ezbeauty.vn Open in urlscan Pro
2606:4700:3032::ac43:860d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ezbeauty.vn/bi-quyet-lam-dep/
Submission: On June 17 via manual (June 17th 2021, 1:12:09 pm UTC) from US

Summary HTTP 146 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 146 HTTP transactions. The main IP is 2606:4700:3032::ac43:860d, located in United States and belongs to CLOUDFLARENET, US. The main domain is ezbeauty.vn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 31st 2020. Valid for: a year.

This is the only time ezbeauty.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
53	2606:4700:303... 2606:4700:3032::ac43:860d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:6400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	134.209.102.155 134.209.102.155	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.158.98.109 18.158.98.109	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:3a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
146	22

53 2606:4700:3032::ac43:860d (United States)

ASN13335 (CLOUDFLARENET, US)

ezbeauty.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:6400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.102.155 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)

rutgon.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.158.98.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:3a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	ezbeauty.vn ezbeauty.vn	2 MB
36	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	570 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	224 KB
8	doubleclick.net googleads.g.doubleclick.net Failed	68 KB
8	ezoic.net go.ezoic.net g.ezoic.net	60 KB
5	google-analytics.com www.google-analytics.com	19 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	google.com 1 redirects adservice.google.com www.google.com	795 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	dmca.com images.dmca.com	5 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	quantcount.com rules.quantcount.com	428 B
1	google.de adservice.google.de	752 B
1	googleadservices.com partner.googleadservices.com	657 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	rutgon.me rutgon.me	1 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
146	17

	Domain	Requested by
53	ezbeauty.vn	ezbeauty.vn
26	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
17	fonts.gstatic.com	fonts.googleapis.com
10	pagead2.googlesyndication.com	ezbeauty.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	g.ezoic.net	go.ezoic.net ezbeauty.vn g.ezoic.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com ezbeauty.vn
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	images.dmca.com	ezbeauty.vn
2	fonts.googleapis.com	ezbeauty.vn googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	pixel.quantserve.com	ezbeauty.vn
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	g.ezoic.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	ezbeauty.vn
1	rutgon.me	ezbeauty.vn
1	go.ezoic.net	ezbeauty.vn
1	www.googletagmanager.com	ezbeauty.vn
146	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
www.linkedin.com
www.pinterest.com
ezbeautyvn.tumblr.com
twitter.com
www.dmca.com
ezagency.vn
ezcash.vn
trungtamniengrang.vn
trungtamimplant.org
cuoiholoi.vn
dansuveneer.vn
nhakhoavietsmile.com
nhakhoavietsmile.vn

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-31` - `2021-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2022-04-04`	2 years	crt.sh
rutgon.me Sectigo RSA Domain Validation Secure Server CA	`2020-07-31` - `2021-07-31`	a year	crt.sh
ezoic.net R3	`2021-05-23` - `2021-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://ezbeauty.vn/bi-quyet-lam-dep/
Frame ID: F8188CA713197E315A45EC4327116CD5
Requests: 101 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210615/r20190131/zrt_lookup.html
Frame ID: 17E20D031F70EF78986803B2FBF391BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210615/r20190131/zrt_lookup.html
Frame ID: 8F8E8A3E8936F3CB5A6F7F8F23B1ED19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1623935496&psa=0&format=728x90&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496293&bpp=1&bdt=2045&idt=652&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7389086136528&frm=20&pv=2&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=p6GA6C0lbh&p=https%3A//ezbeauty.vn&dtd=692
Frame ID: C586A5C344EA4D4EE419AAEC1FCA8ADB
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255
Frame ID: 8F7F820BA37A64E63383A5BCA4913926
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1623935497&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496875&bpp=2&bdt=2627&idt=780&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=815
Frame ID: 4F8C7A85D6E03C86F48B8FE61D8BD1D0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html
Frame ID: F55FA0DC67B823C9E18492F0BD6EC4BD
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E8ABB0DFB837BD457AE0A3CA0C661D82
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js
Frame ID: ECDFF9B334050F8A656E01C695F8CC06
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: F0C03A11FE4D592C8732E2FB274B4CA2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 911669644383B024746807A52B617BC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

146
Requests

99 %
HTTPS

81 %
IPv6

17
Domains

22
Subdomains

22
IPs

3
Countries

2723 kB
Transfer

5357 kB
Size

1
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/depdongian/
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/ezbeauty_vn
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/ez-beauty-884a7a1b7/
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ezbeautyvn/
Title:

Search URL Search Domain Scan URL

URL: https://ezbeautyvn.tumblr.com/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/EZBeauty3
Title:

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=cc772d21-bae3-460d-853b-5630856bfb40&refurl=https://ezbeauty.vn/bi-quyet-lam-dep/
Title:

Search URL Search Domain Scan URL

URL: https://ezagency.vn/
Title: EzAgency

Search URL Search Domain Scan URL

URL: https://ezcash.vn/
Title: EzCash

Search URL Search Domain Scan URL

URL: https://trungtamniengrang.vn/
Title: Trung tâm niềng răng

Search URL Search Domain Scan URL

URL: https://trungtamimplant.org/
Title: Trung tâm Implant

Search URL Search Domain Scan URL

URL: https://cuoiholoi.vn/
Title: Điều trị hở lợi

Search URL Search Domain Scan URL

URL: https://dansuveneer.vn/
Title: Dán sứ veneer

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/
Title: Phòng khám răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.vn/
Title: Nha khoa Vietsmile

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

146 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ezbeauty.vn/bi-quyet-lam-dep/ 192 KB
24 KB 1417ms
1360ms Document
text/html 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.28 PleskLin
Resource Hash: 35e6d963e66ddcb0b55c146e9cfdb52fe01c2b7ab4e8a3ef0316832df25f588a

Request headers

:method: GET
:authority: ezbeauty.vn
:scheme: https
:path: /bi-quyet-lam-dep/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:33 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.28 PleskLin
link: <https://ezbeauty.vn/wp-json/>; rel="https://api.w.org/", <https://ezbeauty.vn/wp-json/wp/v2/categories/58>; rel="alternate"; type="application/json"
vary: Accept-Encoding,Cookie,User-Agent
set-cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; expires=Fri, 18-Jun-2021 13:11:32 GMT; Max-Age=86400; path=/; secure viapxA=%5BXHPxfgsBklGa6; expires=Fri, 18-Jun-2021 13:11:32 GMT; Max-Age=86400; path=/; secure ifPAQxl=Buy3kx1; expires=Fri, 18-Jun-2021 13:11:32 GMT; Max-Age=86400; path=/; secure
cache-control: max-age=86400
expires: Fri, 18 Jun 2021 13:11:32 GMT
cf-cache-status: DYNAMIC
cf-request-id: 0abbb238ce0000977ec98c4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vtsAdoMKT3PzkCHsUKQUOblMh5ba8rjW%2F%2BJFlh32ybJVittUHmVf%2F7S%2BGC9MbPHmJ7deZtCHK3gYwRvolSUZwrVq%2F8%2BkkfTZRrvQry57db3i%2FaRiYRsYMaVYtKP5ERZryWqYNOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 660c863aeb45977e-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.min.css
ezbeauty.vn/wp-includes/css/dist/block-library/ 57 KB
9 KB 94ms
48ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 437112
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409f00004eafa4949000000001
last-modified: Thu, 15 Apr 2021 04:52:14 GMT
server: cloudflare
etag: W/"6077c67e-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UWlYJBXajjMNjdIEpADvNgczwCUHMYXtydtSY9t142bY1Hxoi%2FJYcaL00BVcncCHoAC1KpxxZa5rwjzZkE0GGNN0VZWNzgYpiN59cRPYFuqX8Thtw0k9z4oTdhGm7BWQt%2Fj3rHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 660c86476f8c4eaf-FRA
expires: Mon, 12 Jul 2021 11:46:22 GMT

GET
H3-29 200 cwp.css
ezbeauty.vn/wp-content/plugins/comments-widget-plus/assets/css/ 193 B
781 B 85ms
39ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=5.7.2
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aa3add47cd3352a0051fdaa0f44320740389b2566c60f36b9e0a1a5b29515a9e

Request headers

:path: /wp-content/plugins/comments-widget-plus/assets/css/cwp.css?ver=5.7.2
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 437112
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409e00004eaf2f2f3000000001
last-modified: Tue, 09 Feb 2021 18:07:48 GMT
server: cloudflare
etag: W/"e3-5baeb2a0a543e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Kt7%2FJxketEmZRR3K%2Fx5wLliDiZlTZBVvKWv4V5AS5k8lFarENhpDo5p3dnN8EYsN7Mww%2FT6xqh7zMSTp7yWLQ%2Fa%2F0zaEK4yVwyWxNZwge6sOhmiIWZV3%2BZNQ7uwoQHv%2B2SY%2FHac%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-accel-version: 0.01
cache-control: max-age=2592000
cf-polished: origSize=227
cf-ray: 660c86476f884eaf-FRA
expires: Mon, 12 Jul 2021 11:46:22 GMT

GET
H3-29 200 kk-star-ratings.css
ezbeauty.vn/wp-content/plugins/kk-star-ratings/public/css/ 2 KB
1 KB 85ms
40ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0e5e8d233becdb2d0d9ad0b12ad25bdd2ec71b44bbe32ef4796b9c3dcbca340

Request headers

:path: /wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 339678
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409f00004eaf31876000000001
last-modified: Tue, 20 Apr 2021 06:44:01 GMT
server: cloudflare
etag: W/"607e7831-ba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9cYCQ0FxzDD2puPKog9ignDRW33d4YG%2B%2BctP%2F57c5yxsCagYrnoA8dkez44UCMVk%2FsqejrDbjAENrqaEUH0xSB9J424grrbledm2WnWS7DduX7Ju2kVS969kGQOYs9K5NThktyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=2980
cf-ray: 660c86476f894eaf-FRA
expires: Tue, 13 Jul 2021 14:50:16 GMT

GET
H3-29 200 style.css
ezbeauty.vn/wp-content/plugins/td-composer/td-multi-purpose/ 67 KB
9 KB 78ms
34ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1435854
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409e00004eaf37189000000001
last-modified: Thu, 25 Feb 2021 15:08:10 GMT
server: cloudflare
etag: W/"6037bd5a-10f52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SQFqG9Vx1I3anfmCuNPKaPKRcl0D%2BAfFqD8fopXdlYx13YE7xPBoGr8CRpLAz06GeExlTxpuFaux8paud8%2FaPg%2B7VnkMasWfoIHvDtl2KYy4SuL6poQ2q9f8cYLUIAQMSXEcKTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=69458
cf-ray: 660c86476f854eaf-FRA
expires: Wed, 30 Jun 2021 22:20:40 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 15 KB
1008 B 59ms
57ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d2e022d515e3b0eef715a7da216044e396021908e24c4e3f3fad0b3b1ce8c2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 13:11:34 GMT
server: ESF
date: Thu, 17 Jun 2021 13:11:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Jun 2021 13:11:34 GMT

GET
H3-29 200 style.css
ezbeauty.vn/wp-content/themes/Newspaper/ 110 KB
19 KB 94ms
49ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/themes/Newspaper/style.css?ver=5.7.2
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8ea234be37abb1b803a59de89393fa78be54e35744ec7880017b6d41b39e15e0

Request headers

:path: /wp-content/themes/Newspaper/style.css?ver=5.7.2
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 437112
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409f00004eaf92aed000000001
last-modified: Thu, 25 Feb 2021 14:58:20 GMT
server: cloudflare
etag: W/"6037bb0c-261c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=cSXcCthD8kzBlZgU0hOupU7%2FZcNBz%2BZnfkb5jj2NA6yWaTlc6AQaXtImfGxNLTz3v2ET8CK5KqzoaXdQJbkEbZyRMkJiV6YEGiwc3yOCJB94UMugVGDFYdtq2CAtJY6Zg3c6jcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=156101
cf-ray: 660c86476f8d4eaf-FRA
expires: Mon, 12 Jul 2021 11:46:22 GMT

