMQbp5B71gYDHdAMv490YRc2oTnTEBNBx6Fp7yxiuv-SPZU3SznpaHbJVYQ9-GeVviNGAx2l7bB1F6DljbaKi4Cen7wTfmB9KoKgOfIkOvg_wgbGPY2PuZi7P9ni9Mlp7oV4o2yQJaEjYtbPAZKzSb2uJmrMaL-RAo-KGllirMkGlNyNwQWKxXUfS__lCWexgL736YzJyDlhdTgNbvWFbC_n9RyFdAIiZCCdaO45Vw1jlGpDte3_l-goxsg-2R8hNyReq01l7hilwYAVMNHF3TC_BfdgGeS5m8fQfkC75gYIMFV4C-uYqR93YSdBM6S584MKQWr-YE98tgsgjqItaGLJwu8SmHw&sai=AMfl-YRBuwDJkFj2z8uNXr_9SKbG2wQwz72fz0HvdiEJrHL_mWfRCHdiMIlJFILmytfMr_E6zW0OurxaEtMozHb7EmLUnDWWS1AJi-q-cI1KSlqOroJwdmrzZRbqwPJ-7Lxw9nPkD4gjZOcD0F3EZUx_QI9Q23LgO46maSeFGwWAIGageQ5bfYxxKWML3EeUwwBT6Ii0pR81Hj65A3HQKIc8MjOMZy3OQOhQzF_L2_3zbJV0VADoWysdaWO0KM3M81hRK77S-m6rPRylIg69t0Jszq0Blqe_eKNPZQoHHznEjXPJ_R3SKtREZEByoZg1kpw_XAXHyVZFEJ79kyAgGMGb_ny8eI_pdYjPlr3GZb9QAlOs6bPRBEOVaCZ337lJKJLkdgvSggKdcDfpr1H0eUEjQ3D0HV6jwk_qaszFrG9EnM0VoGoeEKkL--r1bHsCHhS7pnF19RRymxoDm2rSvN35E5K2sA&sig=Cg0ArKJSzFNv-s7FzVaNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=129&cbvp=1&cstd=119&cisv=r20231011.90422&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 09:37:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 6 KB
2 KB 32ms
28ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9927e1dc3ce0335c03b4790b36621f5f9ea35a35884f430346f8c2dd52b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 549581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2125
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 14 Oct 2023 00:58:02 GMT
expires: Sun, 13 Oct 2024 00:58:02 GMT
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 427A 0
0 101ms
53ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFrIhUMAR4aaDK2c1NlDfZZDt54m9yObdvrZlG3lLpT5QfJUhBEqhtSd6ecZXTRDaoqCsSITTGJlZ4ysRTclg2JwWpjJ5jKMdSyos4uoH7Q5s4zs68Du7X2fbYjPEVBwMZo_oU25N6c7-EKc8lsw9K2VuMrPcddXZbICA9rbP5tTewPRkTvc5ggcKfWIkMYk6Tqwusyq2yhavWf8shi3im4lsGo_sKgA-6FvP5g2NZs7yCJLzx6g_GOmGNYDRNhmcRa2MSMYGV_ULVKPZ1RzvFWMw4Qh7UUU7atOCiHqfnMSncbS1nzDEJo28rKrK0Q1InfV7AiDc9j5p906WipEVBsdLwamf3_jp9kmcHKIqX_74uTvFdWyhYAgFDJ13uidV2nT-WEHz5i-OqMgSiXiRjOOsDSgTsApKmK6pjQE2Z1HhhCBL_sOz8hVEsA14etiKatVZyCF8aI1Gc2ez8VeqlnBJWH0CUEJlMKKhx_B0BMJDVn3HKMsNmJ7vTRxKchzZHNonwQ4kVG1gBBMOHULTYSBzY17Hja1h0I_ZF16FXysfplkcum7ujTPnomVtl6CwVYO9ipi7b_vk2OgvITRHGnLgSEG-CKHnYZuyMbrWk_3rWX8s6WVUrS_sITQQcq6zXXHaBQUI4GmyWO1bbhuXFJclQqhsJCU6R5IC0_7KE0-low1LOCCp5Rwyi2YOCBN1P-m0LVTutkqj030yMVmxQWFsg8OYt8BnUJlQZ3Cv50K_rqbfeSHmodVHierBoTBk_kXVdwP439va9szmJqAEBKrkGu8kGkT0dMCwUoU_2cguYUqWtitYf9xUwNYTSIev9OCQjcAlHruftmnNEhMlyNyWx5ApQt_2gCNw-_gEDddqott5VUHyZzpHCaRq-PGp-NUs_9cz65b3DPw4osZ5CihiK2I_qWcP5FCyvwy9A4M9FgCKukcvSPNfALaFmLf92F17EMdD_nHJjrleqirs4ddmnnaV7_p_R8dR-mPPQvwpfOeVN11y3OxsPq-H-KbwSbWMc57gB2PLjlWnaHPKoWrqcm8j6Orynk8lb5cr4OaR4iz1ziaNgoDld9bKGMBRQbbhqa_5wreh2vch3AigzsOKawW5hCaqJbhNFAg4t3rHgyeeARyT2ZcYINO57lzWEDGAKYQK-3Iy7DEZ-9lYM284J2qlYl4nVlh-z79Hq1mUWYGX_JUw--Lm7pKe3SukdMlPOXtuFyvFRTvmwXqL98fXEKldUwODNhLwI-KCOxDFp0ZK2EHtyt99PtnJrBc712T8UZeTa03U&sai=AMfl-YSBvuNoxEsAu4qoBnTI8EInZWuZ4fNE1tw5xV24leBj3vxNiDMO41AIS6ffxMm62CIvfxv4sadiP4ljq4R4ECa2Br_EZ7XdLkCd0FT46IYnTIpZ0t8mPKm4mUyeTpsHzaxHnhM4ymva0ipZS3sU2JN3pbJfkV51TzbR-ShlKgSIP8uiVyYnfch526f7EETQYqyev6hniQYiF4jyrr-VOjEkN7RdYf994VHALxVBVMDMltR-OBprFtHYkOVQiGb5HUPaAHPXqtszFgsPt3NUXnWmqOP14JeCukyu7i0UMME6JmmxTCHZ84--EeNHiNdjqcoz9nFtWFeyIHAslr54HCYVtjDKI7xobvteJ8DJfpAFvyiNOAGmbLBKCCuR5eAIbjZDoZskV-GpKlBkm-OJbskDwxUKUUK0e0hVGKVZZj9X-hBsFamylAQTW9ca_FQrV8tJFg7MXjMe3HHIwiqro67DxUyCiNBn2fV-WEsYggBvCaI&sig=Cg0ArKJSzI0VkXldhcR-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=104&cbvp=1&cstd=101&cisv=r20231011.87926&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 09:37:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame F12C 118 KB
40 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 04:40:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 21 Oct 2023 04:40:24 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F12C 63 KB
25 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 09:37:44 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 639D 236 KB
63 KB 83ms
29ms Script
text/javascript 2a02:26f0:780::210:a440
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a440 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Fri, 20 Oct 2023 09:52:44 GMT

