pencil.evolus.vn Open in urlscan Pro
125.212.248.224 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pencil.evolus.vn/
Submission: On April 10 via manual (April 10th 2023, 3:06:55 pm UTC) from CL — Scanned from DE

Summary HTTP 135 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 26 domains to perform 135 HTTP transactions. The main IP is 125.212.248.224, located in Hanoi, Viet Nam and belongs to VIETEL-AS-AP Viettel Group, VN. The main domain is pencil.evolus.vn.
TLS certificate: Issued by R3 on March 26th 2023. Valid for: 3 months.

This is the only time pencil.evolus.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	125.212.248.224 125.212.248.224	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	() ()
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	() ()
1 2	2606:4700::68... 2606:4700::6812:18ad	() ()
1	35.71.131.137 35.71.131.137	() ()
6 6	185.80.39.216 185.80.39.216	() ()
3 20	172.217.16.194 172.217.16.194	() ()
3	2a05:d01c:1d8... 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2	() ()
2 2	35.186.193.173 35.186.193.173	() ()
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
2 2	2a05:d018:d29... 2a05:d018:d29:3605:1260:9dcc:1d0e:53e1	() ()
8 8	37.157.4.29 37.157.4.29	() ()
1	34.160.236.64 34.160.236.64	() ()
1 1	34.91.62.186 34.91.62.186	() ()
1	35.227.252.103 35.227.252.103	() ()
1 1	51.38.120.206 51.38.120.206	() ()
2 4	104.102.35.84 104.102.35.84	() ()
135	24

8 125.212.248.224 (Hanoi, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)

pencil.evolus.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.80.39.216 (None, ) 6 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.217.16.194 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2 (None, )

ASN- ()

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (None, ) 2 redirects

ASN- ()

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:1260:9dcc:1d0e:53e1 (None, ) 2 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.157.4.29 (None, ) 8 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (None, )

ASN- ()

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (None, ) 1 redirects

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.102.35.84 (None, ) 2 redirects

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	501 KB
33	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net	172 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	166 KB
9	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	adform.net 8 redirects c1.adform.net	6 KB
8	evolus.vn pencil.evolus.vn	240 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com	6 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	244 KB
4	teads.tv 2 redirects sync.teads.tv	1013 B
3	innovid.com ag.innovid.com	889 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 7832	818 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	ctnsnet.com 2 redirects ius.ctnsnet.com	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	dotomi.com dclk-match.dotomi.com	207 B
2	quantserve.com cms.quantserve.com	928 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	onetag-sys.com 1 redirects onetag-sys.com	394 B
1	openx.net rtb.openx.net	351 B
1	simpli.fi 1 redirects um.simpli.fi	762 B
1	mookie1.com odr.mookie1.com	213 B
1	adsrvr.org match.adsrvr.org	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	601 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
135	26

	Domain	Requested by
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
20	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	pencil.evolus.vn pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net pencil.evolus.vn
8	c1.adform.net	8 redirects
8	www.gstatic.com	googleads.g.doubleclick.net
8	pencil.evolus.vn	pencil.evolus.vn
6	ssum-sec.casalemedia.com	6 redirects
6	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
6	fonts.googleapis.com	pencil.evolus.vn googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	sync.teads.tv	2 redirects
3	ag.innovid.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	ius.ctnsnet.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	www.google-analytics.com	pencil.evolus.vn www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	onetag-sys.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
135	32

This site contains links to these domains. Also see Links.

Domain
github.com
evolus.vn

Subject Issuer	Validity	Valid
evolus.vn R3	`2023-03-26` - `2023-06-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://pencil.evolus.vn/
Frame ID: 8FE1BB76DAD48B2AEF6A342B3782D761
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&h=90&slotname=9118354868&adk=1552096359&adf=742446909&pi=t.ma~as.9118354868&w=728&lmt=1681139209&url=https%3A%2F%2Fpencil.evolus.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139209624&bpp=15&bdt=321&idt=217&shv=r20230405&mjsv=m202304040101&ptt=5&saldr=sa&abxe=1&correlator=5974927541891&frm=20&pv=2&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&pvsid=4373354240498984&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Uo6TN6hmOH&p=https%3A//pencil.evolus.vn&dtd=247
Frame ID: BAEDEDBD9A541E14519D24A5831099EB
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 89EC1FA41737F047E0D417F053A7E2D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: 13CA730BC7994C171F832DBDE0C76CC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&adk=1812271804&adf=3025194257&lmt=1681139211&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fpencil.evolus.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139211668&bpp=2&bdt=2365&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De70ec82ea3ba937b-2223b2a88add0054%3AT%3D1681139209%3ART%3D1681139209%3AS%3DALNI_MbQVTRpv-6zLbDn-mmjyMP9_jqZhQ&gpic=UID%3D00000bd3b178af18%3AT%3D1681139209%3ART%3D1681139209%3AS%3DALNI_Mal2sWb4ZYXy3Jv7WTamkAmndRxjw&prev_slotnames=9118354868&nras=1&correlator=5974927541891&frm=20&pv=1&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&psts=AHQMDFd9XjVuCBnu30K3Z0mE1gcr1fAP86Dn-iy-x78YAuTX7_BIh9CHatx0_xwmz_eTXBk1F_k2Dvl-JLm3QFOuzQxsLQ&pvsid=4373354240498984&tmod=884985492&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=27
Frame ID: D67082080855FFAB2688033DFCE741E3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 124844BEE301255DB09A5E5D61F2FB48
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4573AE51B5AAD1701DB8F1F4191193DF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2CCD26126B3F2A023D519A21A64EB3CA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 808A167D3CB6D96625B7DAE6B1F96B2F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 87B39496754920C33CD6A6E8661A5F16
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: C146819BFFEDFAFA1357DFCFD702FD88
Requests: 14 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019
Frame ID: 19C25F0731CB1A3828E263424446B9BC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CDF28D8F846D250520C8D300A2F54E4C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B7F90ECA38D2F12885618F4DA3953170
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 22C18160D18449A7F93D511291D74E89
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68C2A422B46B62E97731E3BEA091AC25
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 46723449A8D8E9EAF8CA2688DD332B1B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: E1BEA3650FE2C7E1BE23217679056E91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 41968B139CC1FFD345979D62B2C6CEDA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: 4A8C1A59CC241651449D9A11826B674B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: A8645173313D9C5DD2D8923A080A1AAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - Pencil Project

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

135
Requests

87 %
HTTPS

62 %
IPv6

26
Domains

32
Subdomains

24
IPs

2
Countries

1355 kB
Transfer

3492 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/evolus/pencil/blob/master/RELEASE/RELEASE-NOTE-311.md
Title: release notes

Search URL Search Domain Scan URL

URL: https://evolus.vn/
Title: Evolus Website

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 102

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPGlWaJMx29CrwYaTHgEFNE&google_cver=1&google_push=Aer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPGlWaJMx29CrwYaTHgEFNE&google_cver=1&google_push=Aer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 104

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_cver=1&google_push=Aer7DvIlBmzL5Yv4-KFHEb_a5hMbkosW5CJqsQE0NroebYJvjBlJuPbQk767rENu2E0No4YFG2W0qoMr8bZRmxZEiR1dkCOsxtEysWE02uhBOSM6fP9Vhm4R9NPkxmKau84u7d8arf9_vtyPLcE9KvJynSSENw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_push=Aer7DvIlBmzL5Yv4-KFHEb_a5hMbkosW5CJqsQE0NroebYJvjBlJuPbQk767rENu2E0No4YFG2W0qoMr8bZRmxZEiR1dkCOsxtEysWE02uhBOSM6fP9Vhm4R9NPkxmKau84u7d8arf9_vtyPLcE9KvJynSSENw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvIlBmzL5Yv4-KFHEb_a5hMbkosW5CJqsQE0NroebYJvjBlJuPbQk767rENu2E0No4YFG2W0qoMr8bZRmxZEiR1dkCOsxtEysWE02uhBOSM6fP9Vhm4R9NPkxmKau84u7d8arf9_vtyPLcE9KvJynSSENw

Request Chain 106

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEFTa_dO5-twBVCx2dBQM19c&google_cver=1&google_push=Aer7DvLfvYB9VigmCgFwQKkigMA0DpxyW5lweGS35xBFJePNlh9uL4qSvbp-fcBMXNVwM91JuUNoplo3Hk7eblwj6tDgOOLnyRCQXE4wDoG9p2W9bAOMKNFATOQFv9-PxpP20WNc3DiF4ihCi-OlPspd-q2RSao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLfvYB9VigmCgFwQKkigMA0DpxyW5lweGS35xBFJePNlh9uL4qSvbp-fcBMXNVwM91JuUNoplo3Hk7eblwj6tDgOOLnyRCQXE4wDoG9p2W9bAOMKNFATOQFv9-PxpP20WNc3DiF4ihCi-OlPspd-q2RSao&google_hm=6Hft3BIiTfO4jInsV9YpMYU

Request Chain 112

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEKyGaw6s9UJT7b6pkkJEtE&google_cver=1&google_push=Aer7DvJ3knEyPkgo-2C4a-jYDfPZ3OSDAitRMb8SePGJzrRMCX1t3Fmh8HkKmihFJ2rpsTflPbXuEJvKAFE0i9Xe0kQPfYXPGTzhXVpnaAimV3Z50lvBaAY2nWOQ7XNq_6zZnS1h0oVHiX1sYsy-DN1qO50B-TQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAwOTE5MDQ3NjEzNDY1NzYwMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEKyGaw6s9UJT7b6pkkJEtE&google_cver=1