GET
H3-29 200 style.css
ezbeauty.vn/wp-content/themes/Newspaper-child/ 0
689 B 103ms
55ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/themes/Newspaper-child/style.css?ver=10.3.9.1.1614265186
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /wp-content/themes/Newspaper-child/style.css?ver=10.3.9.1.1614265186
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2132919
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 0
cf-request-id: 0abbb240a500004eaf40b1f000000001
expires: Tue, 22 Jun 2021 20:42:55 GMT
last-modified: Thu, 25 Feb 2021 14:59:46 GMT
server: cloudflare
etag: "14d-5bc2a67055e1b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WOKyNsI5WBzxssz1dHaD3SRHQHUc%2B4ORvi25fp08YRXSgN7sC57sl%2BSVziMZgS2npUieoikoCCGn2%2BtJvhhWIDKuvgrMXcSRlYhZWTaeRMznGOA2KN1kIRH8QkWidBPS3jtFfoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-accel-version: 0.01
cache-control: max-age=2592000
cf-polished: origSize=333
accept-ranges: bytes
cf-ray: 660c86476f9c4eaf-FRA
cf-bgj: minify

GET
H3-29 200 td_legacy_main.css
ezbeauty.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 198 KB
28 KB 85ms
41ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66035
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409f00004eafb10d5000000001
last-modified: Thu, 25 Feb 2021 15:08:08 GMT
server: cloudflare
etag: W/"6037bd58-3cfe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=l1qVGEJ9DedTPOnODFMVDvsIXY6Pas6jz%2B2BWE7FB6Sy9Hu9DOo46RKowxmLfONZ%2F%2F1CXcAT3zJU%2BdpUmeHT6N9HhltK2f6nGCU9Erl%2BqlHFFZQMKS7QhoE1v7LFddHD3lppJ4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=249828
cf-ray: 660c86476f8a4eaf-FRA
expires: Fri, 16 Jul 2021 18:50:59 GMT

GET
H3-29 200 td_standard_pack_main.css
ezbeauty.vn/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 494 KB
38 KB 66ms
49ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800

Request headers

:path: /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2132919
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2408500004eaf75a45000000001
last-modified: Thu, 25 Feb 2021 15:08:59 GMT
server: cloudflare
etag: W/"6037bd8b-9b323"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AUwIeafJ3pkOVEURpSRZ6tIzoomcbiPRcXKEHeMMoCmh1tiIlZVP8Y6gw99vKlNwzz%2BZnuUXrO5WrCdVpwCm8hjTUXvcqXx69yZtD%2BlAe0lozNIQkKi1UWGC9SkNkTNmotxxTNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=635683
cf-ray: 660c86473ef94eaf-FRA
expires: Tue, 22 Jun 2021 20:42:55 GMT

GET
H3-29 200 tdb_less_front.css
ezbeauty.vn/wp-content/plugins/td-cloud-library/assets/css/ 85 KB
12 KB 76ms
34ms Stylesheet
text/css 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2132919
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2409d00004eafafba6000000001
last-modified: Thu, 25 Feb 2021 15:08:25 GMT
server: cloudflare
etag: W/"6037bd69-1a97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AsiZh18TzH7gCqQXtch7svzAVP6s%2BOfg9oyx6sOuS7yX7UUioeAmf546sW7t5v%2BDiNeYdU9dgcZNqJD649KWRJpndm9LG%2FmKQ4b6uSK36sSVWfi5J3XBc5ynKT2ILxyeTmM7BmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=108923
cf-ray: 660c86476f7c4eaf-FRA
expires: Tue, 22 Jun 2021 20:42:55 GMT

GET
H3-29 200 jquery.min.js Show response
ezbeauty.vn/wp-includes/js/jquery/ 87 KB
30 KB 103ms
56ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1849429
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb240a500004eaf7e1ff000000001
last-modified: Sat, 12 Dec 2020 19:16:09 GMT
server: cloudflare
etag: W/"5fd516f9-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P%2FxuQrjU9bj5gq6iS8dSvuKjAwyv%2FoC908hsA6ROp5cP%2BM5h0kz8cawteza1pAcstaoJlRy4lK8ZSF9WfOAgFtJ5DjjSQhsYSLjVZ9wYeiitKU2uHK47MbeAn1Hcin%2BdCbe9F5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86476fa04eaf-FRA
expires: Sat, 26 Jun 2021 03:27:45 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
ezbeauty.vn/wp-includes/js/jquery/ 11 KB
4 KB 105ms
49ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1878806
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb240b200004eafb10d7000000001
last-modified: Sat, 12 Dec 2020 19:16:09 GMT
server: cloudflare
etag: W/"5fd516f9-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qTt4rXmbxz%2BFbhngFe86lxcm%2Fu88nqeJvhR%2FFC9hCJvlUgVLZFJO7G6iiE7ps7Ougiy7LxxRLoF%2FrVfOTgcz5Rt%2BD2yz4ryLTDkAQPUVEHHq%2FexQeVmE43KpMT84RtWXPbd1C2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86477ff74eaf-FRA
expires: Fri, 25 Jun 2021 19:18:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 89 KB
35 KB 43ms
32ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-168911325-1

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b576551cf563547b660d088d5e2fea59e1d9902f8d49db28c51b52de46688e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 17 Jun 2021 13:11:34 GMT

GET
H2 200 ezoic.js Show response
go.ezoic.net/ezoic/ 12 KB
4 KB 68ms
11ms Script
application/javascript 2600:9000:2156:6400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/ezoic/ezoic.js
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b098e698f579c8576cf7e3e3f491587ecd7dbda80115658d8511c5949202830b

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 02:49:08 GMT
content-encoding: gzip
age: 11355746
x-cache: Hit from cloudfront
last-modified: Sat, 30 Jan 2021 00:32:46 GMT
server: nginx/1.16.0
etag: "3008-5ba13427a2780-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: IU1LyW2q4tmsw71S2QqPQzbYL20RGTlX7cJuQSMvTGipMQUdzQtWjA==
expires: Sun, 06 Feb 2022 02:49:08 GMT

GET
H3-29 200 api.js Show response
ezbeauty.vn/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 90ms
15ms Script
text/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ezbeauty.vn/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SJ9xvAFLWTXVu4DKfBgBvUMuR8FCmmz7TtWZepFQYZJ9IMlGDa81W19cnit9zB49vMXIkhVSNjmCE0bQ63RDEWuX9vsTqZtcqxoVI4%2FQFEp8XXGwGhwW0XyS4hEkMRpo%2FoP%2B0hI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 660c8649deba4eaf-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2422400004eaf5a885000000001

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 118ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdd899af463bd241abab84554cbd799790653d9f9871aa26382afa37bb3e0370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48847
x-xss-protection: 0
server: cafe
etag: 11166057982613471846
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Jun 2021 13:11:34 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
ezbeauty.vn/wp-includes/js/ 14 KB
5 KB 95ms
20ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 277165
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2422500004eafa4972000000001
last-modified: Thu, 04 Feb 2021 06:07:35 GMT
server: cloudflare
etag: W/"601b8f27-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YOSsOB0aQhVjh2fnvEUioEgtLjHtC%2FdnIetpshWGHtam5Fi7GupSX1NGg6UAtFU8RWEotxO9QpxSObfYOH4u7SqCLAJWhg859VZ5mN9Z3EaJ%2Fh0Og2F1zoBgt0keiJ1WUdAcF5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c8649debb4eaf-FRA
expires: Wed, 14 Jul 2021 08:12:09 GMT

GET
H2 200 dmca_protected_16_120.png
images.dmca.com/Badges/ 4 KB
4 KB 32ms
21ms Image
image/png 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_16_120.png?ID=cc772d21-bae3-460d-853b-5630856bfb40
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 4f38c54cac30b9fabc431ecf3f0dbdda0dc6d9b5f78c6a0021df91ea4dc28279

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
last-modified: Wed, 06 Apr 2011 01:17:54 GMT
server: nginx
x-powered-by: ASP.NET
etag: "01bd74f8f3cb1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/dmca_protected_16_120.png>; rel="canonical"
content-length: 3914
expires: Sat, 17 Jul 2021 13:10:36 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
633 B 88ms
22ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Sat, 17 Jul 2021 13:11:06 GMT

GET
H3-29 200 kk-star-ratings.js Show response
ezbeauty.vn/wp-content/plugins/kk-star-ratings/public/js/ 1 KB
1 KB 19ms
17ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/kk-star-ratings/public/js/kk-star-ratings.js?ver=4.2.0
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7f0de4157672afac565b1dd92dd11e6efbc04e3ae43fd3c3e49b29b5cd7fb5ec

Request headers

:path: /wp-content/plugins/kk-star-ratings/public/js/kk-star-ratings.js?ver=4.2.0
pragma: no-cache
cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; viapxA=%5BXHPxfgsBklGa6; ifPAQxl=Buy3kx1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2132919
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2412300004eaf9a006000000001
last-modified: Tue, 20 Apr 2021 06:44:01 GMT
server: cloudflare
etag: W/"607e7831-77f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=efZfxJJ77js40nlUPOa4gV%2F3GHI2XJJzN3kqbS7iypJ6lrldNjZVFRShzaUID7Zj8dKEue3Sf8WOas4VTpQUx39L760KVkcmjzMv1vqTX9JvcXoWo22fABIg1bb3A8mLFOVcQx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-polished: origSize=1919
cf-ray: 660c864839dc4eaf-FRA
expires: Tue, 22 Jun 2021 20:42:55 GMT

GET
H2 200 smush-lazy-load-native.min.js Show response
ezbeauty.vn/wp-content/plugins/wp-smushit/app/assets/js/ 9 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.5
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834

Request headers

:path: /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66035
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb241ba0000977ebba19000000001
last-modified: Fri, 21 May 2021 16:40:02 GMT
server: cloudflare
etag: W/"60a7e262-24fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2kSWFJtI5mK7yApJzSrDZi8zEEKNvNmbHFfF9HhbW6dCP%2FJIgJr6XTArjL%2FlgkMHRRJy%2FzKvdh0y9lqNVYEEelm08LOiA93O2Kav7%2BYWdWPhC6zUQxZlpWBG%2B87ZhuUaHgzc8wo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86492be9977e-FRA
expires: Fri, 16 Jul 2021 18:50:59 GMT

GET
H2 200 underscore.min.js Show response
ezbeauty.vn/wp-includes/js/ 16 KB
6 KB 29ms
13ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1711368
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb241c10000977ef0045000000001
last-modified: Thu, 15 Apr 2021 04:52:15 GMT
server: cloudflare
etag: W/"6077c67f-3ead"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=yOaJ6ehkVGedTX5d8rE8ddSAzeTnUvXE5%2FvCSDF8ZGuuyExohTp43p%2B0ELZ9CeQhvGNnAeddlmb903PSUy%2BVdc91K6UTnZsWmpqRvX4oXg3tOvEMEvwoirbZ7%2B%2FrLovU2HYCz%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86493bee977e-FRA
expires: Sun, 27 Jun 2021 17:48:46 GMT

GET
H2 200 js_posts_autoload.min.js Show response
ezbeauty.vn/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 44ms
31ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 277165
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb241ca0000977ec6083000000001
last-modified: Thu, 25 Feb 2021 15:08:25 GMT
server: cloudflare
etag: W/"6037bd69-13fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=C7qotpfNOYQpNL%2B2Mebz2q1Urv71cKGeerUotr6cLqEiy30sublJaPzAGX1uq5dPmMN91t6eJjlyK1GGqfdsXBThsF04NM%2B2g8zFPG6QMnl8k6BjKNPTEm%2F2O%2FMkCbbRfg2EAc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86494bf4977e-FRA
expires: Wed, 14 Jul 2021 08:12:09 GMT

GET
H2 200 tagdiv_theme.min.js Show response
ezbeauty.vn/wp-content/plugins/td-composer/legacy/Newspaper/js/ 253 KB
55 KB 57ms
45ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1849428
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb241cc0000977eb9a34000000001
last-modified: Thu, 25 Feb 2021 15:08:09 GMT
server: cloudflare
etag: W/"6037bd59-3f512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jEvZwIuKzajLQayasStqLxqFVBRE6%2FiYCiLAkzhIaUw3FPS0dLw0RuC1XX0BuuRn6ZJ3lM2HL2vp0Y3Q0%2BL6IOPkPKXs%2BBBYeRKI3RB9HtufW9mj2zxBi9pEgbwpzYSIj%2Fb4SJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86494bf5977e-FRA
expires: Sat, 26 Jun 2021 03:27:46 GMT

