yeu79.net Open in urlscan Pro
2606:4700:3034::6815:3c7 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://yeu79.net/
Submission: On April 12 via api (April 12th 2023, 3:36:14 am UTC) from US — Scanned from DE

Summary HTTP 167 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 18 domains to perform 167 HTTP transactions. The main IP is 2606:4700:3034::6815:3c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is yeu79.net.

This is the only time yeu79.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:303... 2606:4700:3034::6815:3c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	18.66.97.101 18.66.97.101	16509 (AMAZON-02) (AMAZON-02)
1	118.68.218.174 118.68.218.174	18403 (FPT-AS-AP...) (FPT-AS-AP FPT Telecom Company)
26	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a02:2638:d::14 2a02:2638:d::14	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:8326	13335 (CLOUDFLAR...) (CLOUDFLARENET)
167	27

34 2606:4700:3034::6815:3c7 (United States)

ASN13335 (CLOUDFLARENET, US)

yeu79.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-101.fra56.r.cloudfront.net

static.vinwonders.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.68.218.174 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)

owa.bestprice.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:d::14 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8326 (United States)

ASN13335 (CLOUDFLARENET, US)

yeu79.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	yeu79.net yeu79.net	857 KB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	437 KB
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 670 pix.eu.criteo.net — Cisco Umbrella Rank: 9255 csm.eu.criteo.net — Cisco Umbrella Rank: 7853	325 KB
24	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	119 KB
12	gstatic.com fonts.gstatic.com	186 KB
11	criteo.com cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9585 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13528 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 31702 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 26061 ads.eu.criteo.com — Cisco Umbrella Rank: 7796	58 KB
7	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	244 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	166 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7832	696 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	88 KB
2	vinwonders.com static.vinwonders.com	459 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	601 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1030	6 KB
1	bestprice.vn owa.bestprice.vn	140 KB
167	18

	Domain	Requested by
35	yeu79.net	yeu79.net static.cloudflareinsights.com
24	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net yeu79.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	pix.eu.criteo.net	ads.eu.criteo.com
12	fonts.gstatic.com	fonts.googleapis.com
10	pagead2.googlesyndication.com	yeu79.net pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
9	static.criteo.net	ads.eu.criteo.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net yeu79.net
3	cat.nl3.eu.criteo.com	googleads.g.doubleclick.net ads.eu.criteo.com
3	www.googletagmanager.com	yeu79.net www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cat.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	connect.facebook.net	yeu79.net connect.facebook.net
2	static.vinwonders.com	yeu79.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	yeu79.net
1	owa.bestprice.vn	yeu79.net
167	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.vinwonders.com Amazon RSA 2048 M02	`2023-03-02` - `2024-03-31`	a year	crt.sh
www.bestprice.vn Entrust Certification Authority - L1K	`2023-03-08` - `2024-04-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-04-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 15 frames:

Primary Page: http://yeu79.net/
Frame ID: 17D3FB4E08D84D8863D8992F5E0CD230
Requests: 59 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html
Frame ID: 9DDF8BE352FC1C1E244CC3D6F7C4957D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&adk=1812271804&adf=3025194257&lmt=1681270566&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=http%3A%2F%2Fyeu79.net%2F&ea=0&pra=5&wgl=1&dt=1681270566173&bpp=5&bdt=958&idt=190&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7339631088846&frm=20&pv=2&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=217
Frame ID: D5AC0358E757070C110AAB4A25E4C774
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223
Frame ID: 44E83DDFFA3418EED467D769556C1DF6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=1706824535&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566180&bpp=1&bdt=966&idt=226&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NzPBxKTI6G&p=http%3A//yeu79.net&dtd=229
Frame ID: 3BADD1A413AD96332BA8D8ED8D731EC6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157
Frame ID: 676426C4550E315B9616F08C6845E868
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139
Frame ID: C6D12E8DB12A04B1D6EE3B71C97BA88A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B071F123533928692B920711645D49A8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
Frame ID: 552497494577EB6E606BD3CBA6D8FAC3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7619F21C5F6B508DA74F4DF9A84DB6A7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9858C84E44597292F06E96D89257CD60
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F0471296341A28E5A22CDC9CE0200F17
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDYnJgAHyZ4Kd_JZAA4gV5GGA4JER7q2zZR6fA&u=%7ChhYXw1eKLPhanx%2F%2BM%2BFLHZ0df4zm8rVjYOsH%2FQk%2FBV0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86xR6Z-0MRlNessreAXwnDzYX58e-CYGNHGmJRLzNlhPsxTcK0aVtuEbwD9zt9l5kgv_90WdiKkUh3HDr0TtojXBcp-LqgegEXbvsPy9Hup9zKuDAKS-5df57ERCVJd9mztgcbMGIiSKPptH-agapEBBETyZJFcnZUEsEQvWP1ebVDscxqETmGW0-mh9yWKpE6rE-QD6rTqHYTNV2BQzGEJLN1cIyLw-_M1XO2SoJE9mWrnTlgZhurXfiX4LPt4Zs2wpFSMYeK9wYOabrSRqwAHjiP08KbW55UNPg8byS4mSN8NAXvR6qgiGTqucTSJ-vS19nf1hMIRo84_hN3Hlm5SoLjhXOb964s2o4CmQT6ynJgzyqBFP9SrTblGwHDcNm1q8j7Txbw1nWlS1rJM-hZMeoCFG-jb1IyPlklWxDLzY0ljTF0voH_q4YdVGN4AggRUtg1RFalEgCSbCgn6Cx6pShjPhqHiGVjA3oT0ulIyfF0gLh3L5yKEwVdU28Pbv0gPGt8j41dFQ66MJMDS8LDG4vzMVOfpYo9CqTf7XT8Ui38Z11V8ASh14&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-4kgJic2ZJ6TH9nk3wPXwLi4Dcme0rFc1Z2R93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi01OTIyNTEzMjEyNzU4MzY4yAEJqQJZ6Z4y_kyyPqgDAaoEsgFP0PInXKFRTP_ZB4YAQfI8mlzZ2keQmB0JLcaj3YkWSPqeMWV6p8Hj9_cnr4Lu20Z-lU2s2BygkPXprLElrzt1kHeGtmvsKqhzRmkkj7qpCejNv61jADp3msfHKxk6rKgklt2enPP6LYOPmt6pAjrlZQ1Foj_meoj8n0sn_t1ZAP3X-P-X1kWit1GE-MMui9rh0srnx5zY9f4-hf0ZfMtbHN5NEqMEiJCu70zb2diHxgy8gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3T7ByWXSt69BjqsPubtP_C-MN52A%26client%3Dca-pub-5922513212758368%26adurl%3D
Frame ID: B194FC9D7868AF2A666B46EC98C89923
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0AB73D5D124ACB863583595D12B6D9AD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A6A60FEBCC82FE6296DD20F3ACE0041
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bản Đồ Ăn Uống Nha Trang - Cẩm Nang Vui Chơi Tại Khánh Hòa

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

80 %
HTTPS

85 %
IPv6

18
Domains

26
Subdomains

27
IPs

5
Countries

3116 kB
Transfer

5876 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/nhatrangvuilam/
Title: Fanpage

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/nhatrangriviu
Title: Group Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCHwRNsMjQ2HfafxS1EV85yw
Title: Kênh Youtube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/nhatrangvuilam
Title: Group Nha Trang

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

167 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
yeu79.net/ 60 KB
10 KB 765ms
715ms Document
text/html 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.38
Resource Hash: ae9a7dc37d2cf1e2dab0aa8aed93b881cbe3feb18afc2dc1465fc9c4de63d012

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7b686c4428ee9c00-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 12 Apr 2023 03:36:05 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PowpXb7AV9A5HlOFuBZ7mn4zQkcgAvxkvVy0uRgZ4p3yFy6Wnt7X3HA8X2Q0fcOe0iF2%2Bg8tsK8F0Me%2Fr6VJf1R%2FTEt3LeA1mfFPhwU1Y%2B%2F%2Bc170Qrl4unXegMaXHxEfNUx49kbKkE%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/5.6.38
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK LexendDeca-Regular.ttf
yeu79.net/assets/fonts/lexend-deca/ 76 KB
39 KB 1250ms
986ms Font
application/x-font-ttf 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/fonts/lexend-deca/LexendDeca-Regular.ttf
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 208ebabe50b9abe45cb0d4bdbd97c2078e59ba7ef3cd954bcce062ed1e4a88ad

Request headers

Referer: http://yeu79.net/
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 38766
Last-Modified: Wed, 31 Jul 2019 17:00:00 GMT
Server: cloudflare
Etag: "13050-58efd0e386400-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuAME1kbhs8JOMhiLGENdiXOfNfjXqr%2Bsw1OZihH2aSU6X%2B3YZz0bRbgiMnXafDqsTaufVDnOB7f874h4BOAQIsa7kF%2FyFexzZDyFMyYAlZhlgG02yp%2FPKQFVDiUxXb7P5uFQwC1fII%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-font-ttf
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4a4b195c2c-FRA
Expires: Fri, 12 May 2023 03:16:20 GMT

GET
H/1.1 200
OK LexendDeca-SemiBold.ttf
yeu79.net/assets/fonts/lexend-deca/ 76 KB
40 KB 943ms
262ms Font
application/x-font-ttf 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/fonts/lexend-deca/LexendDeca-SemiBold.ttf
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4381409c9cba8c4e0229630b4ba239e956fc1f58952c4dfdd17bac6261f53fe9