GET
H3 200 728x90_kia-flex_rio.js Show response
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 38 KB
6 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/728x90_kia-flex_rio.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1a41f8fd840c4b43341df70db9038e7ee89b46f495406a2bb9e36afefe891c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62684
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6191
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 16:13:00 GMT

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame A96D 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:03:31 GMT

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5080 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:03:31 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0E39 0
0 44ms
44ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvdda_2vUjEMKVdKyEKagZCv28ZUza0yKqdfOydytAiBw3HgGb4DXXqFYWIUVHkpw46QjlSGveqAHMY9Iru55wC0xyBdXfogJhIR3HsFs0gcqPQ7POQTRTRbcUp1YSMHHjODYavEh9xqy2QwWrbdfNX15Pud0X6m5bhf8jOgG4krKI6LGAd5_NJyahSfZ3bd1sA5Vq1TVWZdX2HmItyMK41PrlaQSg217P7eqiil_Q_AoUIdJQVpeE5dRFKb5zorpn6vi9ghh_9xsmhoVkPX_nqrKNyntMgARqH8wQGPcFACTQjrbSOYjsMt-a3vera9KXhbtvFDriv1VQz25k1Dwnu8gwNAdxxvSYKZm49O_Ps-ODBKT8xdq79hxxznLfQ7efVLvb8p247lbKYmBfxN0r1DTZhywiRfZ2JCP2imaTML1FKRZR7FqJjQCanIWogCo54hFQCe4hO58J6KR2_XMsWKjtXqJPUd581-akWOVMmJObScUSZM5yMK1kn_tPxnwePNrMPraxygDbPHmuDRfhz8_MsfJC7x6aOnKUJTIhgPlU2q_gDiBjubGIkUZ-uECPxnhb_GYFAjBdPWb6t70MS3ugUI_cu4tMEH6DHt1lKDTewQNSuxnH-trKhgWOGN_SS9MuxRdxbHg4WYCgLXlefmiUCNhBrDs7v_SaEem4tNSZSI38k4AdvuNKhaVy93JwR7p_Q8KT9iIh7qqKftjp752Yi9qn_wOp9G76cu44BF4T3VgU7euIoAgNo9d205NMfDUyaGwE7p2KNAVJLTMAFW-3aUVAJIxrvbPquRR_PC4YigYXk_cfFZ0EpNRS3Kq80y-cU5b1CJ7TOfqqqRH0WJN7tDS751SnXyJdZNcOIw4FZ3wXcXBW4jrFg2KBjoFyeFTgB26ZpQO4GPhj9TJjgBOGGRMA-4lI7P7IfLIjTwm85YLj0rNgRAioZFIuyMcKJOWpqTB3_LMQbp5B71gYDHdAMv490YRc2oTnTEBNBx6Fp7yxiuv-SPZU3SznpaHbJVYQ9-GeVviNGAx2l7bB1F6DljbaKi4Cen7wTfmB9KoKgOfIkOvg_wgbGPY2PuZi7P9ni9Mlp7oV4o2yQJaEjYtbPAZKzSb2uJmrMaL-RAo-KGllirMkGlNyNwQWKxXUfS__lCWexgL736YzJyDlhdTgNbvWFbC_n9RyFdAIiZCCdaO45Vw1jlGpDte3_l-goxsg-2R8hNyReq01l7hilwYAVMNHF3TC_BfdgGeS5m8fQfkC75gYIMFV4C-uYqR93YSdBM6S584MKQWr-YE98tgsgjqItaGLJwu8SmHw&sai=AMfl-YRBuwDJkFj2z8uNXr_9SKbG2wQwz72fz0HvdiEJrHL_mWfRCHdiMIlJFILmytfMr_E6zW0OurxaEtMozHb7EmLUnDWWS1AJi-q-cI1KSlqOroJwdmrzZRbqwPJ-7Lxw9nPkD4gjZOcD0F3EZUx_QI9Q23LgO46maSeFGwWAIGageQ5bfYxxKWML3EeUwwBT6Ii0pR81Hj65A3HQKIc8MjOMZy3OQOhQzF_L2_3zbJV0VADoWysdaWO0KM3M81hRK77S-m6rPRylIg69t0Jszq0Blqe_eKNPZQoHHznEjXPJ_R3SKtREZEByoZg1kpw_XAXHyVZFEJ79kyAgGMGb_ny8eI_pdYjPlr3GZb9QAlOs6bPRBEOVaCZ337lJKJLkdgvSggKdcDfpr1H0eUEjQ3D0HV6jwk_qaszFrG9EnM0VoGoeEKkL--r1bHsCHhS7pnF19RRymxoDm2rSvN35E5K2sA&sig=Cg0ArKJSzFNv-s7FzVaNEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=453&vt=11&dtpt=324&dett=3&cstd=119&cisv=r20231011.90422&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 bg_01.jpg
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 24 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/bg_01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