GET
H2 200 q2w3-fixed-widget.min.js Show response
ezbeauty.vn/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
2 KB 48ms
37ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

:path: /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1849428
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb241cd0000977ed7106000000001
last-modified: Thu, 01 Apr 2021 09:27:19 GMT
server: cloudflare
etag: W/"606591f7-1108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MkxLJ%2F4Wa4ajsPX7CaUfB7YLEJxf9nYe%2BKmRpPg2R5YOwJ2F5fqWA8GscZybNtAJRFs8dT0uyFIr1FV0Cnfzxm2xaqVIx8Wx4PpSAv1sxo%2FC9eNFAh7bCuKDMbF9e%2BzkFM32hyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86494bf6977e-FRA
expires: Sat, 26 Jun 2021 03:27:46 GMT

GET
H2 200 js_files_for_front.min.js Show response
ezbeauty.vn/wp-content/plugins/td-cloud-library/assets/js/ 33 KB
8 KB 47ms
35ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1435854
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb241cf0000977eec0b6000000001
last-modified: Thu, 25 Feb 2021 15:08:25 GMT
server: cloudflare
etag: W/"6037bd69-8387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WWRT9uscpcVwqvu5tJ0LheGSs1k0xvkZ%2FUjaaDnSNjwMusP1AG5USs%2FV%2BQpADgVeGCOUd8xLETEDdgPfbwYC%2B1KAfb1%2F12FspvYfuRsoLpfUjil2T%2B%2BZfgkV81s6ontEV4UwR7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c86494bf9977e-FRA
expires: Wed, 30 Jun 2021 22:20:40 GMT

GET
H3-29 200 wp-embed.min.js Show response
ezbeauty.vn/wp-includes/js/ 1 KB
1 KB 89ms
22ms Script
application/javascript 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-includes/js/wp-embed.min.js?ver=5.7.2
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 277165
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb2421a00004eaf6e3b8000000001
last-modified: Thu, 04 Feb 2021 06:07:35 GMT
server: cloudflare
etag: W/"601b8f27-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=t5vYvVDwh%2FzQvSdn3UhkeqvHDLWB09bMxEs11uIJgyHec1ehTM2px7dlc34CesiOOFhb2fXxYutm72gXZAdw1meBw1dK3mJ3xwIEDbffbLP57EFmaLuzv0m9H8mSjBBzPhPvV9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 660c8649ce904eaf-FRA
expires: Wed, 14 Jul 2021 08:12:09 GMT

GET
H/1.1 200
OK linkify.min.js Show response
rutgon.me/ 4 KB
1 KB 862ms
193ms Script
text/javascript 134.209.102.155
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://rutgon.me/linkify.min.js?publisher_id=thaianh1191&exclude&aff_sub1&aff_sub2&aff_sub3&aff_sub4&ver=1.1.0
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 134.209.102.155 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e40dc31088a3d16f54cbfae2fa1d9c2e4b3df81967eb703148a0779f9c9b9957

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding: gzip
transfer-encoding: chunked
Content-Type: text/javascript

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 118ms
24ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 660c8649c8a64e37-FRA
cf-request-id: 0abbb2421a00004e3731b28000000001

GET
H2 200 / Show response
g.ezoic.net/ 221 KB
29 KB 273ms
166ms XHR
text/html 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/?ezjsu=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/ezoic/ezoic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 / PHP/7.3.28, PleskLin
Resource Hash: a11e70fbd2fef534f23052b20535b0e53215daf7346b1647dd91d7041d296236

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: br
x-sol: orig
display: orig_site_sol
x-powered-by: PHP/7.3.28, PleskLin
x-ezoic-cdn: Miss
x-middleton-display: orig_site_sol
access-control-max-age: 1728000
x-middleton-response: 200
pagespeed: off
response: 200
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding,Cookie,User-Agent
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ezbeauty.vn
cache-control: max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
expires: Wed, 16 Jun 2021 13:11:34 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-168911325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2814
date: Thu, 17 Jun 2021 12:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 17 Jun 2021 14:24:40 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=49601713&t=pageview&_s=1&dl=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ul=en-us&de=UTF-8&dt=B%C3%AD%20Quy%E1%BA%BFt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=812294546&gjid=1585816279&cid=763897391.1623935495&tid=UA-168911325-1&_gid=2011433090.1623935495&_r=1&gtm=2ou690&z=315645015

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezbeauty.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210615/r20190131/ 233 KB
86 KB 122ms
72ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210615/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1828578781656677&plah=ezbeauty.vn&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b588777c74bbe6679fd0939ef3eae6ce77a347aaaf205a24112fb68730d65bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88078
x-xss-protection: 0
server: cafe
etag: 15877444852245852312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Jun 2021 13:11:34 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210615/r20190131/ Frame 17E2 0
0

GET
H2 200 cmbv2.js Show response
g.ezoic.net/detroitchicago/ 110 KB
27 KB 103ms
98ms Script
application/javascript 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-312-218-333-1&cmbcb=18&sj=x04x00x06x07x10x09x0ax0dx0fx12x18x33
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3aa19963da214c9d3039da2c9df0e89d819c6ad977bd18144d037928984e08a

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 toc-ngan-dep-cho-nu-1-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/06/ 57 KB
57 KB 308ms
209ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/06/toc-ngan-dep-cho-nu-1-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f57c80ac183c9d140eb46bc29609728d847922b380eb6061c91678e5e14b025f

Request headers

:path: /wp-content/uploads/2021/06/toc-ngan-dep-cho-nu-1-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 57978
cf-request-id: 0abbb243e300004eaf40b59000000001
last-modified: Sun, 06 Jun 2021 04:03:32 GMT
server: cloudflare
etag: "60bc4914-e27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=iSFKfVsmCT%2FzMv0BPu%2FHByk5betwS2JhDhAA7oLNyZskt0fh8Rk5H%2FxBUdio%2FnIWu5lLTgfgN0taEhP1xK73RhJqDniO01gCgFj9xHzm%2FHbkjrzcpaJ3Er5m51xKyKVDVLzOsRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864c9f9f4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 cach-xong-hoi-tai-nha-324x400.jpg
ezbeauty.vn/wp-content/uploads/2021/06/ 15 KB
16 KB 275ms
202ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/06/cach-xong-hoi-tai-nha-324x400.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f837003b3e7227695ecea247b6835139683ec9241e48f97a7c0ab1016d77c24b

Request headers

:path: /wp-content/uploads/2021/06/cach-xong-hoi-tai-nha-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15483
cf-request-id: 0abbb243e400004eafa49a1000000001
last-modified: Fri, 04 Jun 2021 04:03:01 GMT
server: cloudflare
etag: "60b9a5f5-3c7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2B1lBs2N8pC20S9FDc6ukmRB2Q4VPqnkylbcZKLd8sOcvQVdQaOrVtREl7e6OQcah%2FT9hkkdEM4qV5t9aZLf2AOhpqU34%2BZhBmfxrzbX9%2BWms%2FVr9dZU2XeP%2BhIDgFNRYmTS%2F2AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864c9fa24eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 cach-tam-trang-tai-nha-hieu-qua-324x400.jpg
ezbeauty.vn/wp-content/uploads/2021/06/ 27 KB
28 KB 286ms
214ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/06/cach-tam-trang-tai-nha-hieu-qua-324x400.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a73b01bf3ae3a9522a09c26f7258e2a85e6b89ba789da09a1d4099c363785b38

Request headers

:path: /wp-content/uploads/2021/06/cach-tam-trang-tai-nha-hieu-qua-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27955
cf-request-id: 0abbb243e400004eaf5d3c3000000001
last-modified: Wed, 02 Jun 2021 04:01:06 GMT
server: cloudflare
etag: "60b70282-6d33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VrQkJt0S2yjaKd9sxUTWLPTzgJlbxSoYbJXMHQVC%2FN%2FtK5hZoEp5UC54o9NKc3gziqdQveBY3XSKtegkdGFUJ64RND9Y38bsPx1IPdNKsHdQiuUX4ouH6Y93qrWWDTWeIDgYdtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafa54eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 tong-hop-cac-mau-toc-ton-da-324x400.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 37 KB
37 KB 290ms
218ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/tong-hop-cac-mau-toc-ton-da-324x400.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 919a2b5d7b630279d6e5400c2408f2cfa2c65a4415a8dffe81bf71abea0c086a

Request headers

:path: /wp-content/uploads/2021/05/tong-hop-cac-mau-toc-ton-da-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 37681
cf-request-id: 0abbb243e400004eaf532ec000000001
last-modified: Thu, 13 May 2021 03:42:22 GMT
server: cloudflare
etag: "609ca01e-9331"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s3PZBcS5hBeUvc9UYxb3%2Bm6VXS55G0a0x6FT7a4x0ZHFRv81tq51NUGd9e8mEWq8JcbAfEIKzGNWOR2GP8yXr2UXnUwXLAr5ITXK0Xr0Fkl3KeQi9j%2BeVFCAjEXCX1E4TXTJmQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafa94eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 dau-dua-324x400.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 27 KB
27 KB 303ms
231ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/dau-dua-324x400.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 057f27139c88daf63770b9514f607e5f29a76494310acee9af2a31a2c7a385a5

Request headers

:path: /wp-content/uploads/2021/05/dau-dua-324x400.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 27424
cf-request-id: 0abbb243e500004eaf7e263000000001
last-modified: Tue, 25 May 2021 03:54:45 GMT
server: cloudflare
etag: "60ac7505-6b20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=996bvjaRHQLnO%2BCUDHNiFttVaSKWC8ag5JYO7zNdZhnzhBs6UEjsjPgY9ScSklv8PC%2FgdJhCuJcq%2FzI%2F9IzLS95ZD4kDLs3I%2Fqa%2BRftbcn1zCstsJkHewwuh21LkZ%2Fc71%2BHRMPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafaa4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 duong-toc-bang-dau-oliu-nhanh-dai-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 48 KB
49 KB 278ms
206ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/duong-toc-bang-dau-oliu-nhanh-dai-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 43f5f23a4dd8b6698641c65fa3a2c2c4293ff08a347648da5676905d5cce0832

Request headers

:path: /wp-content/uploads/2021/05/duong-toc-bang-dau-oliu-nhanh-dai-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 49060
cf-request-id: 0abbb243e500004eaf3dac3000000001
last-modified: Mon, 17 May 2021 03:47:54 GMT
server: cloudflare
etag: "60a1e76a-bfa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BSEXT4TTNqy5kBwFejCLtZ3osNVAHczAPYLuE1lSwyW7q39V2J2u%2Fpl2PdYXs%2FU01H%2FLtD2Q4flocyo0grDaQxDxkmBUSqcAH9L2w4PsPcrgaDkNiHIe0kTjMXKtFyv8OIZoWuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafae4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 cach-tri-moi-kho-ne-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 22 KB
23 KB 265ms
202ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/cach-tri-moi-kho-ne-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 150915d4d853120190cb5e21a75fd902cebda2f2bc1a3d332676b700365f20fe

Request headers

:path: /wp-content/uploads/2021/05/cach-tri-moi-kho-ne-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22928
cf-request-id: 0abbb243e500004eaf4f97c000000001
last-modified: Fri, 21 May 2021 03:52:05 GMT
server: cloudflare
etag: "60a72e65-5990"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QIolKON%2BxramFDjYz12gv3YPHMDw5kLHx8EBggrtw84jFSSmzKAoz9pK6gz0zNOuWUUUY0xQFpbo%2FmG3NYpj%2BOmMq8ISpM63CQfjiyauPhdjEJqNjAz6veCONyGdw7WoHA%2Batcg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafaf4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 u-toc-bang-dau-dua-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 62 KB
63 KB 316ms
253ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/u-toc-bang-dau-dua-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e1ce3405ba66988cede034799b1b327f7a81a9ab56168df5b82619cf62399d52

Request headers

:path: /wp-content/uploads/2021/05/u-toc-bang-dau-dua-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 63949
cf-request-id: 0abbb243e500004eafaf806000000001
last-modified: Sat, 15 May 2021 03:45:09 GMT
server: cloudflare
etag: "609f43c5-f9cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1gUY6IvFmePUNqIiuldxXYxKVOaNJhqZtuPX1ofjs0izgqStUCMOxroLkB7ucrhFX7sIFkw%2Bg3%2BH%2F%2Ft3IovgBvAJ1inD18NB4wCnX7prLh8P%2FBaLVWNGU1j4a4DiNT%2BE1eVxJgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafb14eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 chon-kieu-toc-hop-voi-khuon-mat-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 47 KB
47 KB 256ms
218ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/chon-kieu-toc-hop-voi-khuon-mat-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 45d2df9c74b807fb3e90a4f986e353c76c72e39a05ba16824f44800798a85c1b