Request Chain 114

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBFAWFRd9OkpdDEBl7ONvoc&google_cver=1&google_push=Aer7DvKDQwhrRdmPLh54renYApGAuHTOpCab1fQQiECphGu4wx9TdMWkZ-6DqH8cV1JKIpMHCI4FQrVZU0GP4wjH9szb4928EizTwcaCUcDALJgxMSsilkcVhLYp4ceSdFjyyoVzJVSFx38Tm4ugtzrx8D9rIZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKDQwhrRdmPLh54renYApGAuHTOpCab1fQQiECphGu4wx9TdMWkZ-6DqH8cV1JKIpMHCI4FQrVZU0GP4wjH9szb4928EizTwcaCUcDALJgxMSsilkcVhLYp4ceSdFjyyoVzJVSFx38Tm4ugtzrx8D9rIZE&google_hm=eS16TjMwd3ZCRTJwSGtEVjcuQm41TU5NMXpCRzllWW1xMX5B

Request Chain 115

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaMXkhIlL6J_PZIvWP1hbP7LTHQImFtajsnstKRWtYwG8X8WWgh_CXCSBaKgdd14nAQY7LdIzhunLChos_w HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaMXkhIlL6J_PZIvWP1hbP7LTHQImFtajsnstKRWtYwG8X8WWgh_CXCSBaKgdd14nAQY7LdIzhunLChos_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkwODIyNzY1NTE4NzM2Njc2Mw&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaMXkhIlL6J_PZIvWP1hbP7LTHQImFtajsnstKRWtYwG8X8WWgh_CXCSBaKgdd14nAQY7LdIzhunLChos_w

Request Chain 117

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVANtx8cq7gzlqJAcixrMQD7vEsram1WqonO8RWufBUFY6w82igA0YUmXCXUdDfh3m_nY4MUu89ZZptJShes HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVANtx8cq7gzlqJAcixrMQD7vEsram1WqonO8RWufBUFY6w82igA0YUmXCXUdDfh3m_nY4MUu89ZZptJShes HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczMDk5OTk3MzMwODk5NjExMg&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVANtx8cq7gzlqJAcixrMQD7vEsram1WqonO8RWufBUFY6w82igA0YUmXCXUdDfh3m_nY4MUu89ZZptJShes

Request Chain 122

https://um.simpli.fi/gp_match?google_gid=CAESEMRvTmrc-7nzj99GznhlhGQ&google_cver=1&google_push=Aer7DvKzjcEsj-wpCUAoqTRJ8GVRhROk2xph-RLYaWsPpbaSL85asDQolt3MQZeQJD1AFvjjhmHD4vjOZJZRhtkoeFcr2x1bzEakW3xDvwrvfT7TuhjUQjHJAb-3R0diqnL6GNvpTQXTgbdAGXXMNNdAvp8nyNM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1360D7BF6D64F3491CA1542BB9FA62B&google_push=Aer7DvKzjcEsj-wpCUAoqTRJ8GVRhROk2xph-RLYaWsPpbaSL85asDQolt3MQZeQJD1AFvjjhmHD4vjOZJZRhtkoeFcr2x1bzEakW3xDvwrvfT7TuhjUQjHJAb-3R0diqnL6GNvpTQXTgbdAGXXMNNdAvp8nyNM

Request Chain 123

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPSkWQMcxKkWesWDzl3XWqn6EruXjDVePmXUDcIJZGMRqisxjAhRBW3CC5hTqcrzzkfCdbC602ckEFaCsKdA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPSkWQMcxKkWesWDzl3XWqn6EruXjDVePmXUDcIJZGMRqisxjAhRBW3CC5hTqcrzzkfCdbC602ckEFaCsKdA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgwNjU1ODQxNjAxMTExMjgzNQ&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPSkWQMcxKkWesWDzl3XWqn6EruXjDVePmXUDcIJZGMRqisxjAhRBW3CC5hTqcrzzkfCdbC602ckEFaCsKdA

Request Chain 125

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_cver=1&google_push=Aer7DvJ2b-z-38TWM0r5iektMplfNMC6-tG5etQGVkqk0kNmoWt8MG1vzcFJA-lEsszZKr_jorRgJ4dsKYLkVd_aQU0J5dggO0xggJHkglwAEqp6MWSAMWzwWplQ3gtdU9SZvI_sd86Pd7W5e_rCaCAk7o-VdKM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_push=Aer7DvJ2b-z-38TWM0r5iektMplfNMC6-tG5etQGVkqk0kNmoWt8MG1vzcFJA-lEsszZKr_jorRgJ4dsKYLkVd_aQU0J5dggO0xggJHkglwAEqp6MWSAMWzwWplQ3gtdU9SZvI_sd86Pd7W5e_rCaCAk7o-VdKM&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvJ2b-z-38TWM0r5iektMplfNMC6-tG5etQGVkqk0kNmoWt8MG1vzcFJA-lEsszZKr_jorRgJ4dsKYLkVd_aQU0J5dggO0xggJHkglwAEqp6MWSAMWzwWplQ3gtdU9SZvI_sd86Pd7W5e_rCaCAk7o-VdKM

Request Chain 126

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN-g-CSQegI9gfb7USrIYNI&google_cver=1&google_push=Aer7DvKQPrZnpgig4pLWEr7IX_eIcoT_1oxt6RwyHpfpI_pyc-dV3JsVVAmM_EDAipGjKRNlkQi24qxRfUm0kQGW7H1pMXAqMP0DPpyIJcQChrq0I7Ar-HjHrGHvOrtYtnvHJf72j3fYRuP4WRI1Ao_0wwjbbQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKQPrZnpgig4pLWEr7IX_eIcoT_1oxt6RwyHpfpI_pyc-dV3JsVVAmM_EDAipGjKRNlkQi24qxRfUm0kQGW7H1pMXAqMP0DPpyIJcQChrq0I7Ar-HjHrGHvOrtYtnvHJf72j3fYRuP4WRI1Ao_0wwjbbQ

Request Chain 127

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBo3iTR2KAQbsZKQGalH32A&google_cver=1&google_push=Aer7DvJkkIJFZZLgL7bSX9966xggDANJhRnRgJo7CPG-STA8b2--zrrulfD-ksnjgppd3zHiadbYQp5eYrhVwFVAWAJcNdYVRJXe8mBLXE-VtTz2lNFcKgBF5pVOMAugr-WgCL9WA-oTTR1EvRKRXA7kNVbbxKPP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJkkIJFZZLgL7bSX9966xggDANJhRnRgJo7CPG-STA8b2--zrrulfD-ksnjgppd3zHiadbYQp5eYrhVwFVAWAJcNdYVRJXe8mBLXE-VtTz2lNFcKgBF5pVOMAugr-WgCL9WA-oTTR1EvRKRXA7kNVbbxKPP HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 129

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBFAWFRd9OkpdDEBl7ONvoc&google_cver=1&google_push=Aer7DvIqqVCJQksPy3YMG6EFK9elfkHFVryn7ZSQ14ZnKYkDEVbuwct2TLEbx2O0z5lm1iRueLz82Pkvsc0NJQ1egOgNAY2VtkRFwSnK0P7dB_IqvS60tsyr64QAZ06AfWCNHb5_9VQW7kvnHd8It98z12VPrQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIqqVCJQksPy3YMG6EFK9elfkHFVryn7ZSQ14ZnKYkDEVbuwct2TLEbx2O0z5lm1iRueLz82Pkvsc0NJQ1egOgNAY2VtkRFwSnK0P7dB_IqvS60tsyr64QAZ06AfWCNHb5_9VQW7kvnHd8It98z12VPrQ&google_hm=eS15WXBtVmRGRTJwRm1WMEd6emFldmtXNWhERmJJS0RqbH5B

Request Chain 136

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2VcwaOd0lKkzYuAEf6KB9quKXt5Dq6Gb9An3X99Jg8CqyB75Y3u8Uz-FrjzSZNiTgiK646zZ8WaILxPLcMfUo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2VcwaOd0lKkzYuAEf6KB9quKXt5Dq6Gb9An3X99Jg8CqyB75Y3u8Uz-FrjzSZNiTgiK646zZ8WaILxPLcMfUo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM5MzQ2NTE1OTc5OTc5MzQyNg&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2VcwaOd0lKkzYuAEf6KB9quKXt5Dq6Gb9An3X99Jg8CqyB75Y3u8Uz-FrjzSZNiTgiK646zZ8WaILxPLcMfUo

Request Chain 137

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_cver=1&google_push=Aer7DvKQebWjUn3oco_NL-Sh3MZyvHFJ79h_a4bNykWWKlUE33-_ISyfE-T1ygG-_vSu_SFx2_nOhEcKmYnCUGvtWW3Lh_PiUYXvjMImoQwDGXzoQgTH9BM6_G8OIWupVzJl-grHJe3-w9Td_vGSzEx6plp5psg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_push=Aer7DvKQebWjUn3oco_NL-Sh3MZyvHFJ79h_a4bNykWWKlUE33-_ISyfE-T1ygG-_vSu_SFx2_nOhEcKmYnCUGvtWW3Lh_PiUYXvjMImoQwDGXzoQgTH9BM6_G8OIWupVzJl-grHJe3-w9Td_vGSzEx6plp5psg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvKQebWjUn3oco_NL-Sh3MZyvHFJ79h_a4bNykWWKlUE33-_ISyfE-T1ygG-_vSu_SFx2_nOhEcKmYnCUGvtWW3Lh_PiUYXvjMImoQwDGXzoQgTH9BM6_G8OIWupVzJl-grHJe3-w9Td_vGSzEx6plp5psg

Request Chain 140

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEFTa_dO5-twBVCx2dBQM19c&google_cver=1&google_push=Aer7DvJFdZY4yxTpZrSRIR6azkuRIRXelIpAQ4Y3MS5vZqj_uMKe5Rrpou17pISDuc5rk70yH_UG4n_U1OZjzCuUEju6lRIkHpiorMvmEkbLs-JOrdaMeoqegYb6PvYP1Cqsm1_VhegcEsdVZqpyzE6KaCvtQYYP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJFdZY4yxTpZrSRIR6azkuRIRXelIpAQ4Y3MS5vZqj_uMKe5Rrpou17pISDuc5rk70yH_UG4n_U1OZjzCuUEju6lRIkHpiorMvmEkbLs-JOrdaMeoqegYb6PvYP1Cqsm1_VhegcEsdVZqpyzE6KaCvtQYYP&google_hm=xGSPskfwRLyhoCNi33Q2iYU