055fd15ae2be827ad7262bdbfbc1d14a4138efc1c09b92deae8eae5efdc64902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 23:02:23 GMT
x-content-type-options: nosniff
age: 470121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24531
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Oct 2024 23:02:23 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 427A 0
0 62ms
62ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstFrIhUMAR4aaDK2c1NlDfZZDt54m9yObdvrZlG3lLpT5QfJUhBEqhtSd6ecZXTRDaoqCsSITTGJlZ4ysRTclg2JwWpjJ5jKMdSyos4uoH7Q5s4zs68Du7X2fbYjPEVBwMZo_oU25N6c7-EKc8lsw9K2VuMrPcddXZbICA9rbP5tTewPRkTvc5ggcKfWIkMYk6Tqwusyq2yhavWf8shi3im4lsGo_sKgA-6FvP5g2NZs7yCJLzx6g_GOmGNYDRNhmcRa2MSMYGV_ULVKPZ1RzvFWMw4Qh7UUU7atOCiHqfnMSncbS1nzDEJo28rKrK0Q1InfV7AiDc9j5p906WipEVBsdLwamf3_jp9kmcHKIqX_74uTvFdWyhYAgFDJ13uidV2nT-WEHz5i-OqMgSiXiRjOOsDSgTsApKmK6pjQE2Z1HhhCBL_sOz8hVEsA14etiKatVZyCF8aI1Gc2ez8VeqlnBJWH0CUEJlMKKhx_B0BMJDVn3HKMsNmJ7vTRxKchzZHNonwQ4kVG1gBBMOHULTYSBzY17Hja1h0I_ZF16FXysfplkcum7ujTPnomVtl6CwVYO9ipi7b_vk2OgvITRHGnLgSEG-CKHnYZuyMbrWk_3rWX8s6WVUrS_sITQQcq6zXXHaBQUI4GmyWO1bbhuXFJclQqhsJCU6R5IC0_7KE0-low1LOCCp5Rwyi2YOCBN1P-m0LVTutkqj030yMVmxQWFsg8OYt8BnUJlQZ3Cv50K_rqbfeSHmodVHierBoTBk_kXVdwP439va9szmJqAEBKrkGu8kGkT0dMCwUoU_2cguYUqWtitYf9xUwNYTSIev9OCQjcAlHruftmnNEhMlyNyWx5ApQt_2gCNw-_gEDddqott5VUHyZzpHCaRq-PGp-NUs_9cz65b3DPw4osZ5CihiK2I_qWcP5FCyvwy9A4M9FgCKukcvSPNfALaFmLf92F17EMdD_nHJjrleqirs4ddmnnaV7_p_R8dR-mPPQvwpfOeVN11y3OxsPq-H-KbwSbWMc57gB2PLjlWnaHPKoWrqcm8j6Orynk8lb5cr4OaR4iz1ziaNgoDld9bKGMBRQbbhqa_5wreh2vch3AigzsOKawW5hCaqJbhNFAg4t3rHgyeeARyT2ZcYINO57lzWEDGAKYQK-3Iy7DEZ-9lYM284J2qlYl4nVlh-z79Hq1mUWYGX_JUw--Lm7pKe3SukdMlPOXtuFyvFRTvmwXqL98fXEKldUwODNhLwI-KCOxDFp0ZK2EHtyt99PtnJrBc712T8UZeTa03U&sai=AMfl-YSBvuNoxEsAu4qoBnTI8EInZWuZ4fNE1tw5xV24leBj3vxNiDMO41AIS6ffxMm62CIvfxv4sadiP4ljq4R4ECa2Br_EZ7XdLkCd0FT46IYnTIpZ0t8mPKm4mUyeTpsHzaxHnhM4ymva0ipZS3sU2JN3pbJfkV51TzbR-ShlKgSIP8uiVyYnfch526f7EETQYqyev6hniQYiF4jyrr-VOjEkN7RdYf994VHALxVBVMDMltR-OBprFtHYkOVQiGb5HUPaAHPXqtszFgsPt3NUXnWmqOP14JeCukyu7i0UMME6JmmxTCHZ84--EeNHiNdjqcoz9nFtWFeyIHAslr54HCYVtjDKI7xobvteJ8DJfpAFvyiNOAGmbLBKCCuR5eAIbjZDoZskV-GpKlBkm-OJbskDwxUKUUK0e0hVGKVZZj9X-hBsFamylAQTW9ca_FQrV8tJFg7MXjMe3HHIwiqro67DxUyCiNBn2fV-WEsYggBvCaI&sig=Cg0ArKJSzI0VkXldhcR-EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=443&vt=11&dtpt=339&dett=3&cstd=101&cisv=r20231011.87926&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F12C 8 KB
6 KB 58ms
53ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3da18af3d5f0e946aa6980ded5aac631be5b61735bb7c075ea11b594d26e60b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5976
x-xss-protection: 0

GET
H3 200 60005582_20230915064834169_160x600_LOOK_01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F12C 34 KB
34 KB 15ms
10ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915064834169_160x600_LOOK_01.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bb5bd060c0d2e80217f5faa941c407e855fac3688ea3cc880a799f756ca96c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 22:01:11 GMT
x-content-type-options: nosniff
age: 41793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34304
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:48:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 22:01:11 GMT