Request headers

:path: /wp-content/uploads/2021/05/chon-kieu-toc-hop-voi-khuon-mat-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47951
cf-request-id: 0abbb243e500004eafa38da000000001
last-modified: Tue, 11 May 2021 03:41:36 GMT
server: cloudflare
etag: "6099fcf0-bb4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=oMIOeWQyE5jiJXwMvJxF%2BDsshgU%2BrEMynf31spy%2ByP1knUPYMfEcSGohBhNBpqjob969Lr4AT3YukITQjGR7a%2B7xQNtLEasf1MIgnvXTYhH3rG6Li9q69BRqftZYbUHx2TY2OBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafb34eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 cach-tri-gau-tai-nha-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/04/ 38 KB
38 KB 225ms
205ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/04/cach-tri-gau-tai-nha-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 771ab6d0a4838a691a5539180240c08fa7fb60f7903022125ace529f0c1b0d49

Request headers

:path: /wp-content/uploads/2021/04/cach-tri-gau-tai-nha-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38632
cf-request-id: 0abbb243e500004eaf5a8c2000000001
last-modified: Wed, 07 Apr 2021 02:31:35 GMT
server: cloudflare
etag: "606d1987-96e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LlgdrwOrQ2If7YLU%2FtG2OiO45%2BVXz%2FV9rICCxIUxMQD%2FQTstvytz8BcE6N2bsBMa2dtPWHIyqqSTGLBjfnBjK3rZND2nrA5ylnGQZ0GkIzJQGSTiGqc2ELC28Vt2sjpwcnqlU0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafb44eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 may-rua-mat-xiaomi-inface-co-tot-khong-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/04/ 39 KB
40 KB 295ms
275ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/04/may-rua-mat-xiaomi-inface-co-tot-khong-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d6f7109293c14845edee340d82d24a518521c357b5a7f2c25d8c31a957f39368

Request headers

:path: /wp-content/uploads/2021/04/may-rua-mat-xiaomi-inface-co-tot-khong-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 40131
cf-request-id: 0abbb243e900004eaf708fb000000001
last-modified: Sun, 04 Apr 2021 07:24:14 GMT
server: cloudflare
etag: "6069699e-9cc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zKPxT%2BUuhZduipjWI0xTBNZyJTuLeomxlPdookHNzVPntjxiIC%2F5JW3HbaSo09ThU7ldmY5ThO3xLHGmkeV%2BvEQbE6PDQ4DGo2ksYbdcbf1BJcsowDeRtWmidBBtbJ1O3J45as8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafb74eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 dau-goi-buoi-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/03/ 35 KB
36 KB 324ms
304ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/03/dau-goi-buoi-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b31973fa0a2ef0d9c089f46aa80d626dfe480293e1f70a24b02afe83c52ca524

Request headers

:path: /wp-content/uploads/2021/03/dau-goi-buoi-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35982
cf-request-id: 0abbb243e700004eafa0395000000001
last-modified: Fri, 26 Mar 2021 11:03:28 GMT
server: cloudflare
etag: "605dbf80-8c8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sktAxiRHdhI9rnWeW2ROqU%2Bdoq0JUVCSWR%2FgrPZnizHqLfc9fhBV5d2eHKx7H%2FVa6mrk02GJDy9gb%2BtrjGxKImHRe8V1bcgLtn8fjuRilEZVOFINCnrbs%2Ftk3AZrG6u0qJIkUGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafbc4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 dau-goi-cho-toc-dau-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/03/ 41 KB
42 KB 171ms
151ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/03/dau-goi-cho-toc-dau-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e9e216ac283efefd24a692ed235b22313b490694059c3444cb097dc76be2f03e

Request headers

:path: /wp-content/uploads/2021/03/dau-goi-cho-toc-dau-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 41848
cf-request-id: 0abbb243e700004eaf92b57000000001
last-modified: Fri, 26 Mar 2021 11:02:22 GMT
server: cloudflare
etag: "605dbf3e-a378"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=hLXVFwrogiXpopFXZ%2BRU%2FSq%2BPAioOGPtqoZQ3loPDgaLuzqqXZan1l0obCgdj1sP6pyAIXomgGzHrCSbC4Vez3RJPsbltqJ6UWkUBnkCxshNg76X%2BsTEpvtOyi%2BRe2oV8NP2rWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafbe4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 dau-goi-chua-nam-o-da-dau-696x398.jpg
ezbeauty.vn/wp-content/uploads/2021/03/ 73 KB
73 KB 220ms
200ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/03/dau-goi-chua-nam-o-da-dau-696x398.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 59c31a4dc9aa38ac3405527f8895a2845c3a8c12e2b6b49081a7360a1f591a9c

Request headers

:path: /wp-content/uploads/2021/03/dau-goi-chua-nam-o-da-dau-696x398.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74399
cf-request-id: 0abbb243e800004eaf36b6d000000001
last-modified: Fri, 26 Mar 2021 11:02:08 GMT
server: cloudflare
etag: "605dbf30-1229f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RNUDsDv%2B85yS3kSnRjGSQ481DnYBTHJ%2FtLZHG4fFPCFTuc6LFKlWf4ZlyGUM9ps2kGEvTECy1hWHJFtBqmMiQbImX428AJx%2FYOnrevjOMKeyfJdiWkZSf0CWWJPPqlsgPEHU6iY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafbf4eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 Do-PH-cua-sua-rua-mat.jpg
ezbeauty.vn/wp-content/uploads/2021/02/ 29 KB
30 KB 345ms
326ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/02/Do-PH-cua-sua-rua-mat.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6c0022b592267490bb1d1c276abd24494788b5d17c0e35381d16fab666be2de1

Request headers

:path: /wp-content/uploads/2021/02/Do-PH-cua-sua-rua-mat.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30033
cf-request-id: 0abbb243e800004eaf75aad000000001
last-modified: Sun, 07 Feb 2021 15:49:15 GMT
server: cloudflare
etag: "60200bfb-7551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=e8TFX1HySOvEgzDJ3RqwLxOE%2B6NMiafINoKA3iO%2B3mvBWjvqmLHbY3pm0YyUtsUNCfKwqGSQtWI%2BFvPFr65O8SFfZjW2ZMaoMjbrwjq6AJnl6BlmBxBNLulKsC5PUUDUP6hvItE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafc24eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 Su-dung-may-rua-mat-e1612426785681.jpg
ezbeauty.vn/wp-content/uploads/2021/02/ 46 KB
46 KB 355ms
335ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/02/Su-dung-may-rua-mat-e1612426785681.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9bce581e76c2ed2d2c2a9bacfc1e16bb64f27e9027ec498cf62841ddc9d40afb

Request headers

:path: /wp-content/uploads/2021/02/Su-dung-may-rua-mat-e1612426785681.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 46908
cf-request-id: 0abbb243e800004eafab97a000000001
last-modified: Thu, 04 Feb 2021 08:19:47 GMT
server: cloudflare
etag: "601bae23-b73c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4h8KIDR0eCA%2FfRfqdTTOdUdCWl%2BwnPg46T2sJ5hRs64Eu4YPEHYVQdJniCFVf%2BHYLUsoviAmeLlBjoySpX6B%2FEUW8NOHNarPicbAanW3cRjao7dxl2RKptTMH5keySMy6FfJlEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafc54eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 Rua-mat-bang-sua-tuoi.jpg
ezbeauty.vn/wp-content/uploads/2021/02/ 66 KB
67 KB 357ms
337ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/02/Rua-mat-bang-sua-tuoi.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9b0e41e2ac4833bdb5fad9c1711f301200d5f7e02befdc279a48dcb2d08c4a63

Request headers

:path: /wp-content/uploads/2021/02/Rua-mat-bang-sua-tuoi.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 68086
cf-request-id: 0abbb243e800004eaf83352000000001
last-modified: Thu, 04 Feb 2021 06:46:01 GMT
server: cloudflare
etag: "601b9829-109f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3%2BEUHmXKKiTE9BzjqhckZ7WsBMcbGw5KtDrYfUfuGyCioTYO8pVx6rc23yfVSZlq82Ty%2BsgHMNut5HzqbVPdiISo7hInN5BEElC8rQalNTD4sEwM80XB2QKcxbhMGqhdeBm6ziw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafc64eaf-FRA
expires: Fri, 17 Jun 2022 13:11:35 GMT

GET
H3-29 200 maxresdefault-2-696x392.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 43 KB
44 KB 171ms
152ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/maxresdefault-2-696x392.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c72f688a8b34d4573060248c914f91850a38ad69803d2c70e075e7a27d9f704d

Request headers

:path: /wp-content/uploads/2021/05/maxresdefault-2-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 810
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 44078
cf-request-id: 0abbb243e900004eaf318df000000001
last-modified: Thu, 17 Jun 2021 07:05:44 GMT
server: cloudflare
etag: "60caf448-ac2e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wVIEYN57k0o7TlebPw8vrC0sRUWICIDbPXRr4SFJgmdO%2F6R%2Bi3BGse9cBjeN3W2zVLK4t6Hx125JJpdNvEfWgvbUaTykwCZz9lTfK7CJ6h2FtwwfmPWNjbcQfHvhVjgGDwXGc40%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafc74eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 maxresdefault-1-1-696x392.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 37 KB
38 KB 40ms
20ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/maxresdefault-1-1-696x392.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4aee49837e0aef5cc2b0d35cb5ca8bdf80f4edb4f236c9f356f5c3d345e538ec

Request headers

:path: /wp-content/uploads/2021/05/maxresdefault-1-1-696x392.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 810
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38011
cf-request-id: 0abbb243e900004eaf532ed000000001
last-modified: Wed, 16 Jun 2021 17:02:29 GMT
server: cloudflare
etag: "60ca2ea5-947b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=x3jFC1CD5OYESG8IWIaVDVgHBioP9sWA6wfGctStNiLfEVUYdhVUf5RfHy3rSZfebwG6sbFPa2EFmMGY%2BRJHRyOx7ynyIMSASh0%2Br3cDBVVLhMcGHjwkqWAeqgTLfhZrIkF7KHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafc84eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 sua-onefa-mama.jpg
ezbeauty.vn/wp-content/uploads/2021/06/ 99 KB
100 KB 121ms
102ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/06/sua-onefa-mama.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9cb8c5b19f66245a9057b3cf6ea7139d33c45c30dc3db24bee33b45586ea5679

Request headers

:path: /wp-content/uploads/2021/06/sua-onefa-mama.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 810
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 101859
cf-request-id: 0abbb243e900004eaf33887000000001
last-modified: Tue, 15 Jun 2021 05:39:20 GMT
server: cloudflare
etag: "60c83d08-18de3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wIv8XtAWRSc9ydDadaeWN9zzKrZf6tK06SGIJj9VHGTIPbwm2H6UZ3DO6z4a0EiP9IxkCVkynMWmQmgD0uFRhyJvOvt7%2BDIVEscMurufiIeFOeuW8QZiQVXXYfM64i5ISEH5rH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafca4eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 thay-doi-noi-tiet-to-sau-sinh11-696x418.jpg
ezbeauty.vn/wp-content/uploads/2021/06/ 72 KB
73 KB 118ms
99ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/06/thay-doi-noi-tiet-to-sau-sinh11-696x418.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2b5d0b2a74babf4d36e08334ff15342b6a06512be3ebce1d69f680e6cf9c4dec