Request Chain 141

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBo3iTR2KAQbsZKQGalH32A&google_cver=1&google_push=Aer7DvLwCXfQ21CnRdE0vG_WJ6fz9RNcZeEv0kp54qmY7DwgKXkSN6pnVMBNAM-phuJ4i56A-72XIytHHO7hwx8zHVeRL2rtV8Dz7ujCI_GmTVg8BS5GHWI3jJ9ZshYw4S9LyTsmyfagdzgFJAEJSlEPJmNeBUBP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLwCXfQ21CnRdE0vG_WJ6fz9RNcZeEv0kp54qmY7DwgKXkSN6pnVMBNAM-phuJ4i56A-72XIytHHO7hwx8zHVeRL2rtV8Dz7ujCI_GmTVg8BS5GHWI3jJ9ZshYw4S9LyTsmyfagdzgFJAEJSlEPJmNeBUBP HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

135 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pencil.evolus.vn/ 6 KB
6 KB 2590ms
283ms Document
text/html 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://pencil.evolus.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 47b97a667457b6911eb288cca7d44b0ced54aa252c2f969972b9e1b6d6d79224

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 6325
Content-Type: text/html;charset=UTF-8
Date: Mon, 10 Apr 2023 15:06:49 GMT
Server: nginx/1.6.3

GET
H2 200 css
fonts.googleapis.com/ 701 B
779 B 91ms
40ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cantora+One

Requested by

Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9f1b30405a08b924538da3ee0b397666160b86c9d63e7cadb4cbe689f13437c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:55:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 15:06:49 GMT

GET
H/1.1 200
OK common.css
pencil.evolus.vn/styling/ 8 KB
8 KB 269ms
269ms Stylesheet
text/css 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://pencil.evolus.vn/styling/common.css
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 10638ff6755524b6693243eb4f8e72ac9b1eb7be5423fd5248ad90d2ce42d273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:49 GMT
Last-Modified: Sat, 31 Dec 2022 15:10:32 GMT
Server: nginx/1.6.3
ETag: W/"7958-1672499432000"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7958

GET
H/1.1 200
OK home2.css
pencil.evolus.vn/styling/ 1 KB
2 KB 299ms
299ms Stylesheet
text/css 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://pencil.evolus.vn/styling/home2.css
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 4b16d0b1c4572bf6a6c5f75ee43b4d7fc9a9f1786d912b11b853089e3bebf240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:49 GMT
Last-Modified: Sat, 31 Dec 2022 11:43:20 GMT
Server: nginx/1.6.3
ETag: W/"1440-1672487000000"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1440

GET
H/1.1 200
OK logo-shadow.png
pencil.evolus.vn/styling/images/ 2 KB
2 KB 515ms
261ms Image
image/png 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pencil.evolus.vn/styling/images/logo-shadow.png
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 6bfa9b09b6361590a6f2b27e80ef96719d3ada4613da35ea1f61f4260a96061f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:49 GMT
Last-Modified: Tue, 21 Mar 2017 04:40:21 GMT
Server: nginx/1.6.3
ETag: W/"1560-1490071221000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1560

GET
H/1.1 200
OK Pencil-3.1.1-thumb.png
pencil.evolus.vn/images/ 184 KB
184 KB 882ms
598ms Image
image/png 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pencil.evolus.vn/images/Pencil-3.1.1-thumb.png
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 46381e82326020539235d725ce92f21cacaf97176792e1711f8720313bd7c526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:49 GMT
Last-Modified: Sat, 31 Dec 2022 11:51:48 GMT
Server: nginx/1.6.3
ETag: W/"187971-1672487508000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187971

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
32 KB 137ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5d99741415208fe83aaecb0533f2c1da68f1e695a78725af2c9dca358c8828d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32309
x-xss-protection: 0
server: cafe
etag: 6105241867745303746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:49 GMT

GET
H/1.1 200
OK grad-bg.png
pencil.evolus.vn/styling/images/ 293 B
537 B 495ms
264ms Image
image/png 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pencil.evolus.vn/styling/images/grad-bg.png
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/styling/common.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 38795da747acdd01ca77ffc22bbd54bf4141b61a64e631b8bd4979526204df6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/styling/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:50 GMT
Last-Modified: Tue, 26 Jul 2016 11:22:50 GMT
Server: nginx/1.6.3
ETag: W/"293-1469532170000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 293

GET
H/1.1 200
OK cloudy-bg.jpg
pencil.evolus.vn/styling/images/ 30 KB
30 KB 901ms
596ms Image
image/jpeg 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pencil.evolus.vn/styling/images/cloudy-bg.jpg
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/styling/common.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: c279aad751e75337d72fbe0e933070548356902f02835c87aeeaddc4187f8903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/styling/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:50 GMT
Last-Modified: Tue, 26 Jul 2016 11:22:50 GMT
Server: nginx/1.6.3
ETag: W/"30365-1469532170000"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30365

GET
H/1.1 200
OK footer-art.jpg
pencil.evolus.vn/styling/images/ 8 KB
8 KB 605ms
297ms Image
image/jpeg 125.212.248.224
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pencil.evolus.vn/styling/images/footer-art.jpg
Requested by: Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/styling/common.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 125.212.248.224 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
Software: nginx/1.6.3 /
Resource Hash: 8a85ce098d47416bdab2461386cd628c1c1dce5b0abb37e00484b11886ee574c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/styling/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Mon, 10 Apr 2023 15:06:50 GMT
Last-Modified: Tue, 26 Jul 2016 11:22:50 GMT
Server: nginx/1.6.3
ETag: W/"7945-1469532170000"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7945

GET
H2 200 gyB4hws1JdgnKy56GB_JX5zabYo.woff2
fonts.gstatic.com/s/cantoraone/v19/ 25 KB
25 KB 76ms
24ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cantoraone/v19/gyB4hws1JdgnKy56GB_JX5zabYo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cantora+One

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b18cbc41fec05b757879a8e64ed1db352ae59c718789782cc5cddfe26b7fa14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pencil.evolus.vn
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 17:51:59 GMT
x-content-type-options: nosniff
age: 508490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25296
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 19:59:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 17:51:59 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 348 KB
116 KB 80ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3726015810391051&plah=pencil.evolus.vn

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c265527920431cf96cdc189a687f9132f648fd106eae7df0de4cb861521cbcd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119045
x-xss-protection: 0
server: cafe
etag: 10036869675436846200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 10 Apr 2023 14:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 10 Apr 2023 16:05:12 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 31ms
30ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1914001351&t=pageview&_s=1&dl=https%3A%2F%2Fpencil.evolus.vn%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Pencil%20Project&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=732076717&gjid=1888154962&cid=287217939.1681139210&tid=UA-103189874-1&_gid=118134670.1681139210&_r=1&_slc=1&z=1161469034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pencil.evolus.vn/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pencil.evolus.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 94ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pencil.evolus.vn&callback=_gfp_s_&client=ca-pub-3726015810391051

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3726015810391051&plah=pencil.evolus.vn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

071888383444f9715f7c8aec6113047413015688198bdc21faf244b0551f2638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 99ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pencil.evolus.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
31ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pencil.evolus.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAED 96 KB
34 KB 1365ms
1312ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&h=90&slotname=9118354868&adk=1552096359&adf=742446909&pi=t.ma~as.9118354868&w=728&lmt=1681139209&url=https%3A%2F%2Fpencil.evolus.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139209624&bpp=15&bdt=321&idt=217&shv=r20230405&mjsv=m202304040101&ptt=5&saldr=sa&abxe=1&correlator=5974927541891&frm=20&pv=2&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&pvsid=4373354240498984&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Uo6TN6hmOH&p=https%3A//pencil.evolus.vn&dtd=247

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f438c404809272bb235dd4ae379fab79bfcf7fb4dcea3ff3075d8d9e63bbca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33884
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 15:06:51 GMT
expires: Mon, 10 Apr 2023 15:06:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame BAED 8 KB
989 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&h=90&slotname=9118354868&adk=1552096359&adf=742446909&pi=t.ma~as.9118354868&w=728&lmt=1681139209&url=https%3A%2F%2Fpencil.evolus.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139209624&bpp=15&bdt=321&idt=217&shv=r20230405&mjsv=m202304040101&ptt=5&saldr=sa&abxe=1&correlator=5974927541891&frm=20&pv=2&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&pvsid=4373354240498984&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Uo6TN6hmOH&p=https%3A//pencil.evolus.vn&dtd=247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 13:50:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 15:06:51 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame BAED 2 KB
818 B 92ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame BAED 22 KB
9 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame BAED 3 KB
1 KB 73ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 07:26:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame BAED 20 KB
8 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BAED 159 KB
49 KB 90ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:51 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame BAED 34 KB
15 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:36:02 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame BAED 0
0 72ms
71ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cxk82CiY0ZKifAbOF5LcP57G50AHDz8rjb7iZjc38D4Cnh7KRDhABINuqjSdglfrwgYwHoAGwwJ_rA8gBCakCHnDbWkVOsj6oAwHIA8sEqgTSAU_QlV0k_2mR5Crj3Lm0JLnL15WA3JILv3GmOLX4GKHHEwKea7Kp2l50GwlmwmhejOa69ezN9a4SSpRCXJPJ45kmbHIBmi9Q8xrH9ViDh7ORcbk-BLraEmt6BpRGIU-FYn_H56tGD9rst0O3sN5Tq9FMo3P5srroTqy2Ey76ajPzOHqBNsDLzVc3XBghbP3g96SSVh7DDARgNtGZNMI8l626WCV6mGTBk7a6h-1ix7AyDLHzPQ3PFEzsc4Z05lkbfyafkgs4_-8gYg3APZ2BpUiGR8AE8cX4p_8DkgUECAQYAZIFBAgFGASgBi6AB_HgxUCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRD6gsYE0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzcyNjAxNTgxMDM5MTA1MRgA&sigh=Px3qz9xIgTo&uach_m=[UACH]&cid=CAQSGwDUE5ymFrsxDkHsfRXwBGPf7DaHC835lGcFCxgB&template_id=5000