GET
H3 200 60005582_20230915064837793_160x600_LOOK_02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F12C 34 KB
34 KB 17ms
13ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230915064837793_160x600_LOOK_02.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6f0a138f1a0aafc8c89cb0f3e343a59103bc814dc7fb06624d17b77f786b449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 21:52:08 GMT
x-content-type-options: nosniff
age: 42336
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34347
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 13:48:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 21:52:08 GMT

GET
H3 200 60005582_20230919054012927_160x600_LOOK_03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame F12C 32 KB
32 KB 18ms
13ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20230919054012927_160x600_LOOK_03.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

881ab6b61ea324e83ec22544ada39d02899aa8a99d39dcac5e9d943fab401bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5793540040533475328/160x600.html?e=69&leftOffset=0&topOffset=0&c=pV3RDfafgN&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 10:25:14 GMT
x-content-type-options: nosniff
age: 83550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32507
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 12:40:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 20 Oct 2023 10:25:14 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame F12C 43 B
609 B 118ms
32ms Image
image/gif 141.101.90.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=29118705_4307561_354695792_145341318_PO2702A20230922&ref=29118705_4307561_354695792_145341318_PO2702A20230922
Requested by: Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.101.90.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 09:37:44 GMT
via: 1.1 varnish-live-2-1
CF-Cache-Status: HIT
age: 2053390
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 43
last-modified: Wed, 06 Sep 2023 10:08:20 GMT
Server: cloudflare
etag: "2b-604adec440d00"
Vary: Accept-Encoding
Content-Type: image/gif
x-varnish: 117587040
cache-control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 819048abce2d65c4-FRA
Expires: Sat, 19 Oct 2024 09:37:44 GMT

GET
H3 200 bg_02.jpg
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 20 KB
20 KB 27ms
21ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/bg_02.jpg

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

357cda611e6b8f1f68ed612eb0207f346a8f6260002425a783af818ad09826b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 23:02:23 GMT
x-content-type-options: nosniff
age: 470121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20436
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Oct 2024 23:02:23 GMT

GET
H3 200 btn_cta.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 438 B
465 B 19ms
10ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/btn_cta.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e2e156d5d861e513457927036cc4cc08f1ae5ee35562213f40db5840487f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 15:15:53 GMT
x-content-type-options: nosniff
age: 66111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 15:15:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 49E6 4 KB
751 B 27ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9268344707835381&output=html&h=280&slotname=9452507789&adk=807784419&adf=3869674065&pi=t.ma~as.9452507789&w=1200&fwrn=4&fwrnh=100&lmt=1697787462&rafmt=1&format=1200x280&url=https%3A%2F%2Fhoacucxanh.com%2Fbenh-phan-trang&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697794662527&bpp=3&bdt=834&idt=306&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3081697358522&frm=20&pv=1&ga_vid=1428663930.1697794663&ga_sid=1697794663&ga_hid=700958517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31078831%2C44805113%2C44805534%2C44805681%2C44805919%2C31078297%2C21065725&oid=2&pvsid=3902455996671235&tmod=887898652&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=JL8yJdQYRB&p=https%3A//hoacucxanh.com&dtd=312

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 09:04:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 09:37:44 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 49E6 2 KB
892 B 20ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 22:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 22:52:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/ Frame 49E6 23 KB
9 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 14:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9145
x-xss-protection: 0
server: cafe
etag: 13066256994748809036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 14:03:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 49E6 3 KB
1 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 12:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 12:15:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/ Frame 49E6 20 KB
8 KB 21ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231011/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:21:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8337
x-xss-protection: 0
server: cafe
etag: 13483435759450910196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:21:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 49E6 187 KB
59 KB 42ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 09:37:44 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 49E6 35 KB
15 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 18 Jan 2024 00:02:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F12C 17 KB
6 KB 23ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 09:37:44 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 49E6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C2ppTZkoyZYe9NdWrxdwPiK2HkAvOsJHucbi6mbq-EWQQASC2uK1_YJXikIKgB6ABoK_7zgPIAQmpAjk0lBoOvrE-qAMByAPLBKoE_gFP0BAezPYLjdfrM5S-GwpuM2zkrdqOkPSMpQnd46E...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210007438229341426067%22,%22debug_reporting%22:true,%22destination%22:%22https://jvg-thoma.de%22,%22event_report_window%22:...

0
0

57ms
40ms

Fetch
text/css

142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210007438229341426067%22,%22debug_reporting%22:true,%22destination%22:%22https://jvg-thoma.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22970905504%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216728769698611558737%22}&andc=true

Requested by

Protocol

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10007438229341426067","debug_reporting":true,"destination":"https://jvg-thoma.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970905504"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"16728769698611558737"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Oct 2023 09:37:44 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 09:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10007438229341426067","debug_reporting":true,"destination":"https://jvg-thoma.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["970905504"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"16728769698611558737"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 headline_01.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/headline_01.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

090654b41d039074ff1ae5b5d8c91de03d0842d3e234e17337488837ab2d9432

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:39:01 GMT
x-content-type-options: nosniff
age: 532723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1077
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Oct 2024 05:39:01 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6142236307237707421/ Frame 49E6 33 KB
33 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6142236307237707421/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfb80b2be16a9b591e2f9260d4ed0b3624e12d35d97cddb2a08575c1dea0ced

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 08:56:21 GMT
x-content-type-options: nosniff
age: 88883
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33956
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 14:45:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Oct 2024 08:56:21 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/14722582561181067970/ Frame 49E6 2 KB
2 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14722582561181067970/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f8ec3b35bc9644710e4e8061000a7cdb809308b4f62015c3ad49768d57554fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 22:36:29 GMT
x-content-type-options: nosniff
age: 126075
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2332
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 12:17:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Oct 2024 22:36:29 GMT

GET
H3 200 headline_02.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/headline_02.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3811c03308fc11e0ee7fb641c6f005845abf2621ff4a64306904c8f538465d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 11:36:36 GMT
x-content-type-options: nosniff
age: 511268
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1958
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Oct 2024 11:36:36 GMT