Request headers

:path: /wp-content/uploads/2021/06/thay-doi-noi-tiet-to-sau-sinh11-696x418.jpg
pragma: no-cache
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 810
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 74172
cf-request-id: 0abbb243e900004eaf8a83a000000001
last-modified: Sat, 12 Jun 2021 04:08:53 GMT
server: cloudflare
etag: "60c43355-121bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=bXmVGmIcDFiEWlGSKDCtrZmLhoVNF0K3bZ5tLoN%2BkrPFCdpD2k7mgzHtrCF%2BgI%2FDVDw772ef%2BvKbE5AuZNgD5rPNdV7g%2F5sC3PowIWV0y7HYlLc3D%2Blq2wv9pPmk3RWZONTTR8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c864cafcb4eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 newspaper.woff
ezbeauty.vn/wp-content/themes/Newspaper/images/icons/ 123 KB
68 KB 138ms
122ms Font
application/font-woff 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/wp-content/themes/Newspaper/style.css?ver=5.7.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

sec-fetch-mode: cors
origin: https://ezbeauty.vn
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga=GA1.2.763897391.1623935495; _gid=GA1.2.2011433090.1623935495; _gat_gtag_UA_168911325_1=1
:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/wp-content/themes/Newspaper/style.css?ver=5.7.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ezbeauty.vn
Referer: https://ezbeauty.vn/wp-content/themes/Newspaper/style.css?ver=5.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2928564
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb243e300004eaf79ad4000000001
last-modified: Thu, 25 Feb 2021 14:58:20 GMT
server: cloudflare
etag: W/"6037bb0c-1eab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=mMpA1ShgjYW2ufH6MXAP4UbBzhtVNWIHdaKbOxmImhPW6SGQUr1kILextRXLJTvY%2Fg8L0cBOHus8cajhQgEAIPRoG7M5Lf33SJRD3ITHQtilOh9wKM8Vkk97r2bMILm08Zo61ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=31536000
cf-ray: 660c864c9f9c4eaf-FRA
expires: Sat, 14 May 2022 15:42:11 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 37ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:09:53 GMT
x-content-type-options: nosniff
age: 457302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:09:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 38ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:30:17 GMT
x-content-type-options: nosniff
age: 459678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:30:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
16 KB 38ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:50:35 GMT
x-content-type-options: nosniff
age: 462060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:50:35 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 116ms
98ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 09:26:30 GMT
x-content-type-options: nosniff
age: 445505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 09:26:30 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v20/ 11 KB
11 KB 55ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:39:33 GMT
x-content-type-options: nosniff
age: 430322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11316
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:39:33 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:40:44 GMT
x-content-type-options: nosniff
age: 451851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:40:44 GMT

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v9/ 23 KB
23 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v9/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:08:16 GMT
x-content-type-options: nosniff
age: 453799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23924
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:08:16 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 11 KB
12 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:47:54 GMT
x-content-type-options: nosniff
age: 440621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:47:54 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 11 KB
11 KB 20ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:53 GMT
x-content-type-options: nosniff
age: 454062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11708
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:53 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 02:43:25 GMT
x-content-type-options: nosniff
age: 469690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 02:43:25 GMT

GET
H2 200 gc.php Show response
g.ezoic.net/ezoic/ 2 B
208 B 23ms
23ms XHR
text/html 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezoic/gc.php
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/ezoic/ezoic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
server: nginx/1.16.0
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://ezbeauty.vn
access-control-max-age: 1728000
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
content-type: text/html
access-control-allow-headers: X-PINGOTHER
content-length: 2
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 116883062_2033158226816753_6670610084574849173_n-3.png
ezbeauty.vn/wp-content/uploads/2020/09/ 71 KB
72 KB 15ms
14ms Image
image/png 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2020/09/116883062_2033158226816753_6670610084574849173_n-3.png
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d3cdce51e6f5bc1b3f79a85de61955891199657a8183a0193f7bf94a27675911

Request headers

:path: /wp-content/uploads/2020/09/116883062_2033158226816753_6670610084574849173_n-3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 73136
cf-request-id: 0abbb247ec00004eaf2e2b0000000001
last-modified: Sun, 04 Apr 2021 12:38:53 GMT
server: cloudflare
etag: "6069b35d-11db0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ke1KlRaJsEO0fjHarmB8XwaFZVSMapxdwiLGSfwHSRgFgUF2dNtKoXDGyiwJp1A18HkUNI356y9ZkP4ZUCSni82jT5GMqyh0Ka4Ty01qNlBbML%2BjM0K5TDINan2CPvnQttn9D7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86531af64eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 maxresdefault-2-100x70.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 3 KB
4 KB 13ms
12ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/maxresdefault-2-100x70.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7907d64c4c93f0ff6bba87ff26da7b96e75e5fb59a843e40db504667ff8a4bf9

Request headers

:path: /wp-content/uploads/2021/05/maxresdefault-2-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2947
cf-request-id: 0abbb247ed00004eaf48047000000001
last-modified: Thu, 17 Jun 2021 07:05:36 GMT
server: cloudflare
etag: "60caf440-b83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=CpIcSqkgzdRSnz8iLSkeW%2FgNfZl27X8IggqQkfb%2FWxpBVN66AxqzDT%2FY2Op2y3ljTMPkpxoW36wIKxkd%2Bub%2BzoK93jbWo%2B%2FH1vfJ8L%2BCEQAkCFAF6%2FSfdbqrUu3TChnIBz0isNY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86531afa4eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 maxresdefault-1-1-100x70.jpg
ezbeauty.vn/wp-content/uploads/2021/05/ 2 KB
3 KB 13ms
13ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/05/maxresdefault-1-1-100x70.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2b9c6048de954cfd3900ff6d7c63a03fa8f281bdf781a465249e66027c0e6e89

Request headers

:path: /wp-content/uploads/2021/05/maxresdefault-1-1-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2263
cf-request-id: 0abbb247ed00004eaf4f9fe000000001
last-modified: Wed, 16 Jun 2021 17:02:22 GMT
server: cloudflare
etag: "60ca2e9e-8d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zCYg4H0JEUzn7cOcOux4xYR3zUc98Q5Hr5o7Vcsk%2BjgGhIPRErYNbds1GIC3I5e9jzmbrPJQX8eLzXLSCUDGzPy%2B2LY38fb5%2BAwTHFIwlzgqKe%2BhaH1haBfIO41W%2FjKa9eb4G3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86531afc4eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 sua-onefa-mama-100x70.jpg
ezbeauty.vn/wp-content/uploads/2021/06/ 3 KB
3 KB 61ms
60ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/06/sua-onefa-mama-100x70.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b9affe6b63c7beebd694cd5e43329623514edb2594ba1dd37f59aa926effcbb1

Request headers

:path: /wp-content/uploads/2021/06/sua-onefa-mama-100x70.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2640
cf-request-id: 0abbb247fb00004eafaf86a000000001
last-modified: Tue, 15 Jun 2021 05:39:26 GMT
server: cloudflare
etag: "60c83d0e-a50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5OztuNyI9j5A83bCCMTmrlJ6ssagp58f6TOxwZy7OqSefKPM8ufUzBTXRLkPZNc7tq6mtZJ4gOwJi1GWf%2BS9Fr1pjtFdmbaCqJNdBgpYVCmR683qPPRdtjUJmoDJzNpYIFs%2BsJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86532b164eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 Duong-mi.jpg
ezbeauty.vn/wp-content/uploads/2020/12/ 22 KB
23 KB 54ms
53ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2020/12/Duong-mi.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ce74479886393b887737ddef86ec4123ee6b655f87829df19dc2e4b90dbb9fe7

Request headers

:path: /wp-content/uploads/2020/12/Duong-mi.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 22739
cf-request-id: 0abbb247f600004eaf79b4a000000001
last-modified: Thu, 24 Dec 2020 10:36:52 GMT
server: cloudflare
etag: "5fe46f44-58d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YoIf7GMZGAWqd3V6wAB1NmKZDoAUo%2BH8yLAd6yp3yR5O4tWlTG28IhVPnQC8Yov0GKfMtCe%2BNAT15xnPL%2FORjWZXWBzvdiPJv60wVP83p%2BxQ%2BM9PWFsfPHg8tAoWu156z1eNUVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86532b194eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 Nuoc-hoa-zara.jpg
ezbeauty.vn/wp-content/uploads/2020/11/ 53 KB
54 KB 53ms
52ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2020/11/Nuoc-hoa-zara.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7b00315429cb541dff21dfcc6808f62477890a3d0f1c05a5d3bbfdde4041a39d

Request headers

:path: /wp-content/uploads/2020/11/Nuoc-hoa-zara.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 177053
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 54190
cf-request-id: 0abbb247f800004eaf36beb000000001
last-modified: Tue, 10 Nov 2020 18:41:12 GMT
server: cloudflare
etag: "5faadec8-d3ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=eFq24%2FUSZbL6dLpQJBEXGwrEs5r1GL19OqTAEMMzPDhrFZKSF72NMoPH2qrAO78hMy2zKZ8KqF3mNCzSNbPhU6b539UCM9%2B0eZA%2Bbi%2FK44LMYV3ZRtp%2Fpm1V53TtyIDn4so2yz8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86532b1d4eaf-FRA
expires: Wed, 15 Jun 2022 12:00:43 GMT

GET
H3-29 200 Kem-duong-da-tuoi-day-thi.jpg
ezbeauty.vn/wp-content/uploads/2020/12/ 64 KB
64 KB 15ms
14ms Image
image/jpeg 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2020/12/Kem-duong-da-tuoi-day-thi.jpg
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8fa424ff96634709a89b5863d5e1fe764fffc3236aff605ce2d860ebacf67df9

Request headers

:path: /wp-content/uploads/2020/12/Kem-duong-da-tuoi-day-thi.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 65078
cf-request-id: 0abbb247f800004eaf59970000000001
last-modified: Wed, 23 Dec 2020 09:59:20 GMT
server: cloudflare
etag: "5fe314f8-fe36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1EkVFV%2B1dkryS9kz2cYEmEweqKVMzsnzzWKpGH%2FQzeAd%2FOlDzOyR2rICgeWJoPD%2BEDhEPCOthwJUtrGgXGU0Dhpt5dBwKeyzgKtVUc9o6GHiiEM9wNobckiisOLx51249%2BAMVvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86532b1e4eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H3-29 200 logo_headermoblie.png
ezbeauty.vn/wp-content/uploads/2021/02/ 85 KB
86 KB 14ms
14ms Image
image/png 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezbeauty.vn/wp-content/uploads/2021/02/logo_headermoblie.png
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 22d4f30c8978ebc50c04819d9572c227961cfce5da821e98e7017ce0a23af3d4

Request headers

:path: /wp-content/uploads/2021/02/logo_headermoblie.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:36 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 811
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 86894
cf-request-id: 0abbb247f800004eaf9533f000000001
last-modified: Fri, 26 Feb 2021 00:21:35 GMT
server: cloudflare
etag: "60383f0f-1536e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6cwwNamN0ad6omdAF%2BV4FhQQyJFoIsKi8Uv%2BdwVlDWP3BwWv72oJzFqWk3l5XGvW83u4CY81TIrTKUa8H3fqc5iN4GU%2Bbhfm%2FS60c3RfnGMzRHEcHytYRaARD3DpbVCQBvdqX24%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 660c86532b204eaf-FRA
expires: Fri, 17 Jun 2022 12:58:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210615/r20190131/ Frame 8F8E 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210615/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210615/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezbeauty.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezbeauty.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 16 Jun 2021 22:31:27 GMT
expires: Wed, 30 Jun 2021 22:31:27 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 52809
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 mem8YaGs126MiZpBA-UFWp0bbck.woff2
fonts.gstatic.com/s/opensans/v20/ 6 KB
6 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFWp0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9616881bf47c6526f8f1552b31d1b399fb5a95922a3b8914cc6972cf6aacaa72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 08:00:39 GMT
x-content-type-options: nosniff
age: 450657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6168
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:00:39 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 5 KB
5 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 06:17:51 GMT
x-content-type-options: nosniff
age: 456825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5524
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 06:17:51 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 5 KB
5 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:58:38 GMT
x-content-type-options: nosniff
age: 432778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5580
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:58:38 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2
fonts.gstatic.com/s/opensans/v20/ 6 KB
6 KB 22ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3602bf738566f334e1cebb6e5846cbe12a8293db756cd23644a06256dd261239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezbeauty.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:27:58 GMT
x-content-type-options: nosniff
age: 459818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6364
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:43 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:27:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
657 B 79ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ezbeauty.vn&callback=_gfp_s_&client=ca-pub-1828578781656677