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&h=90&slotname=9118354868&adk=1552096359&adf=742446909&pi=t.ma~as.9118354868&w=728&lmt=1681139209&url=https%3A%2F%2Fpencil.evolus.vn%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139209624&bpp=15&bdt=321&idt=217&shv=r20230405&mjsv=m202304040101&ptt=5&saldr=sa&abxe=1&correlator=5974927541891&frm=20&pv=2&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=839&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&pvsid=4373354240498984&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Uo6TN6hmOH&p=https%3A//pencil.evolus.vn&dtd=247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 15:06:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 10 Apr 2023 15:06:51 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1789615336092379331/ Frame BAED 3 KB
4 KB 80ms
40ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1789615336092379331/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fd4424ef3dadf50fd65707e032f48a1cd4e6ab7651082c14c915b43c01ba3f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 10:46:53 GMT
x-content-type-options: nosniff
age: 274798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3548
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 22:46:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 10:46:53 GMT

GET
DATA 200
OK truncated
/ Frame BAED 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BAED 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BAED 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69437ad9c6baf6296dbbfc3dac2f376f54a3e5318777e14674b961b68110a80c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame BAED 29 KB
29 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 21:55:12 GMT
x-content-type-options: nosniff
age: 580299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Apr 2024 21:55:12 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7869479c5a10117cd05bf7582326ed8f777907f8fe61ee0d84aa8bde3ad5f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47923
x-xss-protection: 0
server: cafe
etag: 7853543658386481805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 119ms
73ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

493d4cb5c4fde7d45e13064c2005dc7991c22ce6360e37773a67276acd502f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11220
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 89EC 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 10 Apr 2023 15:06:51 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame 13CA 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 07:12:51 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 07:12:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 32ms
30ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pencil.evolus.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 32ms
31ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pencil.evolus.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D670 582 KB
112 KB 2378ms
2378ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&adk=1812271804&adf=3025194257&lmt=1681139211&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fpencil.evolus.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139211668&bpp=2&bdt=2365&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De70ec82ea3ba937b-2223b2a88add0054%3AT%3D1681139209%3ART%3D1681139209%3AS%3DALNI_MbQVTRpv-6zLbDn-mmjyMP9_jqZhQ&gpic=UID%3D00000bd3b178af18%3AT%3D1681139209%3ART%3D1681139209%3AS%3DALNI_Mal2sWb4ZYXy3Jv7WTamkAmndRxjw&prev_slotnames=9118354868&nras=1&correlator=5974927541891&frm=20&pv=1&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&psts=AHQMDFd9XjVuCBnu30K3Z0mE1gcr1fAP86Dn-iy-x78YAuTX7_BIh9CHatx0_xwmz_eTXBk1F_k2Dvl-JLm3QFOuzQxsLQ&pvsid=4373354240498984&tmod=884985492&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=27

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d83daae3181ff7263ab22c41f8af8c9d5325d8f3ce0350052409069bb18bd7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 114860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 15:06:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1248 13 KB
5 KB 24ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 13:50:36 GMT
expires: Tue, 09 Apr 2024 13:50:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4573 783 B
1 KB 88ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fffecaffac4bd07c40940435c24f57eb7af162289abc43eec815f93acb3ddd8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m0qWkE-7w9tNl6KKtP8srA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-m0qWkE-7w9tNl6KKtP8srA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 15:06:51 GMT
expires: Mon, 10 Apr 2023 15:06:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1248 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4573 0
0 55ms
54ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230405&jk=4373354240498984&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1248 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QewH_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230405&jk=4373354240498984&bg=!QEOlQxfNAAYIJb0jKCU7ADkAdvg8WsMsdJ9Flx8yQNukQ9tTSXndIbnNoetbQhcFYfVx-DEx9bGXkXfTYMFR-5DL2xjbqLjJji0CAAAAUlIAAAAKaAEHmQK0Rcqi6s0HQKSLXseSB1AmKrRlQFKwRcsHfjCZg-f9ZLFjDB4OyOs85ROmGQRu_cf7svsFO8HcT2ubfogXWy2ZrXRVwxMifYByrEBgBFJj6Mu8M7AIOzbcCgJ0VzElIkDI7glcFSi9xusEJoxlYG8OUNPCoI3M20-AWijfxq87tjb6_trxXXn4qWd5datOLaYiZC1gTZf4pCJFoF6fFMfQ4drF7mH8YVbxBI7frpg3Q43SHCx3HNA9PvxOLOGCgo8cMN06S3pvztRPW-SMUhaZTh_9u-K6oro6_k3irHuwJiQRD3qzsf_87Nft_ZvbLsaRL3VRFTo_THg9YC2frgs0qQmbf6rawIvcZrt5l0B2rFG8MkF-F0PHgWgo2lLs216np_TJFczp9KjP6UC-QGnlhAcUegoFljjPbyeijgkzdinWmq0IS6XiRDFljIJ_CTc7K7q2xekDYssLxEjz8RB_6quK6ucW_ULMQC917rukAb9oWvfs4hwTTPaqdsB1r9sahQA02Lsmhb-RI3grLyMDS-MtP7NOli2WXAE2AFlJAmVyEqgu5vP6WFCkn8Ns2OvQH2WnX6NPn05n5ERApeHaHmyDWkQa5Idwdva7PYMET3Zp3uYxrU0nZsSnaWEJ3n5SvMEKmMOn77PRmUR0Zs3BSwEjxYoiFRE-zx3-ZmvF-_qEtE7RrWIkRZg4X7aaalZKff9shhnd6SkFlZGb-FJdSY0HWMSy0TpTjANjfrx3sYd13yifs7ayM0VxHoCKX_7XhyaL2kZU7_8HKIZHUdm-kcd7zXWbUJ21j8bzUPMfIVtJJSsPP8GuLBfIo0CexbN6vYZjPekoPaVO7mPGB8ROjfieRMt4Bv3UKqG2md48o_PtDSXc0scIX3bOzjXL_zb-lzty0Q_w8682t-tbPkTIGHmXICM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BAED 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNpqXppJxz4OGXG6DbfkXb14OnoZ3Ca9q8I3_alCFylB3NR1-LQ475hgukSgCm6LcGiGE3aQlroQtv1V1dnpxG1gGW0498FRg3DecwCeEDrCU20TKMtAaZl6dxuaLfHPDHvedT9g&sai=AMfl-YS330KquNCSJUo0NDTqJ5VbI_sROmvZubqn5FPzHl4Q_4u5URHWNfVr96wewf5-kVeNAt3F1oh5nfHy&sig=Cg0ArKJSzNZ99JaNfgUsEAE&cid=CAQSGwDUE5ymFrsxDkHsfRXwBGPf7DaHC835lGcFCxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230405&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1552096359&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681139209873&rpt=1661&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D670 0
20 B 55ms
55ms Ping
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20230405&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3726015810391051&output=html&adk=1812271804&adf=3025194257&lmt=1681139211&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fpencil.evolus.vn%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681139211668&bpp=2&bdt=2365&idt=2&shv=r20230405&mjsv=m202304040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De70ec82ea3ba937b-2223b2a88add0054%3AT%3D1681139209%3ART%3D1681139209%3AS%3DALNI_MbQVTRpv-6zLbDn-mmjyMP9_jqZhQ&gpic=UID%3D00000bd3b178af18%3AT%3D1681139209%3ART%3D1681139209%3AS%3DALNI_Mal2sWb4ZYXy3Jv7WTamkAmndRxjw&prev_slotnames=9118354868&nras=1&correlator=5974927541891&frm=20&pv=1&ga_vid=287217939.1681139210&ga_sid=1681139210&ga_hid=1914001351&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755&oid=2&psts=AHQMDFd9XjVuCBnu30K3Z0mE1gcr1fAP86Dn-iy-x78YAuTX7_BIh9CHatx0_xwmz_eTXBk1F_k2Dvl-JLm3QFOuzQxsLQ&pvsid=4373354240498984&tmod=884985492&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/ 149 KB
51 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304040101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d6144484305a17113cb4561606497565783bee40888abbe1afa8525b446bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51875
x-xss-protection: 0
server: cafe
etag: 10815500715052384776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pencil.evolus.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pencil.evolus.vn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pencil.evolus.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 2CCD 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 07:04:37 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 07:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 808A 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 07:04:37 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 07:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 87B3 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 07:04:37 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 07:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame C146 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pencil.evolus.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28937
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 07:04:37 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 07:04:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 2CCD 4 KB
632 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:19:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2CCD 205 B
518 B 23ms
22ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:00:22 GMT
x-content-type-options: nosniff
age: 392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Apr 2024 15:00:22 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2CCD 604 B
694 B 24ms
23ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:50:15 GMT
x-content-type-options: nosniff
age: 999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Apr 2024 14:50:15 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame 2CCD 19 KB
8 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 22:11:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8171
x-xss-protection: 0
server: cafe
etag: 2240023182167719722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 22:11:22 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 808A 22 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 5254890072864709087
tpc.googlesyndication.com/simgad/ Frame 808A 10 KB
10 KB 25ms
25ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5254890072864709087?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm-Mt8nTppp8RpMImIQoacOQiwJWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e24b48d209714884766c0814825484d6e50e559e196399bbc5f6abd76769ba83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 12:20:03 GMT
x-content-type-options: nosniff
age: 442011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10541
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 16:20:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 04 Apr 2024 12:20:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 808A 3 KB
1 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 07:26:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 808A 20 KB
8 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 808A 0
0 37ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQdYz-VkHvhxg-zVk1_WKPptSjIiRhmu7uUp2VYu8xdTNkqIXduy7mdN7_sYf-esEzbH-4yry33Qhta09yBmD8ljH0s5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 808A 159 KB
49 KB 42ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 808A 32 KB
13 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:28:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13331
x-xss-protection: 0
server: cafe
etag: 1527815087941412852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:28:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 87B3 8 KB
893 B 36ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 15:02:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 87B3 2 KB
765 B 38ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 87B3 22 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 87B3 3 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 07:26:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 87B3 20 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 87B3 0
0 31ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSu15K6EyB0mSbCPPrlm4NG0iY1hlrgG4fhgJeA7IM1DMF1a31c0cNg1C62dWPCw-f1mdAAjH9ZWBgF_cmsHOjP8t6_sA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87B3 159 KB
49 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 87B3 34 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:36:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C146 8 KB
893 B 36ms
35ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:46:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C146 2 KB
765 B 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C146 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7i1ZCyY0ZNvyMJCGkgPWgIvoAuHF-M5u_M-e66oLp7DTxKcPEAEg26qNJ2CV-vCBjAegAcixqc0DyAEJqAMByAPLBKoE3AFP0HbuOBEfUVtcoTQQ2Nd0_CFLq6XPFbTUJ5cwG3b483dP4gebYNmtCesQfERrtiWuWpzmvk-38bZytvt3q_q9n58NPKcKTYENdxTwoCBLGKZo26W4n7K8lqV0_a4dnt_kut9PC3ZuIkK-B4MHnTLlTsCJeNv132cyr3ftM5_37NXUrcGxVP6YLXOtNBbg6K1zbp2oDDk5RqHAnf5hvjphOij3t2RsNzHLF3m12KzHMP10g7yiZJTYZkZm_bmB7r1BTCDmp74FA_o9wroCMVQA5vT6Ln4gJtcQwlo_wASe3eG46gGSBQQIBBgBkgUECAUYBKAGLoAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcFEL2MxAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUDdAVAYAXAbIXHAoaCAASFHB1Yi0zNzI2MDE1ODEwMzkxMDUxGAA&sigh=9kkJ3cK3Zs4&uach_m=[UACH]&cid=CAQSPADUE5ymEEboLueycFoSiAEPagYqGSgmamMaEwWVJwzEb0fiaBtDcYCyUV4N_I4d4hkmvftIKYSbDzcj3hgB&template_id=5000