GET
DATA 200
OK truncated
/ Frame 49E6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1be246a4a910babb117eb42848129368e95eecb8e45580110256a8413ac2ee7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D5D 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 08:23:51 GMT

GET
H3 200 icon_check.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 740 B
770 B 11ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/icon_check.png

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467f3917eae4e04ecc5b93d003a2cc082233813949a443973d66d3e6351a02bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:26:47 GMT
x-content-type-options: nosniff
age: 231057
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 740
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Oct 2024 17:26:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A96D 0
20 B 46ms
44ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQt3DZkoyZdK7OKylxdwPhcKwsAcAAAAAOAHgBAI&bg=!CQqlCkXNAAY5nEQaGZw7ADQBe5WfOKmYbwKN_LmpLW32pUb5BU51b2T3WWh2YrnAFVJ6wqmlUf0hnz1aNP6djXG3fV7cAgAAAQtSAAAAA2gBB5kDDCOn4jHAQyneAAdy-jn8E_rFHjgnNQGJBYKmhwJZEH1C5dqPrdOaicsARSVO82N1eHVQnPCmdxCBC_z7wM45vOXgWo7K18nUEP0cl69qflhexUsMJbdDEZtdkyej5A6FlnGmI1xO5c_F0dAw9RotNpudnApmnbs-FXxFAj5ZVDeC8kWTG6cspzRxhhMmRScU4bgge1beZAK1iZYrbkrt6R9QdAzVwgUxTxk2USWoATia6Fe6Ai8P00BomqJxrNx3zJSZFtYBSY1mflkBt0rMZO2_pubRZuEI6XmhQNlfou026YlQID9IH4httMEStnBRhnsi4AToBpzt7-LgMajyR05v39oEKwvd3X61L3OQfxPNfDOjRef5Ir6SiZuzo0cR1hIqzWWlPKpsuQJWVaR6SA7WbTryNIB2IX3crUtlKgkX_iV9EYV9rSBVvZlAf7mWTvit41JNgV3Idzpg3GYgHm_V5Y4t5aCbpiMMlZ2CpIIPmGdeVXh0WOZ9dS3PULIl1tbhS1o5M49KCkPSJQFzwpAatRKTz2aCEbHh3IyPTfG7vwm1EdEFXjxGWkjrrvjL4jY6YHrOFaMKWugUsOj2lX0Ntc3sBCrIvGymrRDYAc4IihktVRt4UExsBa4JWgksKabmcd_PBKoIVzjLoU19wzSnxGuFcVRJ59BfGo-8N5xvKohcGkbWh4LDZj63Eubpe0V4k40CfkbBJ3VeRQJKRysDopnR1msK8tok_Bs4MMMWVrsmTa8jRPPQ3SQNQ80tPj-1xy85wMYkDCTgn_0jWzdD-nfdqQZduvvwWT2gca_N7N3BoxjzP-5DGYeVISj8zFWLglxhmPBXHdqXqrenvDRDWVF0xGDVvWh2VeR-7l54IZGMbPuv87mTyF206bT--8Es_ghzOqjWrH7Yc7iSxtuTNwdhmjL1O9d5RxYvIs1yF_EfDZaIvo9XTewirJ99r8uiiyUfDRIsOwctfUe70taUpvvAqE38-4FGCraUC_ZgQevQwDuoPWYmYCHKq1Lxn0w_lO6MJ-kK8klzxQ

Requested by

Host: hoacucxanh.com
URL: https://hoacucxanh.com/benh-phan-trang

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49E6 16 KB
16 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 231090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 17:26:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49E6 15 KB
15 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:12:51 GMT
x-content-type-options: nosniff
age: 62693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Oct 2024 16:12:51 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 79ms
41ms Preflight
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 09:37:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
67ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cc2380dc03950c80d95f50b299afa69c5dc92b41b55e25d420269a0c16f9ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12064
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5080 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLkPpZkoyZbC6N9avxdwPwuqkgAQAAAAAOAHgBAI&bg=!4-Cl4K_NAAY5nEQaGZw7ADQBe5WfOOfftS7aJxXc3yqwMsTyfm-Oz5o-P3Zr4Pc7Yiiq3I6Qo_vM8K6ieCnAvip78mYvAgAAAUxSAAAAA2gBBwoAIdPHYTJssmJ6qmQxCuOl9FvFzoF_HIJZhx2BZOnzg464y5kC4V7UD1OP0cRBuvYHsQKLiGrLsqxftg-o2AOVikZ8qEV3vp6zUgwif7KGsxmBNcroNxfTSefGjdHIkRrQPf5JFwTlR0rvvIPPwmFJUVLsS5ajZKK1xT2vcWBc_fT7Pbp5OyrF1uKCyJhTCbyvugH9wF_g0hYdSMwqLzDdiwC-ekxt4aW841U08-ydA3olFG4Sw5U7jQaOrFQpcSMHJmJH1yT0UwaRE8xwvO63KeVt0DXdePU_Z4C-uQQTqy84aZYbKhvXd7nJ9J-tqFzhz4j-fSUNxyZUVlPmnqtVGrTD8teTAPNGJO4ms-5_x8j4K7YMUKKiBg5_XMHVyRBHlRBeKRfk5kvMn9HXJ0y6CtNJDQyOCnEjf9LL1w1h9zGG4CHvi63XCsU2_IYF4Zl8eN9xux8fUYPibft2R1LNVwvlfz4dPmkc4e_GOS2LhgBPKYWd9r0BlyUaB6EXdahjOKBtUGP8Oqy0eRiKDshpNylShfJgGA3x6lW3tCjkxY0YkEofnxwKdvnDIvwG-yAV6i-2E4uj2zX--IVzqzIkE_sqKnoi2isFR0jRAi81sfsy3ZogAwZ6U3o4QitjCwlrSsaUXv3-2a_rYeD3NDHk2kRxMBCvS40pJfkEhs_XPzqGGBGObQjuVbppqfdgANN88mzT_-q_VurSGtIzLOBMejMCrZXq7MllL1CyGuc6jjDqX3kVU0VwHLkiAbo_CdKu4DMuqBJHiRkoQn_iXlgjHCK91JxW_mcmjII5jxWoMtdRrCsH36E9JBgGKpqLSs1WKY1hbEGe-2a-CMF2_--uiGobkEBhdtj2CwQb4QRhRll6inpIlqi0vmXpkJ03ZA6YMqMsmYchMDf0886aZcZ6UCN44OAh1nkv32426tbvd5oGUtTTm79eS6IY2qdtwly1a9CCX0IGrIGW7ChA2MAW5B_gz3wtJ7TSsendyRC75qFsFUT458f8xsZzo-4f6XOroICfmzQ7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kia_flex_white.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/kia_flex_white.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27b3b668a4d0e76ab6d3e9595aca410859c3733ad4108c3329aab1340948015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 14:15:13 GMT
x-content-type-options: nosniff
age: 588151
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1988
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Oct 2024 14:15:13 GMT