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210615/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1828578781656677&plah=ezbeauty.vn&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3948b3ad9ca5a9f367251ee11b91de604297d3bf69b50932397e250f37b04fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
752 B 21ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ezbeauty.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezbeauty.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 13:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C586 78 KB
26 KB 907ms
842ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1623935496&psa=0&format=728x90&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496293&bpp=1&bdt=2045&idt=652&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7389086136528&frm=20&pv=2&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=p6GA6C0lbh&p=https%3A//ezbeauty.vn&dtd=692

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

895bce2b80075c0965446c79cb4efd62d492779c7be61151ff4cc364a855b34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1623935496&psa=0&format=728x90&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496293&bpp=1&bdt=2045&idt=652&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7389086136528&frm=20&pv=2&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=p6GA6C0lbh&p=https%3A//ezbeauty.vn&dtd=692
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezbeauty.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezbeauty.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Jun 2021 13:11:37 GMT
server: cafe
content-length: 26464
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 17-Jun-2021 13:26:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Jun 2021 13:11:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 86ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:37 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Thu, 17 Jun 2021 13:11:37 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 71ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-1828578781656677&c=17&n=0&t=0&w=625&x=21

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
106 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=763979763&t=pageview&_s=1&dl=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ul=en-us&de=UTF-8&dt=B%C3%AD%20Quy%E1%BA%BFt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1781780161&gjid=1478628532&cid=286892856.1623935497&tid=UA-168911325-1&_gid=1682023413.1623935497&_r=1&gtm=2ou690&z=550290228

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezbeauty.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
11ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=763979763&t=pageview&_s=2&dl=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ul=en-us&de=UTF-8&dt=B%C3%AD%20Quy%E1%BA%BFt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=286892856.1623935497&tid=UA-168911325-1&_gid=1682023413.1623935497&gtm=2ou690&z=763625260

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 16:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74666
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 11ms
10ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=763979763&t=pageview&_s=3&dl=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ul=en-us&de=UTF-8&dt=B%C3%AD%20Quy%E1%BA%BFt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=&gjid=&cid=286892856.1623935497&tid=UA-168911325-1&_gid=1682023413.1623935497&gtm=2ou690&z=1527097449

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Jun 2021 16:27:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 74666
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp.gif Show response
g.ezoic.net/detroitchicago/ 43 B
313 B 84ms
23ms XHR
image/gif 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A268409%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A3%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c56ddb6b-24a1-4001-50c5-cb8a2ed6a6e8%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A216484%2C%22response_time_orig%22%3A58%2C%22serverid%22%3A%223.125.154.181%3A17183%22%2C%22state%22%3A%22ZH%22%2C%22t_epoch%22%3A1623935494%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1068%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-312-218-333-1&cmbcb=18&sj=x04x00x06x07x10x09x0ax0dx0fx12x18x33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:37 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ezbeauty.vn
x-middleton-display: imp_sol
access-control-max-age: 1728000
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-headers: Content-Type
content-length: 47

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 53ms
10ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-312-218-333-1&cmbcb=18&sj=x04x00x06x07x10x09x0ax0dx0fx12x18x33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:37 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Thu, 24 Jun 2021 13:11:37 GMT

POST
H2 403 admin-ajax.php Show response
ezbeauty.vn/wp-admin/ 2 KB
1 KB 751ms
738ms XHR
text/html 2606:4700:3032::ac43:860d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezbeauty.vn/wp-admin/admin-ajax.php
Requested by: Host: ezbeauty.vn
URL: https://ezbeauty.vn/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:860d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.28
Resource Hash: fea1886025517c420c2a5208b17823400059ef7e87418d9f127c913917bb200f

Request headers

sec-fetch-mode: cors
origin: https://ezbeauty.vn
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _ga=GA1.2.286892856.1623935497; _gid=GA1.2.1682023413.1623935497; _gat_gtag_UA_168911325_1=1
content-length: 29
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: ezbeauty.vn
referer: https://ezbeauty.vn/bi-quyet-lam-dep/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://ezbeauty.vn/bi-quyet-lam-dep/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 17 Jun 2021 13:11:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.28
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0abbb24c4a0000977ebba8c000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=okR%2BHw9z%2BsWqCdGO%2Btw9kAbAFZcAHBL1%2B4X675In9GO6lHYyT48ezn4oc6dlGh47zYYmgJ0mWSrBagXnEt%2BpxMKq23Nnf%2F0BUAREjU3kURyrxFcLE29R%2Fp4UnGR1M8kFUaPiUNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
set-cookie: FkBNPVdUgXw=7JQny%5B8%40cP.; expires=Fri, 18-Jun-2021 13:11:37 GMT; Max-Age=86400; path=/; secure viapxA=%5BXHPxfgsBklGa6; expires=Fri, 18-Jun-2021 13:11:37 GMT; Max-Age=86400; path=/; secure ifPAQxl=Buy3kx1; expires=Fri, 18-Jun-2021 13:11:37 GMT; Max-Age=86400; path=/; secure
cf-ray: 660c865a1dbf977e-FRA
expires: Fri, 18 Jun 2021 13:11:37 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F7F 99 KB
35 KB 369ms
368ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc60d05817b482a94f0f2f6e75e85c54d9f5a4fb044a3c8dbc30202413cefad

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKDP4pPfnvECFZXkUQodvK0IEg&gqi=CUrLYMHgIs3czQb68IuIAg&layout=/sadbundle/%24csp%253Der3%24/5039480896981378806/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezbeauty.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezbeauty.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKDP4pPfnvECFZXkUQodvK0IEg&gqi=CUrLYMHgIs3czQb68IuIAg&layout=/sadbundle/%24csp%253Der3%24/5039480896981378806/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Jun 2021 13:11:37 GMT
server: cafe
content-length: 34646
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 17-Jun-2021 13:26:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Jun 2021 13:11:37 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F8C 43 KB
2 KB 77ms
77ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1623935497&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496875&bpp=2&bdt=2627&idt=780&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=815

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88e25982ca378c64524aeff44091c0f8aa9a671cd28939907d1ae31cdea752ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1623935497&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496875&bpp=2&bdt=2627&idt=780&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C300x250&nras=1&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=815
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezbeauty.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezbeauty.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 17 Jun 2021 13:11:37 GMT
server: cafe
content-length: 2131
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 17-Jun-2021 13:26:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Jun 2021 13:11:37 GMT
cache-control: private

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
428 B 32ms
8ms Script
application/javascript 2600:9000:20eb:3a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 15:10:31 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
age: 79267
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: MridYyqul60_r_PTVMaFCY5cAJexe4VKJWEpxOfEwsgl3v-UrTFWHQ==

GET
H2 200 pixel;r=912698432;labels=Domain.ezbeauty_vn%2CDomainId.268409;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F;uht=2;fpan=1;fpa=P0-286845083-1623935497981;pbcn=u;pbc=;ns=0...
pixel.quantserve.com/ 35 B
371 B 13ms
10ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=912698432;labels=Domain.ezbeauty_vn%2CDomainId.268409;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F;uht=2;fpan=1;fpa=P0-286845083-1623935497981;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=ezbeauty.vn;je=0;sr=1600x1200x24;dst=1;et=1623935497981;tzo=-120;ogl=locale.vi_VN%2Ctype.article%2Ctitle.B%C3%AD%20Quy%E1%BA%BFt%2Cdescription.T%E1%BB%95ng%20h%E1%BB%A3p%20c%C3%A1c%20b%C3%AD%20quy%E1%BA%BFt%20l%C3%A0m%20%C4%91%E1%BA%B9p%20c%E1%BB%B1c%20k%E1%BB%B3%20d%E1%BB%85%20d%C3%A0ng%20c%C3%B9ng%20EzBeauty%2Curl.https%3A%2F%2Fezbeauty%252Evn%2Fbi-quyet-lam-dep%2F%2Csite_name.EzBeauty%252Evn%2Cimage.https%3A%2F%2Fezbeauty%252Evn%2Fwp-content%2Fuploads%2F2020%2F09%2F116883062_2033158226816753_667061%2Cimage%3Asecure_url.https%3A%2F%2Fezbeauty%252Evn%2Fwp-content%2Fuploads%2F2020%2F09%2F116883062_2033158226816753_667061%2Cimage%3Awidth.1024%2Cimage%3Aheight.516%2Cimage%3Atype.image%2Fpng

Requested by

Host: ezbeauty.vn
URL: https://ezbeauty.vn/bi-quyet-lam-dep/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C586 6 KB
765 B 42ms
41ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1623935496&psa=0&format=728x90&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496293&bpp=1&bdt=2045&idt=652&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7389086136528&frm=20&pv=2&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=p6GA6C0lbh&p=https%3A//ezbeauty.vn&dtd=692

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Jun 2021 11:24:24 GMT
server: ESF
date: Thu, 17 Jun 2021 13:11:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Jun 2021 13:11:38 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C586 1 KB
989 B 410ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:10:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame C586 17 KB
7 KB 391ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 13534463047637254567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:09:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C586 3 KB
1 KB 415ms
36ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:03:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C586 122 KB
37 KB 46ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 13:11:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame C586 13 KB
6 KB 391ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:10:16 GMT

GET
H2 200 37c44ba5c7c2e56e86b2dceff03da5e6.js Show response
www.gstatic.com/mysidia/ Frame C586 25 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/37c44ba5c7c2e56e86b2dceff03da5e6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 13:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10651
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 06:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Sep 2021 13:27:06 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/ Frame 8F7F 17 KB
7 KB 369ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7073
x-xss-protection: 0
server: cafe
etag: 13534463047637254567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:09:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 8F7F 3 KB
1 KB 385ms
35ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:03:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F7F 122 KB
37 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:38 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Thu, 17 Jun 2021 13:11:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/ Frame 8F7F 13 KB
6 KB 368ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210615/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:10:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 10674426802404029766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Jul 2021 13:10:16 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/6726770857949264714/ Frame C586 24 KB
25 KB 388ms
37ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6726770857949264714/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af8c9dbd9f14f40484c5c6a067a205410adfb1456bb0570792669d9f568aca88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 07:55:20 GMT
x-content-type-options: nosniff
age: 364578
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25057
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 13:30:54 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 07:55:20 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11841379133475364560/ Frame C586 2 KB
2 KB 386ms
36ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11841379133475364560/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3fe9416f172c634e542add08d9c20244d758034150e76aeab4a040e334456cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 05:55:53 GMT
x-content-type-options: nosniff
age: 371745
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2278
x-xss-protection: 0
last-modified: Wed, 04 Nov 2020 11:09:21 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 05:55:53 GMT

GET
DATA 200
OK truncated
/ Frame C586 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C586 0
0 23ms
23ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIlA5CUrLYJXDBZfI1gb43pCQDY6v1Kpjnuqhz_cN2dkeEAEgu-O_fmCViriCyAegAfqZkJ0DyAEJqQJGNVi7wQ60PqgDAcgDywSqBNMBT9BP0FJTfB9PDnXD7z9PUgT7bgsA38MUqUpiSgyXWeqrTG0r7aFwHL_332rmW9OBhTBWJIj3LLFnXw6NaSsRkImVx76-DQAwwaGDDjE1Bi9aGKfF9li9AktRpvIp_OZfwIqt6hngFTQHHtN_huwhpXGGDC5gTeG2Jv0kW0eiNhClxTw5Nnho6U8Pms6Kq2CrDeRMn5VSWYY7aWB3CKOnfiqnag6qzPqjAQZbonk5w48G9gZjz3VsGGUaxLAdXfr-Iz0y_IDfI92MJSANGwx4mp1IGcAEqZmQudYDkgUECAQYAZIFBAgFGASgBi6AB-7l72KoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-eUF0ggJCIDhgBAQARgfgAoByAsB2BMNiBQC0BUBgBcBshcaChgIABIUcHViLTE4Mjg1Nzg3ODE2NTY2Nzc&sigh=xirxXn0VXQI&template_id=484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1623935496&psa=0&format=728x90&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496293&bpp=1&bdt=2045&idt=652&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=7389086136528&frm=20&pv=2&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=56&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&cms=2&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=p6GA6C0lbh&p=https%3A//ezbeauty.vn&dtd=692
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 17 Jun 2021 13:11:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Jun 2021 13:11:38 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 65 KB
18 KB 52ms
27ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1361b2a01ad02699491d4c1f8f98cc3daac3125d1b281aa231fbf30f5772507c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/5039480896981378806/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 12 Jun 2021 08:36:00 GMT
expires: Sun, 12 Jun 2022 08:36:00 GMT
last-modified: Wed, 12 May 2021 19:45:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 16892
age: 448538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F7F 0
0 29ms
19ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHYyuCUrLYOCmI5XJxwK826KQAfCx5uZiva7bhdkNn9WYz9oZEAEgu-O_fmCViriCyAegAZ_n0vkCyAEJqQIcgMH2YQu0PqgDAcgDSKoE4QFP0Crx9IVWYrergaH0d-6kN5fTr6uu7dj0kUVO6LPKYZQAAD_zpTNh_JoGzy7_UmXwCFns-wAvKu9m0B-2c7T6LbpHNx4iXWIMAaiciyFpDN22UthS4Frp_qDWP7DQAZY6yWdu0-vZOzeCJ1CiGEVSrs7pSjLpLjQP_zalPLoMXOpWXQHQ63AB5E1aTt9idKNYVxBsi-j9qJ40MtMfqDtvT4-yT-KJbIWidzWUGJmJUDBLx3rHgxbe_SntCEJlMjm5tb2zSyRNRnExHmzhlPAmRWP7q6xlzGLun03AOKfZsN3ABOvlja--A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfJmK2GAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDIqwXSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItMTgyODU3ODc4MTY1NjY3Nw&sigh=UI-9AbEnHHA&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 17 Jun 2021 13:11:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Jun 2021 13:11:38 GMT