Requested by

Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 15:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame C146 22 KB
9 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C146 3 KB
1 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 07:26:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame C146 20 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C146 0
0 32ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTR7YCPBZP1xELy6MBXgJMBKu5uHKkA-pSzlsE827ilDCdU_VrZhF383Mbs73Vo6f-b67Cu0bvUkuHixp1ulY_muEK-ZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C146 159 KB
49 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H2 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame C146 34 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:36:02 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame C146 9 KB
9 KB 33ms
32ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:01:36 GMT
x-content-type-options: nosniff
age: 29118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9591
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 07:01:36 GMT

GET
DATA 200
OK truncated
/ Frame C146 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C146 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 6ad0e37510f8e3483bebad31dbd0e18a.js Show response
www.gstatic.com/mysidia/ Frame 19C2 9 KB
4 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ad0e37510f8e3483bebad31dbd0e18a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4014
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 19:40:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jul 2023 23:27:11 GMT

GET
H3 200 b25e71b552073d71861578b1ee1a0551.js Show response
www.gstatic.com/mysidia/ Frame 19C2 136 KB
50 KB 28ms
24ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b25e71b552073d71861578b1ee1a0551.js?tag=video_mra/web_interstitial_raspberry_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c7b032f96a816d12f24b565bce67a700287066a14897833c4047a1632cfb68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51266
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 12:45:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 19C2 8 KB
893 B 34ms
31ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 14:08:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 19C2 2 KB
765 B 24ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 19C2 22 KB
9 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 19C2 3 KB
1 KB 30ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 07:26:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 19C2 20 KB
8 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 20:01:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 23 Apr 2023 20:01:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 19C2 0
0 34ms
32ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQitKPXyQyVOezjXbHCsAML44Ry7Cq0hCXHtrjwonbfeN1XOXI0gM3-oCyHPXQq4M1S-d37ciFJAxU57zegO2G6HRXhTQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 19C2 159 KB
49 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49753
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1680694322409811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Apr 2023 15:06:54 GMT

GET
H3 200 44008b7cb3297f7f50c87c2397b9ea58.js Show response
www.gstatic.com/mysidia/ Frame 19C2 34 KB
14 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/44008b7cb3297f7f50c87c2397b9ea58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 14:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14387
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 16:44:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 14:36:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDF2 143 B
166 B 21ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 14:56:41 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B7F9 1 KB
643 B 24ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 22C1 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 68C2 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C146 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 798ae74d153fcb55c89ac49cff64c549c08cb022fc4171e677ebe5cfc66c57c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4672 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18062
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 10:05:52 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 10:05:52 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame B7F9 35 B
464 B 87ms
24ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIoynA0J7WrCQMeeTW_lHm0&google_cver=1&google_push=Aer7DvIvnsdak71bGaPJeg6Ydqm8f4kQppCNaCK2NKK1RzeYvSARpdmS08b49pWC9YFS52jXI4K4dzapdCiWoaaAoOimODtUw6YTMtST14HKDquvmqFujhMy7CA3mp7kQlhwJb_UYCpqDVw9weNc6KHuMmXUEWQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame B7F9 0
104 B 277ms
72ms Image
text/plain 2a02:fa8:8806:20::2010

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDOrj9HTIIrnBCCbv4bw1DA&google_cver=1&google_push=Aer7DvJORiP5JxJvaBrTIahqpcYGgZJft4tsERyCzp5SmAPGWfe2uIB_uBGSvzy_rfFAUfJpWtea8Dr_G-JXOEi0o6xPQsfZ-baDnUW-KiTW-pfqGCd6WdrO1EWVMNAsheIGzNCftLtT_w4duK-Fz0U8j0z8U7Y
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B7F9
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEPGlWaJMx29CrwYaTHgEFNE&google_cver=1&google_push=Aer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPGlWaJMx29CrwYaTHgEFNE&google_cver=1&google_push=Aer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHH...

43 B
447 B

213ms
196ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPGlWaJMx29CrwYaTHgEFNE&google_cver=1&google_push=Aer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b5be57d68e32bbe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 363
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPGlWaJMx29CrwYaTHgEFNE&google_cver=1&google_push=Aer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvKmO85n59h1USEHN-w289vXwTKr4BiCKjKPbHXVbe5i1qI2BxqCgFkoKN6lltb_T3p5QzE1itW4sqGlqsdH6AKUbNd1SHHyR9Rt6TajcH1WoCyUVLzjQpRSGnwnKS0tYug1dpuzkOjq_XnYbp0lURra_MA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b5be57bce6c2bbe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B7F9 70 B
265 B 156ms
48ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPm73hJCqo3K2gfPQD_rSfk&google_cver=1&google_push=Aer7DvIDewQfn-gtakLHdNyj5boqrlJLdjd4rEHK9xhXuPOSlVjh8P17t64aMHYRxpLENk5l_lds2EXk71fzLcyQCVXTNXQcjGg4WbEgeItV_d0vDoS4dJeX3c5eMVyW5pb5JeICA_D-oyGyzL49--7-LNJBzA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B7F9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvIlBmzL5Yv4-KFHEb_a5hMbkosW5CJqs...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvIlBmzL5Yv4-KFHEb_a5hMbkosW5CJqsQE0NroebYJvjBlJuPbQk767rENu2E0No4YFG2W0qoMr8bZRmxZEiR1dkCOsxtEysWE02uhBOSM6fP9Vhm4R9NPkxmKau84u7d8arf9_vtyPLcE9KvJynSSENw

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Apr 2023 15:06:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvIlBmzL5Yv4-KFHEb_a5hMbkosW5CJqsQE0NroebYJvjBlJuPbQk767rENu2E0No4YFG2W0qoMr8bZRmxZEiR1dkCOsxtEysWE02uhBOSM6fP9Vhm4R9NPkxmKau84u7d8arf9_vtyPLcE9KvJynSSENw
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame B7F9 43 B
296 B 168ms
38ms Image
image/gif 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOzlLc1XzXqzfqvAazckUE4&google_cver=1&google_push=Aer7DvJrn_5JLW8t9GAD-Mi07aA_ForQ1r9KmtADOWLc-7TUmrIEMJhTQCzer-JJwj9GDJZwKQ4YkouUXwv0Iybi_W3mH6KRdri2LKZYK07ApvVt0sY8brXUGw2ZGl_moVJYEDGlKiF1zf18S_Zah8AbVk8hTRI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B7F9
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEFTa_dO5-twBVCx2dBQM19c&google_cver=1&google_push=Aer7DvLfvYB9VigmCgFwQKkigMA0DpxyW5lweGS35xBFJePNlh9uL4qSvbp-fcBMXN...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLfvYB9VigmCgFwQKkigMA0DpxyW5lweGS35xBFJePNlh9uL4qSvbp-fcBMXNVwM91JuUNoplo3Hk7eblwj6tDgOOLnyRCQXE4wDoG9p2W9bA...