GET
H3 200 gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7407 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gkc7GkOx0NjYAbDEAjG_3nA6cC9mq0x3jEC3r4qNpAU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:03:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14604
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:03:31 GMT

GET
H3 200 liste_01.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 693 B
727 B 8ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/liste_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3565b100a05581186cc960900bc7919bf4c14f00a2191a4ac0794546c8586904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 18:32:04 GMT
x-content-type-options: nosniff
age: 399940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 693
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Oct 2024 18:32:04 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 559ms
558ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 09:37:45 GMT

GET
H3 200 liste_02.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 882 B
917 B 7ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/liste_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc903194a62def3cc2fab8ff67f5f74928753307379b6dad8f52becc3d71ae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 17:55:30 GMT
x-content-type-options: nosniff
age: 315734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 882
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Oct 2024 17:55:30 GMT

GET
H3 200 liste_03.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 804 B
839 B 29ms
24ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/liste_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7b72e7528995c7f3ad1934d7a66094a279f686d66424be237c42d6817f59ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:39:32 GMT
x-content-type-options: nosniff
age: 532692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 13 Oct 2024 05:39:32 GMT

GET
H3 200 liste_04.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 813 B
848 B 7ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/liste_04.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b9df0bca75fa90fdfec9524abd05b13f10a58ec4b7b06d0b9daf038d4af977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 20:47:21 GMT
x-content-type-options: nosniff
age: 564623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 813
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Oct 2024 20:47:21 GMT

GET
H3 200 preis.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/preis.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1e7f4c5daa1939e8470d0f1b20d71d5f73320f6091d48417767fc18e6c781b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 11:55:28 GMT
x-content-type-options: nosniff
age: 596536
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1538
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Oct 2024 11:55:28 GMT

GET
H3 200 subline_01.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 893 B
928 B 7ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/subline_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28a5a6a44d2039f6b3b7d21a3b6afa0c0e6b7e0ec852ad3f824d2eea0ff148fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 16:24:18 GMT
x-content-type-options: nosniff
age: 62006
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 18 Oct 2024 16:24:18 GMT