GET
DATA 200
OK truncated
/ Frame C586 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ff4fbf94db03151a84e8bdb6d4da9a3a34d063fb01a7e0e66be66a916e780ab7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8AB 143 B
163 B 12ms
11ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnGO7jp9e9l8Kz9VyKxGmSnvF63BBZMfvJ0lJBXiIL4E2H97NPpDTD3Gm4qDYA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=3680287927&adf=1968320725&w=300&lmt=1623935497&psa=0&format=300x250&url=https%3A%2F%2Fezbeauty.vn%2Fbi-quyet-lam-dep%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1623935496294&bpp=2&bdt=2046&idt=1236&shv=r20210615&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=7389086136528&frm=20&pv=1&ga_vid=286892856.1623935497&ga_sid=1623935497&ga_hid=763979763&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1022&ady=825&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672&oid=3&pvsid=3483006801198390&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=D6XEZ2bLvH&p=https%3A//ezbeauty.vn&dtd=1255

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 17 Jun 2021 12:47:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1463
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8F7F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddcffa87b2ed6a93c94dc48e825a138013f78ca3052d96d3145c2c1a531f1c07

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C586 15 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:50:35 GMT
x-content-type-options: nosniff
age: 462063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:50:35 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C586 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:05:05 GMT
x-content-type-options: nosniff
age: 435993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:05:05 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame C586 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:18:32 GMT
x-content-type-options: nosniff
age: 453186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:18:32 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F55F 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 16 Jun 2021 18:22:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67757
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 17 Jun 2021 18:22:21 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F55F 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 09:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 18 Jun 2021 09:06:51 GMT

GET
H2 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame ECDF 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 11:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 11:27:44 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 40ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210615&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f9cd79fb1bd62e2980cddef20db783319430b19d0ad5e01854d0eaee6ad2a13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 17 Jun 2021 13:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7941
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8AB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
173 B

18ms
16ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Jun 2021 13:11:39 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 17-Jun-2021 14:11:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 17 Jun 2021 13:11:39 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 17 Jun 2021 13:11:38 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 17 Jun 2021 13:11:38 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame F55F 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 11:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 11:27:44 GMT

GET
H3-29 200 CANCELACION_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 8 KB
8 KB 29ms
25ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/CANCELACION_DE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 417445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8598
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 17:14:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 17:14:14 GMT

GET
H3-29 200 CTA_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 10 KB
10 KB 28ms
24ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/CTA_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 450699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:00:00 GMT

GET
H3-29 200 TEXTO3JUNIOR_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 12 KB
12 KB 18ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/TEXTO3JUNIOR_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b46a1dffa9354244a35dc525e6ab3f2da2119a9d597433494ab2beab1176308a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 407133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12547
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 20:06:06 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 20:06:06 GMT

GET
H3-29 200 TEXTO2_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 14 KB
14 KB 27ms
26ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/TEXTO2_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 407250
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14459
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 20:04:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 20:04:09 GMT

GET
H3-29 200 TEXTO1_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 12 KB
13 KB 26ms
25ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/TEXTO1_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 408790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 19:38:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 19:38:29 GMT

GET
H3-29 200 fondo300x250_DE.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 97 KB
97 KB 52ms
13ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/fondo300x250_DE.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d751c4b37044b651f0dfeb06e2677f16bcde5d794c022fd7ab239b6ebd4768de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 457975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99235
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 05:58:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:58:44 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame F0C0 12 KB
5 KB 39ms
17ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezbeauty.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezbeauty.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 17 Jun 2021 12:09:07 GMT
expires: Fri, 17 Jun 2022 12:09:07 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9116 783 B
534 B 32ms
18ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f69fe53e02f0b764d74168d4f387914ec48ef729ad1c42ffa32e26341c20aab5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EVn5debB87Se9lOff9s9hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezbeauty.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezbeauty.vn/

Response headers

expires: Thu, 17 Jun 2021 13:11:39 GMT
date: Thu, 17 Jun 2021 13:11:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EVn5debB87Se9lOff9s9hQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F55F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 TEXTO1_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 12 KB
13 KB 48ms
6ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/TEXTO1_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 408790
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12778
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 19:38:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 19:38:29 GMT

GET
H3-29 200 TEXTO2_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 14 KB
14 KB 51ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/TEXTO2_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 407250
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14459
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 20:04:09 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 20:04:09 GMT

GET
H3-29 200 TEXTO3JUNIOR_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 12 KB
12 KB 23ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/TEXTO3JUNIOR_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b46a1dffa9354244a35dc525e6ab3f2da2119a9d597433494ab2beab1176308a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 407133
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12547
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 20:06:06 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 20:06:06 GMT

GET
H3-29 200 CTA_DE_GRANDE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 10 KB
10 KB 24ms
10ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/CTA_DE_GRANDE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 450699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 08:00:00 GMT

GET
H3-29 200 CANCELACION_DE.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 8 KB
8 KB 49ms
38ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/CANCELACION_DE.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 417445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8598
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 17:14:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 17:14:14 GMT

GET
H3-29 200 fondo300x250_DE.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/ Frame F55F 97 KB
97 KB 43ms
38ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5039480896981378806/fondo300x250_DE.jpg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d751c4b37044b651f0dfeb06e2677f16bcde5d794c022fd7ab239b6ebd4768de

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 457975
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99235
x-xss-protection: 0
last-modified: Wed, 12 May 2021 19:45:06 GMT
server: sffe
date: Sat, 12 Jun 2021 05:58:44 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:58:44 GMT

GET
H3-29 200 94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js Show response
pagead2.googlesyndication.com/bg/ Frame F0C0 14 KB
6 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94Gt_qMMOHajVAy-ktkQgEQIoZJrQUA0XxP17Oddwac.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 11:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5750
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 11:27:44 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F7F 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspkwp4XCDClDIV3Sk44ZwJVWmRuBh443M4qMTI0SVSGjpUdz1qALRociB4yEZP5T60JiKdpnQWJK86wqxTErX__OjEH9IoWICJ-Unuu4ubJHg0P2v8-mRlzfXP2g&sai=AMfl-YT6RUmM7R5WdiofM3UM1rk4HSmbGGTPtK3amgmALeNh743PAam3_9ZmIO2kJEFm4Uy2m4p_k5BcphRl&sig=Cg0ArKJSzGUSd-m8PNfrEAE&id=lidar2&mcvt=1003&p=825,1022,1075,1322&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3680287927&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623935497557&dlt=403&rpt=249&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C586 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTYF_iPo6HQD41ngJTXBRzB4O-HclfOuiYWmYVoLTlbrIelhWDXoPwo1BU2R6rOuY0fAavhhX0XrDs4ykbli3SxlUGY4dp988b9mlhRNZ6HES8NyBs1fqrVDG9CQ&sai=AMfl-YQ_qKAxO5skJvfCvdHzRApMzV-lM1OdUiAQjJiogyC5hoTEXqpuF6a8JaqJrb5s2Xfdm-_gTAtk-gL0&sig=Cg0ArKJSzExiM7g8RPJ9EAE&id=lidar2&mcvt=1001&p=56,606,146,1334&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210616&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4100517743&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1623935497007&dlt=948&rpt=817&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210615&jk=3483006801198390&bg=!-_il-LzNAAZktE7iZLQ7ACkAdvg8Wvz9hwOLiOeZq6Wan0hepas-AmNf8F6frmjtljFE6olBaC-O5AIAAAJqUgAAAA9oAQcKAKGq39XdXukz01Wgfmdr3zG_PmiVwRAEfpptdcNR0rFMKOAfrDe8351-dzUi6b4iBjETJYSpC3S1PKLP7XxWqzSZi9zmvr2uyVCP8HecrT2GkrHReP4PsTtee_MJ8oxWzPVeWI81Nuxe7SAEn1ILOztGKGQzHod7TvQRC3VrCsjFp7bSxdYcQI48CHa69VWFEFl3mdQvdJArfdWgekgL0U5xOJkCczSK2nXCAGoOb4tYHnro0-2o2AajhWjzeNFAxfxRmJ7GxtD8Q7UdtkssyDGzYSrz8tK-gQd4BG5RBcRxaVefjdEGeUx1hp1-mTM8MKWA-AXNOMl7jAQU35hpPXYRy37r_dsUUUBBdUHulxuvsXRXOuiqxuMT1wLns0L097dtv3QhM8ZlzHD583K7yzGesyPBvU2jeZXDKb1bQMfOqT26GCBWHH7j9Yq_yzoR2IoJyUMaGbBs0xjjmQEZmaskHLlbXRliPCNBlZjMniFDBTRWegCaC3to_L_NrBisVX0x3Ge5owQl0gtD8OBuMF9B4smJf30RZPVuoiv_c-xcACgTexeTZfv0ddXB2SsIFZHgsCEyrgWcD2iZ-YFKrdB3OBVZ4gNeRxu51haHOrqHAuPc7XaEBOtugXZMpOSXYSgIO_H4lyDyf6yvjaFd2XK2UUv4uLvPOL_HjGgOmp1kU8WOYhaD1BngKfpGjle379sGjOf99PzZx6t_e2Q8tG5wIhzpMJXIHt0TtLatbo_eNUfeSTHO0pZXF38lHYwg1na__8aOMTlbbMLcfHWG4cLwR80X9nJyFQJMWPTcnOvwGbJ5_-xa1mkPCxYtWBTr_E305jvF6fcuwsesuJ1o7uO0fOluX_lGHpuJYZCrKvrx-OggGvU1I21PU60dO9RyqDccOld-hR8Cl8-c_zwlv4WCOl6ThqzBZE25RKL70lTU_4uspZFAsT19CG_wtP9ZRDkigLGtiECH5umwN6uVQ0KWA6u4EGkN2b_Wl1vitXaYjUTUmfxxdVSc3x5bqoBUfMjFsjZ0_fIsOshGyru4iAIjr_khr3RL0A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Jun 2021 13:11:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif Show response
g.ezoic.net/detroitchicago/ 0
20 B 129ms
79ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjNTZkZGI2Yi0yNGExLTQwMDEtNTBjNS1jYjhhMmVkNmE2ZTgiLCJkb21haW5faWQiOiIyNjg0MDkiLCJ0X2Vwb2NoIjoxNjIzOTM1NDk0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzU2ZGRiNmItMjRhMS00MDAxLTUwYzUtY2I4YTJlZDZhNmU4IiwiZG9tYWluX2lkIjoiMjY4NDA5IiwidF9lcG9jaCI6MTYyMzkzNTQ5NCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDYtMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjNTZkZGI2Yi0yNGExLTQwMDEtNTBjNS1jYjhhMmVkNmE2ZTgiLCJkb21haW5faWQiOiIyNjg0MDkiLCJ0X2Vwb2NoIjoxNjIzOTM1NDk0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjNTZkZGI2Yi0yNGExLTQwMDEtNTBjNS1jYjhhMmVkNmE2ZTgiLCJkb21haW5faWQiOiIyNjg0MDkiLCJ0X2Vwb2NoIjoxNjIzOTM1NDk0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImM1NmRkYjZiLTI0YTEtNDAwMS01MGM1LWNiOGEyZWQ2YTZlOCIsImRvbWFpbl9pZCI6IjI2ODQwOSIsInRfZXBvY2giOjE2MjM5MzU0OTQsImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0=
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-312-218-333-1&cmbcb=18&sj=x04x00x06x07x10x09x0ax0dx0fx12x18x33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:44 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ezbeauty.vn
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 16 Jun 2021 13:11:44 UTC