170 B
329 B

32ms
31ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLfvYB9VigmCgFwQKkigMA0DpxyW5lweGS35xBFJePNlh9uL4qSvbp-fcBMXNVwM91JuUNoplo3Hk7eblwj6tDgOOLnyRCQXE4wDoG9p2W9bAOMKNFATOQFv9-PxpP20WNc3DiF4ihCi-OlPspd-q2RSao&google_hm=6Hft3BIiTfO4jInsV9YpMYU

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvLfvYB9VigmCgFwQKkigMA0DpxyW5lweGS35xBFJePNlh9uL4qSvbp-fcBMXNVwM91JuUNoplo3Hk7eblwj6tDgOOLnyRCQXE4wDoG9p2W9bAOMKNFATOQFv9-PxpP20WNc3DiF4ihCi-OlPspd-q2RSao&google_hm=6Hft3BIiTfO4jInsV9YpMYU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B7F9 0
130 B 98ms
30ms Image
text/html 172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J4yp7_xZoWOqsv_CBL3jxFTIqG8wgpdWz5p7LnYEPM5eYdvvCkuo_4bVHYijfNoZMifyCBCg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6528039975527766319/ Frame 87B3 9 KB
9 KB 21ms
21ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6528039975527766319/14763004658117789537?w=400&h=209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 07:01:36 GMT
x-content-type-options: nosniff
age: 29118
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9591
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 15:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 09 Apr 2024 07:01:36 GMT

GET
DATA 200
OK truncated
/ Frame 87B3 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 87B3 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 87B3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56cace5cf7edbe34980ac32f65901bf3ecda9c735cb71394321b9963c0391887

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 22C1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEKyGaw6s9UJT7b6pkkJEtE&google_cver=1&google_push=Aer7DvJ3knEyPkgo-2C4a-jYDfPZ3OSDAitRMb8SePGJzrRMCX1t3Fmh8HkKmihFJ2rpsTflPbXuEJvKAFE0i9Xe0kQPfYXPGTzhX...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTAwOTE5MDQ3NjEzNDY1NzYwMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEKyGaw6s9UJT7b6pkkJEtE&google_cver=1

43 B
398 B

29ms
28ms

Image
image/gif

2001:678:cb4:bbbb::11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEKyGaw6s9UJT7b6pkkJEtE&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEEKyGaw6s9UJT7b6pkkJEtE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 22C1 35 B
464 B 64ms
24ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIoynA0J7WrCQMeeTW_lHm0&google_cver=1&google_push=Aer7DvL_goSy8zxvxbTv2tJqmTd0A6RRv4-MhkdtBqt3vPDnm_XDCZ5S1AM9u06NnaPDVSf80w5uB3u73T_MTrFJlm5tF9MKjDZZo6UzQVKi5eyjI3QKmt0zEx2j8TRFtVDquT4X1N2SMad4hgnlQmIbNbjWyWo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 22C1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBFAWFRd9OkpdDEBl7ONvoc&google_cver=1&google_push=Aer7DvKDQwhrRdmPLh54renYApGAuHTOpCab1fQQiECphGu4wx9TdMWkZ-6DqH8cV1JKIpMHCI4FQrVZU0GP4wjH9szb492...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKDQwhrRdmPLh54renYApGAuHTOpCab1fQQiECphGu4wx9TdMWkZ-6DqH8cV1JKIpMHCI4FQrVZU0GP4wjH9szb4928EizTwcaCUcDALJgxMSsilkcVhLYp4ceSdFjyy...

170 B
232 B

34ms
34ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKDQwhrRdmPLh54renYApGAuHTOpCab1fQQiECphGu4wx9TdMWkZ-6DqH8cV1JKIpMHCI4FQrVZU0GP4wjH9szb4928EizTwcaCUcDALJgxMSsilkcVhLYp4ceSdFjyyoVzJVSFx38Tm4ugtzrx8D9rIZE&google_hm=eS16TjMwd3ZCRTJwSGtEVjcuQm41TU5NMXpCRzllWW1xMX5B

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKDQwhrRdmPLh54renYApGAuHTOpCab1fQQiECphGu4wx9TdMWkZ-6DqH8cV1JKIpMHCI4FQrVZU0GP4wjH9szb4928EizTwcaCUcDALJgxMSsilkcVhLYp4ceSdFjyyoVzJVSFx38Tm4ugtzrx8D9rIZE&google_hm=eS16TjMwd3ZCRTJwSGtEVjcuQm41TU5NMXpCRzllWW1xMX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaMXk...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkwODIyNzY1NTE4NzM2Njc2Mw&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaM...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkwODIyNzY1NTE4NzM2Njc2Mw&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaMXkhIlL6J_PZIvWP1hbP7LTHQImFtajsnstKRWtYwG8X8WWgh_CXCSBaKgdd14nAQY7LdIzhunLChos_w

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzkwODIyNzY1NTE4NzM2Njc2Mw&google_push=Aer7DvIz3c-L3eZvqTr88r0Kq-2cTOXehKmQSQWOGXVXl6PZQVS1OWqAt4SU-ULYNnkr9RHQqE5eaMXkhIlL6J_PZIvWP1hbP7LTHQImFtajsnstKRWtYwG8X8WWgh_CXCSBaKgdd14nAQY7LdIzhunLChos_w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 22C1 42 B
213 B 115ms
31ms Image
image/gif 34.160.236.64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBiLs-ipdYwtJT5cihLQQ6k&google_push=Aer7DvJJekugE7HBxB0OKhkvzwOS-6VkYqSmOcEvPOSDWa9or8JSEfBVn_6_Kwi5uSOiC14656RDAk-qPwlInkIgL6Gw3pnSzXjZMQZfj1R0--zzPbUmNmEH5biS7OYoJ1RYh9XTGD2-2Cv6N4Vhw1v2jNJxlc4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 22C1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVANt...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2d...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczMDk5OTk3MzMwODk5NjExMg&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVA...

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczMDk5OTk3MzMwODk5NjExMg&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVANtx8cq7gzlqJAcixrMQD7vEsram1WqonO8RWufBUFY6w82igA0YUmXCXUdDfh3m_nY4MUu89ZZptJShes

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjczMDk5OTk3MzMwODk5NjExMg&google_push=Aer7DvLm6AxJaxEqKo-O7S-aOPjty2Qy3oHiHWAzwv6XI_dXH34JrSCKs4Qk7qNGDr3Vxn7wI2dOVANtx8cq7gzlqJAcixrMQD7vEsram1WqonO8RWufBUFY6w82igA0YUmXCXUdDfh3m_nY4MUu89ZZptJShes
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 22C1 43 B
297 B 145ms
37ms Image
image/gif 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOzlLc1XzXqzfqvAazckUE4&google_cver=1&google_push=Aer7DvJuS-Tg3_4DE5J5XU4t3qrUAVT_b7NtVTuASTh5Px3ZsTE4lrQNMaNqd1_DClgJ_rXrJS8-uizTojk344pnRVqaka9d2gMpUC3V44hXKacMkYEcqKj6OuhiY8ltI_ScVreyX3w0cQEzqeY0uhofpCPqzh0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 22C1 0
40 B 78ms
31ms Image
text/html 172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LcrJChW-9cATS6flWLM4Wo_g0IKcn5dqdvRJwf9LezhF8s8Ojkb005Q-CjLMeE7xNHJnWS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 808A 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8dfbfc75ceabbc69e70b23bd4fc5290e4155f205e0ed944fa9ef8818c13654

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 68C2 0
103 B 233ms
73ms Image
text/plain 2a02:fa8:8806:20::2010

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDOrj9HTIIrnBCCbv4bw1DA&google_cver=1&google_push=Aer7DvJY5d5QPSxB8iVZAAvUEDdOyiGtx5HRC-8uhVE5vfU3iWvro9f6gTZN4aZV-eHunm4oHfVFlIgh51NPTyAzlZdsWwA7mWdA7sd8kt28kdhiEJjteZBCbM5y75fO0Uayu4WsfRjb8IENBTL0iWIFCx5HXVU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 68C2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMRvTmrc-7nzj99GznhlhGQ&google_cver=1&google_push=Aer7DvKzjcEsj-wpCUAoqTRJ8GVRhROk2xph-RLYaWsPpbaSL85asDQolt3MQZeQJD1AFvjjhmHD4vjOZJZRhtkoeFcr2x1bzEakW3...
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1360D7BF6D64F3491CA1542BB9FA62B&google_push=Aer7DvKzjcEsj-wpCUAoqTRJ8GVRhROk2xph-RLYaWsPpbaSL85asDQolt3MQZeQJD1AFvjjhmHD4vjOZJZRhtk...

170 B
232 B

32ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1360D7BF6D64F3491CA1542BB9FA62B&google_push=Aer7DvKzjcEsj-wpCUAoqTRJ8GVRhROk2xph-RLYaWsPpbaSL85asDQolt3MQZeQJD1AFvjjhmHD4vjOZJZRhtkoeFcr2x1bzEakW3xDvwrvfT7TuhjUQjHJAb-3R0diqnL6GNvpTQXTgbdAGXXMNNdAvp8nyNM

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A1360D7BF6D64F3491CA1542BB9FA62B&google_push=Aer7DvKzjcEsj-wpCUAoqTRJ8GVRhROk2xph-RLYaWsPpbaSL85asDQolt3MQZeQJD1AFvjjhmHD4vjOZJZRhtkoeFcr2x1bzEakW3xDvwrvfT7TuhjUQjHJAb-3R0diqnL6GNvpTQXTgbdAGXXMNNdAvp8nyNM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 09 Apr 2023 15:06:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68C2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPSkW...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dh...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgwNjU1ODQxNjAxMTExMjgzNQ&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPS...