GET
H3 200 va.png
s0.2mdn.net/sadbundle/226864245486331899/ Frame 639D 4 KB
4 KB 9ms
8ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/226864245486331899/va.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767433977328598a85b6b4d41206e241e6942feddafd31db840b115ee195d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/226864245486331899/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 19:03:04 GMT
x-content-type-options: nosniff
age: 570880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4011
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 13:57:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Oct 2024 19:03:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4DEA 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Oct 2023 12:15:36 GMT
expires: Fri, 18 Oct 2024 12:15:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AC8A 829 B
1 KB 40ms
16ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2363d9673522f3f88068c9d9f71ad9cfc340620728d538aef05699687b3d6ff2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RhAg0_LY_k43ARX5iFo2FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hoacucxanh.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RhAg0_LY_k43ARX5iFo2FQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 09:37:45 GMT
expires: Fri, 20 Oct 2023 09:37:45 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DEA 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:23:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 08:23:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AC8A 0
0 41ms
40ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=3902455996671235&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4DEA 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WYDurw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 09:37:45 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 49E6 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWR5kvBHKHEzvBEK2J2_HLL_aIaOUfPE_nvV6y1vo4eDjQBV7QjBaP1PoGBwWquHZmosG2zhhuCXNSfOZYe5j70C3JteWOSZ5Ehr7id9wddLwHIAZV-75bUwySQuqLObuGyOf2COBlmkbC&sai=AMfl-YS0EB2alpQNYLSDtmmYGH1vj8Bedcn9i2giLvUirt5nFLAJC1_isBAmml5lIHM2Y5EMfKR1Nj9pDNKVerY_HU5omeArTs3383ktUvZczc-NmTlgODaQXPmf50nIL9DOolpCcDcMWez5UKC47A&sig=Cg0ArKJSzOav6Dpk9CKcEAE&cid=CAQSTADICaaNRtpBchbMTY6_YR-4Ql_3iGt_pq0C-uTXxEgfNWXiCiPoLm7WEdBUeSgB-jJk075oTzGhcqk2YrYQmOw37SvhjQZuOx_Ku7IYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=807784419&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697794662840&rpt=1641&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 09:37:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=3902455996671235&bg=!7-yl7KPNAAbFpEfJ5aQ7ADQBe5WfOJu16ebotcM-9YIp0gp8FNgg-mZ62AlsJM6HrRFiY2xjpBcUEDDvEihvlCbqFGvfAgAAAFVSAAAABmgBB5kDBWh9axJiOkSQ2hpLC3P3Xc12hyAsMrRDZgkkrCXMcoGioymqhAVvSzgf_pwr5oarAZXplR2rtHyNakz_Y6IKqDVGCJXjiPh-WbzHnis2K8UD6UtDb4VrdK8cP-vYEBbtKPdrADeQFb3SI6dsTBJVAlvHmRgiUU6dwThjMRLV0h5VWeJQVDRaRCjHo7FTaPW7ui6UdUI8Ppt-QK5Jt6sOgUsh2U8x6deIip0OI36MTLVacygXH0n_YY44jiBpw1QdG_O7mds0a3GL4_Ag21Pdilr4dL6s2tEjH_VGPcbJIcVbu_Kvf5HjnQQiaErjFFBIhy1FQmg3f2to2BpSFjXsUn-MU579TF8d7HMSJKOTae-KJAVZrhbPBkrYsaCFYj1GP_-SMg3yzTc81eTegL5cYtAFO0SAEtCHg29neRYcFizJptmW7hjAy52Deshiun0ocI8-XSxhSA8_NZBduPDKEj7LKuiZOtj2MB4QsaLt1vldvd71RcL1tqGaBx1jsxzrceR0wLe9iXhlM9LGFVCKTbVwWVbS3dWPOA_qBn8SafvTepwbfQaAMLirVuHaCFQn2CCcQiXQcrF1snIzWR5glmS4rTSOwTZ5Epn-kuDV_N55wM_PwyaAyzkqQSu8wGaVZeJeGuwlazs7JfJa7yrUlNUTX03Fm8lOTqDdY80o62rjv_SAiRDnfnFESSdzfTTAjkOrojFwQI3hywFdj6QpEbciDy-lCH5FKd_d7gLFJY6t1v40PtbkhFh5lqLml3iUBClff_wVj5W6DULlFcPphOcNt-aUZZ5pGwZrFXLRkBQkKTfIlY1s2lLBn5MJsudXGGFKycX5guuqetjmpTHLfMyIoSTFJMU6qoPcytpUZZ3uBLucZGlGOxvPWAkTClzEajytEdjNmVfCHJcJ6HdUoKA_Jz09yxuUecJsAW7bXsH90rlg-104-Ho56EhHNmcZMZrNyh991rG4jap2xK-IcDhCISvJRMXwVs244bZ2qCZcvhJ0j3Y_UmWE_J9BNyRMHHsq543z
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hoacucxanh.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hoacucxanh.com/	1970-01-21 01:12:34	Name: _ga Value: GA1.2.1428663930.1697794663
.hoacucxanh.com/	1970-01-20 15:38:01	Name: _gid Value: GA1.2.1713874327.1697794663
.hoacucxanh.com/	1970-01-20 15:36:34	Name: _gat_UA-208518343-1 Value: 1
.hoacucxanh.com/	1970-01-21 01:12:34	Name: _ga_CWZ6Y3D71T Value: GS1.2.1697794662.1.0.1697794662.60.0.0
.doubleclick.net/	1970-01-21 00:58:10	Name: IDE Value: AHWqTUmgVnSp71AZegb7tCPO4B-E7m9TZ7bfWx56WzqsPPKS1KEDixmRYKR0BIMg
.hoacucxanh.com/	1970-01-21 00:58:10	Name: __gads Value: ID=b8915a379583cc30:T=1697794662:RT=1697794662:S=ALNI_MZp1rDpKw-zQpTjW4FwZcMwEvnM8A
.hoacucxanh.com/	1970-01-21 00:58:10	Name: __gpi Value: UID=00000c9cd47f8cd9:T=1697794662:RT=1697794662:S=ALNI_ManRFTgJsmOS9e1F440N91sUVLzOA
.casalemedia.com/	1970-01-21 00:22:10	Name: CMID Value: ZTJKZx58C0RlP68jeDPx3QAA
.casalemedia.com/	1970-01-20 17:46:10	Name: CMPS Value: 3218
.casalemedia.com/	1970-01-20 17:46:10	Name: CMPRO Value: 3218
.adnxs.com/	1970-01-20 17:46:10	Name: uuid2 Value: 3316189834863561517
.adnxs.com/	1970-01-20 17:46:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>?ojY)c!]tbPl1M>e)ZlrFUfJ+tGXvWBU-]T*V<Lpb9#qId@.)'5BFzx>]5.@Y0[iXJ3If)y3KL9D3I?+9GHNh0
.doubleclick.net/	1970-01-20 15:36:35	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 17:46:10	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://hoacucxanh.com/wp-content/themes/hoacucxanh/assets/js/flatsome.js?ver=3.12.3(Line 70) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hoacucxanh.com
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
portal.o2online.de
region1.analytics.google.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.26.193
141.101.90.99
142.250.185.130
142.250.185.98
142.250.74.194