GET
H2 200 greenoaks.gif Show response
g.ezoic.net/detroitchicago/ 0
182 B 127ms
78ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjNTZkZGI2Yi0yNGExLTQwMDEtNTBjNS1jYjhhMmVkNmE2ZTgiLCJkb21haW5faWQiOiIyNjg0MDkiLCJ0X2Vwb2NoIjoxNjIzOTM1NDk0LCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI1OSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTQyMCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiOSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiIzMTUzIn0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMzIwOCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiI1MjE3In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzU2ZGRiNmItMjRhMS00MDAxLTUwYzUtY2I4YTJlZDZhNmU4IiwiZG9tYWluX2lkIjoiMjY4NDA5IiwidF9lcG9jaCI6MTYyMzkzNTQ5NCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNDA2NiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImM1NmRkYjZiLTI0YTEtNDAwMS01MGM1LWNiOGEyZWQ2YTZlOCIsImRvbWFpbl9pZCI6IjI2ODQwOSIsInRfZXBvY2giOjE2MjM5MzU0OTQsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiNDA2NiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImM1NmRkYjZiLTI0YTEtNDAwMS01MGM1LWNiOGEyZWQ2YTZlOCIsImRvbWFpbl9pZCI6IjI2ODQwOSIsInRfZXBvY2giOjE2MjM5MzU0OTQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjNTZkZGI2Yi0yNGExLTQwMDEtNTBjNS1jYjhhMmVkNmE2ZTgiLCJkb21haW5faWQiOiIyNjg0MDkiLCJ0X2Vwb2NoIjoxNjIzOTM1NDk0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuOSJ9XX1d
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-312-218-333-1&cmbcb=18&sj=x04x00x06x07x10x09x0ax0dx0fx12x18x33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:44 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ezbeauty.vn
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 16 Jun 2021 13:11:44 UTC

GET
H2 200 greenoaks.gif Show response
g.ezoic.net/detroitchicago/ 0
20 B 129ms
80ms XHR
text/plain 18.158.98.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjNTZkZGI2Yi0yNGExLTQwMDEtNTBjNS1jYjhhMmVkNmE2ZTgiLCJkb21haW5faWQiOiIyNjg0MDkiLCJ0X2Vwb2NoIjoxNjIzOTM1NDk0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzU2ZGRiNmItMjRhMS00MDAxLTUwYzUtY2I4YTJlZDZhNmU4IiwiZG9tYWluX2lkIjoiMjY4NDA5IiwidF9lcG9jaCI6MTYyMzkzNTQ5NCwiZGF0YSI6W3sibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIxNDA1MjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMiJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIxNDA1MjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjU1MzYwMDAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiMzQ2MCJ9XX1d
Requested by: Host: g.ezoic.net
URL: https://g.ezoic.net/detroitchicago/cmbv2.js?gcb=195-0&cb=04-100-406-1207-110-509-50a-80d-30f-312-218-333-1&cmbcb=18&sj=x04x00x06x07x10x09x0ax0dx0fx12x18x33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.98.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ezbeauty.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 13:11:44 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ezbeauty.vn
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Wed, 16 Jun 2021 13:11:44 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210615/r20190131/zrt_lookup.html

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ezbeauty.vn/	1970-01-20 03:51:11	Name: ezux_lpl_268409 Value: 1623935498899\|c56ddb6b-24a1-4001-50c5-cb8a2ed6a6e8\|false

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ezbeauty.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://ezbeauty.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ezbeauty.vn
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezoic.net
googleads.g.doubleclick.net
images.dmca.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
rutgon.me
secure.quantserve.com
static.cloudflareinsights.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googleads.g.doubleclick.net
134.209.102.155
142.250.185.66
151.139.242.29
18.158.98.109
2600:9000:20eb:3a00:6:44e3:f8c0:93a1
2600:9000:2156:6400:2:cb38:840:93a1
2606:4700:3032::ac43:860d
2606:4700::6810:5e41
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2003
023cfc09f52502a3aed1ff16fc90fe0c2216928b5ef7942cc1615befb299e740
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
057f27139c88daf63770b9514f607e5f29a76494310acee9af2a31a2c7a385a5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1361b2a01ad02699491d4c1f8f98cc3daac3125d1b281aa231fbf30f5772507c
150915d4d853120190cb5e21a75fd902cebda2f2bc1a3d332676b700365f20fe
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22d4f30c8978ebc50c04819d9572c227961cfce5da821e98e7017ce0a23af3d4
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2b5d0b2a74babf4d36e08334ff15342b6a06512be3ebce1d69f680e6cf9c4dec
2b9c6048de954cfd3900ff6d7c63a03fa8f281bdf781a465249e66027c0e6e89
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
35e6d963e66ddcb0b55c146e9cfdb52fe01c2b7ab4e8a3ef0316832df25f588a
3602bf738566f334e1cebb6e5846cbe12a8293db756cd23644a06256dd261239
3948b3ad9ca5a9f367251ee11b91de604297d3bf69b50932397e250f37b04fc2
39e8ee6411ee4d21f517e5b71bcd7b5ac80a4a761ed07696bf56f4860d5f9e54
3d0c73d97749dd61bf2a3e295270acfdf38d4eb3a333a622feadc473d4a667e3
3dc60d05817b482a94f0f2f6e75e85c54d9f5a4fb044a3c8dbc30202413cefad
43f5f23a4dd8b6698641c65fa3a2c2c4293ff08a347648da5676905d5cce0832
45d2df9c74b807fb3e90a4f986e353c76c72e39a05ba16824f44800798a85c1b
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4aee49837e0aef5cc2b0d35cb5ca8bdf80f4edb4f236c9f356f5c3d345e538ec
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
4f38c54cac30b9fabc431ecf3f0dbdda0dc6d9b5f78c6a0021df91ea4dc28279
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
59c31a4dc9aa38ac3405527f8895a2845c3a8c12e2b6b49081a7360a1f591a9c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f9cd79fb1bd62e2980cddef20db783319430b19d0ad5e01854d0eaee6ad2a13
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0022b592267490bb1d1c276abd24494788b5d17c0e35381d16fab666be2de1
6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9
754e4f25470d9263afc25125dce868bae633ea3d59f1b7dc8a0e740292fa68a5
771ab6d0a4838a691a5539180240c08fa7fb60f7903022125ace529f0c1b0d49
7907d64c4c93f0ff6bba87ff26da7b96e75e5fb59a843e40db504667ff8a4bf9
7b00315429cb541dff21dfcc6808f62477890a3d0f1c05a5d3bbfdde4041a39d
7f0de4157672afac565b1dd92dd11e6efbc04e3ae43fd3c3e49b29b5cd7fb5ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88e25982ca378c64524aeff44091c0f8aa9a671cd28939907d1ae31cdea752ed
895bce2b80075c0965446c79cb4efd62d492779c7be61151ff4cc364a855b34f
8d2e022d515e3b0eef715a7da216044e396021908e24c4e3f3fad0b3b1ce8c2c
8ea234be37abb1b803a59de89393fa78be54e35744ec7880017b6d41b39e15e0
8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800
8fa424ff96634709a89b5863d5e1fe764fffc3236aff605ce2d860ebacf67df9
919a2b5d7b630279d6e5400c2408f2cfa2c65a4415a8dffe81bf71abea0c086a
9616881bf47c6526f8f1552b31d1b399fb5a95922a3b8914cc6972cf6aacaa72
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9b0e41e2ac4833bdb5fad9c1711f301200d5f7e02befdc279a48dcb2d08c4a63
9bce581e76c2ed2d2c2a9bacfc1e16bb64f27e9027ec498cf62841ddc9d40afb
9cb8c5b19f66245a9057b3cf6ea7139d33c45c30dc3db24bee33b45586ea5679
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11e70fbd2fef534f23052b20535b0e53215daf7346b1647dd91d7041d296236
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a73b01bf3ae3a9522a09c26f7258e2a85e6b89ba789da09a1d4099c363785b38
aa3add47cd3352a0051fdaa0f44320740389b2566c60f36b9e0a1a5b29515a9e
af8c9dbd9f14f40484c5c6a067a205410adfb1456bb0570792669d9f568aca88
b03539a9599e90ecdbbcbdfa8b8b2612bbd521c2d9577266f02189552fa7adf1
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
b098e698f579c8576cf7e3e3f491587ecd7dbda80115658d8511c5949202830b
b30a5db854ba342c274c09d698a14b5e44e33659edce46b9f74784f7fa21955d
b31973fa0a2ef0d9c089f46aa80d626dfe480293e1f70a24b02afe83c52ca524
b46a1dffa9354244a35dc525e6ab3f2da2119a9d597433494ab2beab1176308a
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b576551cf563547b660d088d5e2fea59e1d9902f8d49db28c51b52de46688e85
b588777c74bbe6679fd0939ef3eae6ce77a347aaaf205a24112fb68730d65bc8
b9affe6b63c7beebd694cd5e43329623514edb2594ba1dd37f59aa926effcbb1
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c72f688a8b34d4573060248c914f91850a38ad69803d2c70e075e7a27d9f704d
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
cdd899af463bd241abab84554cbd799790653d9f9871aa26382afa37bb3e0370
ce74479886393b887737ddef86ec4123ee6b655f87829df19dc2e4b90dbb9fe7
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3cdce51e6f5bc1b3f79a85de61955891199657a8183a0193f7bf94a27675911
d6f7109293c14845edee340d82d24a518521c357b5a7f2c25d8c31a957f39368
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
d751c4b37044b651f0dfeb06e2677f16bcde5d794c022fd7ab239b6ebd4768de
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddcffa87b2ed6a93c94dc48e825a138013f78ca3052d96d3145c2c1a531f1c07
ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e1ce3405ba66988cede034799b1b327f7a81a9ab56168df5b82619cf62399d52
e3aa19963da214c9d3039da2c9df0e89d819c6ad977bd18144d037928984e08a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e40dc31088a3d16f54cbfae2fa1d9c2e4b3df81967eb703148a0779f9c9b9957
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e9e216ac283efefd24a692ed235b22313b490694059c3444cb097dc76be2f03e
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
eea6dc59229104927a1ca1a416794d0ae3fb326b2ed6926abda0dd2a8cf693be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e5e8d233becdb2d0d9ad0b12ad25bdd2ec71b44bbe32ef4796b9c3dcbca340
f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834
f3fe9416f172c634e542add08d9c20244d758034150e76aeab4a040e334456cd
f57c80ac183c9d140eb46bc29609728d847922b380eb6061c91678e5e14b025f
f69fe53e02f0b764d74168d4f387914ec48ef729ad1c42ffa32e26341c20aab5
f781adfea30c3876a3540cbe92d910804408a1926b4140345f13f5ece75dc1a7
f837003b3e7227695ecea247b6835139683ec9241e48f97a7c0ab1016d77c24b
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fea1886025517c420c2a5208b17823400059ef7e87418d9f127c913917bb200f
ff4fbf94db03151a84e8bdb6d4da9a3a34d063fb01a7e0e66be66a916e780ab7

ezbeauty.vn Open in urlscan Pro 2606:4700:3032::ac43:860d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

146 Requests

99 %HTTPS

81 %IPv6

17 Domains

22 Subdomains

22 IPs

3 Countries

2723 kBTransfer

5357 kBSize

1 Cookies

15 Outgoing links

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ezbeauty.vn Open in urlscan Pro
2606:4700:3032::ac43:860d Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

99 %
HTTPS

81 %
IPv6

17
Domains

22
Subdomains

22
IPs

3
Countries

2723 kB
Transfer

5357 kB
Size

1
Cookies

146 HTTP transactions
6 data transactions