170 B
188 B

41ms
40ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgwNjU1ODQxNjAxMTExMjgzNQ&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPSkWQMcxKkWesWDzl3XWqn6EruXjDVePmXUDcIJZGMRqisxjAhRBW3CC5hTqcrzzkfCdbC602ckEFaCsKdA

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgwNjU1ODQxNjAxMTExMjgzNQ&google_push=Aer7DvJ-d5XTX3qnS8S_7yn6eS0FzSz9xMUyJoRkjT1X8H5EHs8136oMvCfRRJAG7OQzbuqG6dhMPSkWQMcxKkWesWDzl3XWqn6EruXjDVePmXUDcIJZGMRqisxjAhRBW3CC5hTqcrzzkfCdbC602ckEFaCsKdA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 68C2 43 B
351 B 84ms
32ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEK_V3U-1EV6T0YORR9OhRsE&google_cver=1&google_push=Aer7DvIjdVlmcV0TCU_AV6s1Bc3ZFR-tig9q5TRE65DgIL7cpyCTOtLraMpD9qx8oeRbdHi6XTqcx3acbPe8Gte27xFQA86BjVpmYowtBanH5AT2QpRe0lHX6JnTqt7HcaYwda4pDWpYlVsRAwacHXqN1CLxoTo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: m4kk5tppsdgfbb3q8scl92mhvm9i3d3d

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 68C2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvJ2b-z-38TWM0r5iektMplfNMC6-tG5e...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvJ2b-z-38TWM0r5iektMplfNMC6-tG5etQGVkqk0kNmoWt8MG1vzcFJA-lEsszZKr_jorRgJ4dsKYLkVd_aQU0J5dggO0xggJHkglwAEqp6MWSAMWzwWplQ3gtdU9SZvI_sd86Pd7W5e_rCaCAk7o-VdKM

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Apr 2023 15:06:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvJ2b-z-38TWM0r5iektMplfNMC6-tG5etQGVkqk0kNmoWt8MG1vzcFJA-lEsszZKr_jorRgJ4dsKYLkVd_aQU0J5dggO0xggJHkglwAEqp6MWSAMWzwWplQ3gtdU9SZvI_sd86Pd7W5e_rCaCAk7o-VdKM
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 68C2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEN-g-CSQegI9gfb7USrIYNI&google_cver=1&google_push=Aer7DvKQPrZnpgig4pLWEr7IX_eIcoT_1oxt6RwyHpfpI_pyc-dV3JsVVAmM_EDAipGjKRNlkQi24qxRfUm0...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKQPrZnpgig4pLWEr7IX_eIcoT_1oxt6RwyHpfpI_pyc-dV3JsVVAmM_EDAipGjKRNlkQi24qxRfUm0kQGW7H1pMXAqMP0DPpyIJcQChrq0I7Ar-HjH...

170 B
232 B

33ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKQPrZnpgig4pLWEr7IX_eIcoT_1oxt6RwyHpfpI_pyc-dV3JsVVAmM_EDAipGjKRNlkQi24qxRfUm0kQGW7H1pMXAqMP0DPpyIJcQChrq0I7Ar-HjHrGHvOrtYtnvHJf72j3fYRuP4WRI1Ao_0wwjbbQ

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKQPrZnpgig4pLWEr7IX_eIcoT_1oxt6RwyHpfpI_pyc-dV3JsVVAmM_EDAipGjKRNlkQi24qxRfUm0kQGW7H1pMXAqMP0DPpyIJcQChrq0I7Ar-HjHrGHvOrtYtnvHJf72j3fYRuP4WRI1Ao_0wwjbbQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 68C2
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBo3iTR2KAQbsZKQGalH32A&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvJkkIJFZZLgL7bSX9966xggDANJhRnRgJo7CPG-STA8b2--zrrulfD-ksnjgppd3zHiadbYQp5eYrhVwFVAWAJcNdYVRJXe8mBLXE-VtTz2lNFcK...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

63ms
62ms

Image
image/gif

104.102.35.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Mon, 10 Apr 2023 15:06:54 GMT
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 68C2 0
40 B 54ms
32ms Image
text/html 172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iwts3DBb-412Ewdnvatv3x1uhmUQLTy72HiW38V78JrdeIbtfFK5_3XLN5lEHf9gTsyNt7Dw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDF2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
37ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 15:06:54 GMT
expires: Mon, 10 Apr 2023 15:06:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 15:06:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame E1BE 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4196 36 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 808A 0
19 B 92ms
92ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiCRACyY0ZNnyMJCGkgPWgIvoAvK07sFv-7_H-ecQo5X0_QgQASDbqo0nYJX68IGMB6ABpYGB5gPIAQKoAwHIA8kEqgTcAU_Q9281Sfs0XmP7KFZVLsAWl0JD-meSrH8fJ4xE36NQuHBpRsldAXgFz35ERJAmRLmsX9_1RhA6be8NlaW-T6786rg6mBGWr9Nd_azDDpMUB3JnViSGlqin6Q7sLieVLzwEW8uNaS75z-jjhOzaWII9O8Q0ZmXBmMs4vZ1NOGKrkBusVxUyYw5SrnXXQ-76OvxS9_c3fQ5pXSXifr858acyjZ_EZIfw1HDUek1ph4OLxJ2CHjRbUjjlVqQkf9TtjHgok4fXoFjrkgDynsGdggPJEsaobD8UrXkSanrABPmqqvqhBJIFBAgEGAGSBQQIBRgEoAYCgAfD_v4ZqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ49VM0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItMzcyNjAxNTgxMDM5MTA1MRgA&sigh=imiUf6vdBRw&uach_m=[UACH]&cid=CAQSPADUE5ymEEboLueycFoSiAEPagYqGSgmamMaEwWVJwzEb0fiaBtDcYCyUV4N_I4d4hkmvftIKYSbDzcj3hgB&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 15:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 87B3 0
19 B 65ms
64ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_k5RCyY0ZNryMJCGkgPWgIvoAuHF-M5u_M-e66oLp7DTxKcPEAEg26qNJ2CV-vCBjAegAcixqc0DyAEJqAMByAPLBKoE2wFP0E-DeKVNqSrtlD3RsNo0wbRID8cLCvFTbyBZvUWu044x36tGOzsE8tP-wLxI8mOS7yLx6ooYKhu9qRi5uc6LbF7XHwfnkoNBGHqmhVp6UjS_XBR8UXd7bDgGExYts_AYEHXaX-qGGdLF6mRLgPxWVqUD5T7TAACpdqCFEIIciPiQrZc93hiTw8KrkYhR7KaclKpIFG9LAv1dIVgawUjWM2hHd44vfrj9SZ9oBfmVM92LMf-MqoJE3M083bpGxstvPzg4nl9o73rOl0tLTwXw3iYHytpdEpslXubABJ7d4bjqAZIFBAgEGAGSBQQIBRgEoAYugAfk6uI1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiKxa0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFA3QFQGAFwGyFxwKGggAEhRwdWItMzcyNjAxNTgxMDM5MTA1MRgA&sigh=xnu-1nEILM0&uach_m=[UACH]&cid=CAQSPADUE5ymEEboLueycFoSiAEPagYqGSgmamMaEwWVJwzEb0fiaBtDcYCyUV4N_I4d4hkmvftIKYSbDzcj3hgB&template_id=5000&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 10 Apr 2023 15:06:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A8C 36 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: pencil.evolus.vn
URL: https://pencil.evolus.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4672
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBFAWFRd9OkpdDEBl7ONvoc&google_cver=1&google_push=Aer7DvIqqVCJQksPy3YMG6EFK9elfkHFVryn7ZSQ14ZnKYkDEVbuwct2TLEbx2O0z5lm1iRueLz82Pkvsc0NJQ1egOgNAY2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIqqVCJQksPy3YMG6EFK9elfkHFVryn7ZSQ14ZnKYkDEVbuwct2TLEbx2O0z5lm1iRueLz82Pkvsc0NJQ1egOgNAY2VtkRFwSnK0P7dB_IqvS60tsyr64QAZ06AfWCNH...

170 B
232 B

32ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIqqVCJQksPy3YMG6EFK9elfkHFVryn7ZSQ14ZnKYkDEVbuwct2TLEbx2O0z5lm1iRueLz82Pkvsc0NJQ1egOgNAY2VtkRFwSnK0P7dB_IqvS60tsyr64QAZ06AfWCNHb5_9VQW7kvnHd8It98z12VPrQ&google_hm=eS15WXBtVmRGRTJwRm1WMEd6emFldmtXNWhERmJJS0RqbH5B

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIqqVCJQksPy3YMG6EFK9elfkHFVryn7ZSQ14ZnKYkDEVbuwct2TLEbx2O0z5lm1iRueLz82Pkvsc0NJQ1egOgNAY2VtkRFwSnK0P7dB_IqvS60tsyr64QAZ06AfWCNHb5_9VQW7kvnHd8It98z12VPrQ&google_hm=eS15WXBtVmRGRTJwRm1WMEd6emFldmtXNWhERmJJS0RqbH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4672
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2VcwaO...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE1WVUuiQ1nCpgS11DpY2l8&google_cver=1&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM5MzQ2NTE1OTc5OTc5MzQyNg&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2Vcw...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM5MzQ2NTE1OTc5OTc5MzQyNg&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2VcwaOd0lKkzYuAEf6KB9quKXt5Dq6Gb9An3X99Jg8CqyB75Y3u8Uz-FrjzSZNiTgiK646zZ8WaILxPLcMfUo

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTM5MzQ2NTE1OTc5OTc5MzQyNg&google_push=Aer7DvLoDVXhZ4gPrD-PqkyOqhM5qs9d__O-eJpelwesoFO-1ohI3LALFdDjqN-y6VH56fm9oy2VcwaOd0lKkzYuAEf6KB9quKXt5Dq6Gb9An3X99Jg8CqyB75Y3u8Uz-FrjzSZNiTgiK646zZ8WaILxPLcMfUo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4672
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvKQebWjUn3oco_NL-Sh3MZyvHFJ79h_a...