185.89.210.212
2001:4860:4802:34::36
203.113.174.46
2a00:1450:4001:800::2003
2a00:1450:4001:801::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c1d::9b
2a02:26f0:780::210:a440
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
055fd15ae2be827ad7262bdbfbc1d14a4138efc1c09b92deae8eae5efdc64902
073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa
090654b41d039074ff1ae5b5d8c91de03d0842d3e234e17337488837ab2d9432
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dfb80b2be16a9b591e2f9260d4ed0b3624e12d35d97cddb2a08575c1dea0ced
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1783b0776cd58aa41b770d67065182633e5aeb8028382c9c0eef3c0aaf0f18dc
18f11c0082be5b1b8cfe10c29efd019a77d165a8e331973e7c1a5a87ae1879f6
1be246a4a910babb117eb42848129368e95eecb8e45580110256a8413ac2ee7f
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
2363d9673522f3f88068c9d9f71ad9cfc340620728d538aef05699687b3d6ff2
28a5a6a44d2039f6b3b7d21a3b6afa0c0e6b7e0ec852ad3f824d2eea0ff148fa
2e25463347022713a899a05b608465cfcc38c435db5644d16b48f380be6aba92
2fe91872a97abc763fb3fb600ab9b84dfa179e815f862eb01e36f8212f28a1d5
30fd9ec16112567ac68f1db9d60e71dd610be376f97dd1856ad61ba4265e8fd2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3565b100a05581186cc960900bc7919bf4c14f00a2191a4ac0794546c8586904
357cda611e6b8f1f68ed612eb0207f346a8f6260002425a783af818ad09826b1
38cd707764af5e7610feaee1542d30cfd86a74d0eee75df12aaf6b1d0ded65e5
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1e7f4c5daa1939e8470d0f1b20d71d5f73320f6091d48417767fc18e6c781b
3bc903194a62def3cc2fab8ff67f5f74928753307379b6dad8f52becc3d71ae6
3d1c2e40ed9e98fd9e35c1416a84a0cb2041b9827c46c2de8a9f48d843703ea7
3da18af3d5f0e946aa6980ded5aac631be5b61735bb7c075ea11b594d26e60b7
3f8ec3b35bc9644710e4e8061000a7cdb809308b4f62015c3ad49768d57554fb
45b9df0bca75fa90fdfec9524abd05b13f10a58ec4b7b06d0b9daf038d4af977
467f3917eae4e04ecc5b93d003a2cc082233813949a443973d66d3e6351a02bd
497b66a80f838d9eb5f619d5af58ae6f8fa8f5790437680a5e87a41cad2f5c19
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc2380dc03950c80d95f50b299afa69c5dc92b41b55e25d420269a0c16f9ba7
4ef7cd3d4ed7de91e7eb3c05a31c6fa1da0b08d07cbfab8ae108c34d5e39cdb9
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ccc10c3cf388729402f2830f42c00fe7086763269b097f55087d45e3f0897dc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cda9b20ea556a9c54bf2a888febd28f5be42d08e5c04375f0795a8deec7823
6546d556315a0f9d9de5308aa595b59039cb4b00eaa7038504a2342cf1fbf223
66e0c2a894cd4b1d2efb95bba3f638c377abeb2ea36e111bdbb1eddc2c62ad17
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
736e356d10ed42216b18cf0eb23443e1acadc6686dfa0e8e2b10a49c81d4667b
815e5395652e03d7051b767baade615d279fe3644bbf8f8bbdc54a8b9573be67
82473b1a43b1d0d8d801b0c40231bfde703a702f66ab4c778c40b7af8a8da405
8767433977328598a85b6b4d41206e241e6942feddafd31db840b115ee195d01
881ab6b61ea324e83ec22544ada39d02899aa8a99d39dcac5e9d943fab401bd5
8bb5bd060c0d2e80217f5faa941c407e855fac3688ea3cc880a799f756ca96c5
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
991065215c4dca2da3626a50f6c2b8ceb2dbc7e151407134f7ac2f95fd7bb3ad
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a9db25adb32dac7bda8721b87ccd2c96173f7c200f812b1ebbb99ccfae121a8c
aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8
af44d0354e138244eb083d1a98a2f9894572cd30efc4bd13fd640edd480c5304
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4d46623d394b7ecd1400a3616bf71b4662366c3c6564f98e28eead5751a29ef
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
b97a21734bf03c7256f449179e68b00674ef505199a509e1c03e53da5891e6ed
bc9927e1dc3ce0335c03b4790b36621f5f9ea35a35884f430346f8c2dd52b8dd
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0c07faf1ceaf31b42f8456d79a61689dac86f1b3db9eb73a199c992e784fcf5
c27b3b668a4d0e76ab6d3e9595aca410859c3733ad4108c3329aab1340948015
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
d6010f5cddda626ce7d6bfb6baa5db3882bc06ec9dbb5f493e8b68f5f88b298a
d6f0a138f1a0aafc8c89cb0f3e343a59103bc814dc7fb06624d17b77f786b449
d9784dbf11886ea032ffbd00f499d333519babe001eacc19df7ab89de17bec47
db5d7bb36691306bda51b903c84fbdef4206d3c166b8080100915d16a617f5ea
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def028b193b87150eeb974ece780b8476797f52aa2edc9d7031e35bb5d0edd15
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
ea36e2e156d5d861e513457927036cc4cc08f1ae5ee35562213f40db5840487f
ebf0e8c538ae3047cf5056253a32daa65d23d8fb531ea05b0f0f28d58f828143
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3811c03308fc11e0ee7fb641c6f005845abf2621ff4a64306904c8f538465d9
f5d6b505668a05a58f2aafb4979a92ca726af6d4f9792ea11f05a95ae2a65ce0
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7b72e7528995c7f3ad1934d7a66094a279f686d66424be237c42d6817f59ef0
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fb5bb847d63c20fa89fbd4ec8a08c5c4d5b37247fa9f926f45df00ab03406392
fc069e0e04d13807f2632483a883ed5fbd1d72c4eade64a9ac7f6aa71ac47fa4
fc1a41f8fd840c4b43341df70db9038e7ee89b46f495406a2bb9e36afefe891c
fdf478960ea13b9f97bcbb9bb650d9927a623012e6b7a96c220a21a2e6334e64

hoacucxanh.com Open in urlscan Pro 203.113.174.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

136 Requests

93 %HTTPS

67 %IPv6

16 Domains

23 Subdomains

22 IPs

5 Countries

2112 kBTransfer

4798 kBSize

14 Cookies

14 Outgoing links

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hoacucxanh.com Open in urlscan Pro
203.113.174.46 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

93 %
HTTPS

67 %
IPv6

16
Domains

23
Subdomains

22
IPs

5
Countries

2112 kB
Transfer

4798 kB
Size

14
Cookies

136 HTTP transactions
3 data transactions