170 B
188 B

32ms
32ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvKQebWjUn3oco_NL-Sh3MZyvHFJ79h_a4bNykWWKlUE33-_ISyfE-T1ygG-_vSu_SFx2_nOhEcKmYnCUGvtWW3Lh_PiUYXvjMImoQwDGXzoQgTH9BM6_G8OIWupVzJl-grHJe3-w9Td_vGSzEx6plp5psg

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 10 Apr 2023 15:06:54 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFj55UpsBp42ixNCwlwwVAE&google_hm=ZDQmDhR2CVTQ7j2bFs3kOgAAFCgAAAAB&google_nid=index&google_push=Aer7DvKQebWjUn3oco_NL-Sh3MZyvHFJ79h_a4bNykWWKlUE33-_ISyfE-T1ygG-_vSu_SFx2_nOhEcKmYnCUGvtWW3Lh_PiUYXvjMImoQwDGXzoQgTH9BM6_G8OIWupVzJl-grHJe3-w9Td_vGSzEx6plp5psg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 4672 43 B
296 B 94ms
38ms Image
image/gif 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOzlLc1XzXqzfqvAazckUE4&google_cver=1&google_push=Aer7DvJBBiPwtmngJ9FDNWVmtGrmmivmS5ZpWjAaEkB6XhhK4-x8ae_om-GPUTg52ozmgxTZk-AidKMZtLKC_xa5GO0R-S2VvwKswaCe2zy_4ajSVy4ujxGpPmAbvt5J7YkGrx6gcr98IwbjYKS6Q8KhFUECAGY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 4672 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4672
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEFTa_dO5-twBVCx2dBQM19c&google_cver=1&google_push=Aer7DvJFdZY4yxTpZrSRIR6azkuRIRXelIpAQ4Y3MS5vZqj_uMKe5Rrpou17pISDuc...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJFdZY4yxTpZrSRIR6azkuRIRXelIpAQ4Y3MS5vZqj_uMKe5Rrpou17pISDuc5rk70yH_UG4n_U1OZjzCuUEju6lRIkHpiorMvmEkbLs-JOrd...

170 B
232 B

37ms
35ms

Image
image/png

172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJFdZY4yxTpZrSRIR6azkuRIRXelIpAQ4Y3MS5vZqj_uMKe5Rrpou17pISDuc5rk70yH_UG4n_U1OZjzCuUEju6lRIkHpiorMvmEkbLs-JOrdaMeoqegYb6PvYP1Cqsm1_VhegcEsdVZqpyzE6KaCvtQYYP&google_hm=xGSPskfwRLyhoCNi33Q2iYU

Protocol

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=Aer7DvJFdZY4yxTpZrSRIR6azkuRIRXelIpAQ4Y3MS5vZqj_uMKe5Rrpou17pISDuc5rk70yH_UG4n_U1OZjzCuUEju6lRIkHpiorMvmEkbLs-JOrdaMeoqegYb6PvYP1Cqsm1_VhegcEsdVZqpyzE6KaCvtQYYP&google_hm=xGSPskfwRLyhoCNi33Q2iYU
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 4672
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBo3iTR2KAQbsZKQGalH32A&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLwCXfQ21CnRdE0vG_WJ6fz9RNcZeEv0kp54qmY7DwgKXkSN6pnVMBNAM-phuJ4i56A-72XIytHHO7hwx8zHVeRL2rtV8Dz7ujCI_GmTVg8BS5GH...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

60ms
59ms

Image
image/gif

104.102.35.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 104.102.35.84 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Mon, 10 Apr 2023 15:06:54 GMT
pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4672 0
40 B 31ms
30ms Image
text/html 172.217.16.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IXeKZQ3g4isVhvfgWFXLa9hR0Cntb7G0zy40OAwNu5VRQUomGDfyWX-XZ4r0a-XVh7sbxbOJXU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 15:06:54 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame A864 36 KB
14 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 13:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 350574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Apr 2024 13:44:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBHh5ACyA12-aC5Vi7spHrE&google_cver=1&google_push=Aer7DvJwncaE06K1PYFSCeib3s3Fhm0sgC4R-plZInpqnGzvqJc3v80so8tBhDeHv85_CpZQalwagrSqbNTGEQ-lSZ-Uv8bXVo7OT3Nw46evQKahX_GicO9bDGhQp6EQroWUyTetga5wWNJo7Ju-HZ5f-nFbCjFI

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pencil.evolus.vn/	1969-12-31 23:59:59	Name: JSESSIONID Value: E9CA7F01A6B2E7E60320E639747AEDBA
.evolus.vn/	1970-01-20 20:34:59	Name: _ga Value: GA1.2.287217939.1681139210
.evolus.vn/	1970-01-20 11:00:25	Name: _gid Value: GA1.2.118134670.1681139210
.evolus.vn/	1970-01-20 10:58:59	Name: _gat Value: 1
.evolus.vn/	1970-01-20 20:20:35	Name: __gads Value: ID=e70ec82ea3ba937b-2223b2a88add0054:T=1681139209:RT=1681139209:S=ALNI_MbQVTRpv-6zLbDn-mmjyMP9_jqZhQ
.evolus.vn/	1970-01-20 20:20:35	Name: __gpi Value: UID=00000bd3b178af18:T=1681139209:RT=1681139209:S=ALNI_Mal2sWb4ZYXy3Jv7WTamkAmndRxjw
.doubleclick.net/	1970-01-20 20:20:35	Name: IDE Value: AHWqTUnR8h7CgNm4PDDjHSq8zPKgd3of2C9GRhJ_8SFEMfAJKqnmTbbzaauNgMshV58

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEBHh5ACyA12-aC5Vi7spHrE&google_cver=1&google_push=Aer7DvJwncaE06K1PYFSCeib3s3Fhm0sgC4R-plZInpqnGzvqJc3v80so8tBhDeHv85_CpZQalwagrSqbNTGEQ-lSZ-Uv8bXVo7OT3Nw46evQKahX_GicO9bDGhQp6EQroWUyTetga5wWNJo7Ju-HZ5f-nFbCjFI Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.de
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
ius.ctnsnet.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pencil.evolus.vn
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.102.35.84
125.212.248.224
172.217.16.194
185.80.39.216
2001:678:cb4:bbbb::11
2606:4700::6812:18ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:fa8:8806:20::2010
2a05:d018:d29:3605:1260:9dcc:1d0e:53e1
2a05:d01c:1d8:8102:6273:1ca0:68c1:d3c2
34.160.236.64
34.91.62.186
35.186.193.173
35.227.252.103
35.71.131.137
37.157.4.29
51.38.120.206
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
071888383444f9715f7c8aec6113047413015688198bdc21faf244b0551f2638
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c320d790dba4c17895962386aa3587aff97e96a7c499f37dd47bf299431ce41
0efe39b232b9983e90455adf6ca9ff935b132a6790459ee8db071a05a6f86564
10638ff6755524b6693243eb4f8e72ac9b1eb7be5423fd5248ad90d2ce42d273
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2fd4424ef3dadf50fd65707e032f48a1cd4e6ab7651082c14c915b43c01ba3f4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
38795da747acdd01ca77ffc22bbd54bf4141b61a64e631b8bd4979526204df6a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
46381e82326020539235d725ce92f21cacaf97176792e1711f8720313bd7c526
47b97a667457b6911eb288cca7d44b0ced54aa252c2f969972b9e1b6d6d79224
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493d4cb5c4fde7d45e13064c2005dc7991c22ce6360e37773a67276acd502f51
4b16d0b1c4572bf6a6c5f75ee43b4d7fc9a9f1786d912b11b853089e3bebf240
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f438c404809272bb235dd4ae379fab79bfcf7fb4dcea3ff3075d8d9e63bbca2
51b9a80bb5b987880dbde1d15bc552bb7ef1881b7d6a25b18bda20341b12e2cc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cace5cf7edbe34980ac32f65901bf3ecda9c735cb71394321b9963c0391887
5778dba18a121844b613ba65f7126cac359a17e398e8a761f63d668d2f878406
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c7b032f96a816d12f24b565bce67a700287066a14897833c4047a1632cfb68a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69437ad9c6baf6296dbbfc3dac2f376f54a3e5318777e14674b961b68110a80c
6bfa9b09b6361590a6f2b27e80ef96719d3ada4613da35ea1f61f4260a96061f
6d6144484305a17113cb4561606497565783bee40888abbe1afa8525b446bb08
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
798ae74d153fcb55c89ac49cff64c549c08cb022fc4171e677ebe5cfc66c57c1
8a85ce098d47416bdab2461386cd628c1c1dce5b0abb37e00484b11886ee574c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b18cbc41fec05b757879a8e64ed1db352ae59c718789782cc5cddfe26b7fa14
9c8dfbfc75ceabbc69e70b23bd4fc5290e4155f205e0ed944fa9ef8818c13654
9d83daae3181ff7263ab22c41f8af8c9d5325d8f3ce0350052409069bb18bd7b
9de2a3f5dabc1b655b163f59fde071d68c2ee1747f5f3eaecbd6594220caf4f4
9e5e995f0936d63304195ab72af99edee3c10d218a5d57719b13c94780631127
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b9f1b30405a08b924538da3ee0b397666160b86c9d63e7cadb4cbe689f13437c
c265527920431cf96cdc189a687f9132f648fd106eae7df0de4cb861521cbcd4
c279aad751e75337d72fbe0e933070548356902f02835c87aeeaddc4187f8903
c7869479c5a10117cd05bf7582326ed8f777907f8fe61ee0d84aa8bde3ad5f4a
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d5d99741415208fe83aaecb0533f2c1da68f1e695a78725af2c9dca358c8828d
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e24b48d209714884766c0814825484d6e50e559e196399bbc5f6abd76769ba83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5afb1d597d8f5d70f17d3968e407d2ce25a9b7a587f2f723f3784c51b01f5e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fffecaffac4bd07c40940435c24f57eb7af162289abc43eec815f93acb3ddd8d

pencil.evolus.vn Open in urlscan Pro 125.212.248.224 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

87 %HTTPS

62 %IPv6

26 Domains

32 Subdomains

24 IPs

2 Countries

1355 kBTransfer

3492 kBSize

7 Cookies

2 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pencil.evolus.vn Open in urlscan Pro
125.212.248.224 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

87 %
HTTPS

62 %
IPv6

26
Domains

32
Subdomains

24
IPs

2
Countries

1355 kB
Transfer

3492 kB
Size

7
Cookies

135 HTTP transactions
10 data transactions