Request headers

Referer: http://yeu79.net/
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 40285
Last-Modified: Wed, 31 Jul 2019 17:00:00 GMT
Server: cloudflare
Etag: "131c0-58efd0e386400-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnZrReSfyrrL9SfAWVeaknp31%2FBfczOUMrdb0y3FEBk8biAyQx2SHoaD87ezAOIPtPC5THcqPL5LOB68y%2BhNviU98K%2FTymUeJCAP%2BTWRTd%2FYrlv40KjcpD0wD41SUCVEam1VWLNkSF8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-font-ttf
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4ce8682bb6-FRA
Expires: Thu, 11 May 2023 13:47:53 GMT

GET
H/1.1 200
OK bootstrap.min.css
yeu79.net/assets/themes/nhatrangdev/ 157 KB
24 KB 261ms
241ms Stylesheet
text/css 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/bootstrap.min.css
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c251c6f0101227a9e8444af6a4e392721a2cee114a4f6ae74c6c0f95d37eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 23852
Last-Modified: Sun, 21 Nov 2021 17:30:27 GMT
Server: cloudflare
Etag: "27293-5d14fdd2eb2c0-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ImY9%2Fzyyed8CIg%2FwD0YJWWx3WGqgyiWIRCzXPDuStguFnsY94NvYoEfcKqRiCTPVrY3GAcL5wJa75lD69UWol3%2B6VClBpyNRmEVEO2uIpjIUKGtogwZi0y50mnqoLmaGdAF1X0krCZE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c48c9df5c2c-FRA
Expires: Sun, 07 May 2023 14:26:58 GMT

GET
H/1.1 200
OK style.v5.css
yeu79.net/assets/themes/nhatrangdev/ 27 KB
10 KB 819ms
800ms Stylesheet
text/css 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/style.v5.css
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04bcfd70942872f2e832964ca2928736a3d4743ce35ee564c512d84f5db8c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: origSize=34958
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Sun, 27 Mar 2022 02:56:10 GMT
Server: cloudflare
Etag: W/"888e-5db2a5681a680-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrH1yw%2BMDGlpnFE%2BW8u7WIKttCVwzLlCkMpQKQ78pooWm8UZe%2FC5fS3em26rx55VHUh6LxiRUooxUjJfAIbMP%2BZ1EfChvU%2BbGyE4kPHQlIJrmRYPqr2oIewM7VkU9PlBWsWpd8TLLxQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
CF-RAY: 7b686c48cae2903c-FRA
Expires: Sat, 06 May 2023 20:10:31 GMT

GET
H/1.1 200
OK slick.min.css
yeu79.net/assets/themes/nhatrangdev/ 1 KB
1 KB 756ms
735ms Stylesheet
text/css 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/slick.min.css
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 483
Last-Modified: Thu, 22 Jul 2021 08:50:10 GMT
Server: cloudflare
Etag: "52f-5c7b25fdd5480-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQb2nP5EOzIxj3YCPn7bHkuA2RAyJ8UHe7hAiV3zworhaUyj%2BSy20zNsL6TwQz%2Br790ZeM04VRDr7Zfouunu3DZ%2F5Fgw1szl4H5MSKp7dWpZiiLpGBZ%2BqJXLrlxpj6oYVPXB6ANM0U8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c48ce5003a0-FRA
Expires: Fri, 05 May 2023 20:52:51 GMT

GET
H/1.1 200
OK slick-theme.min.css
yeu79.net/assets/themes/nhatrangdev/ 2 KB
2 KB 679ms
658ms Stylesheet
text/css 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/slick-theme.min.css
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 618cacf7e3c9cf90cb3245f033e6b0cbf5fc41ef5ecb98c136247eb6aa8641c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 754
Last-Modified: Thu, 22 Jul 2021 08:50:10 GMT
Server: cloudflare
Etag: "926-5c7b25fdd5480-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpBuFUVsTobzEHJzQRZao55bqtECDQTAUiF7waWq9gJKQyVKv%2B42LHHaBDGAlIhcGM%2BQTGJsEWd14vM01eWum%2F1R1o5%2FX7oVO2DPTrJHBCQhnEf7SwM91HSBCw6Ow22kYKeTSLv8KZU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c48cc9d2bb6-FRA
Expires: Sat, 06 May 2023 21:55:06 GMT

GET
H/1.1 200
OK demo.v1.1.css
yeu79.net/assets/themes/nhatrangdev/ 24 KB
5 KB 694ms
674ms Stylesheet
text/css 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/demo.v1.1.css
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 476294ca8a1174739263ce97d0add0408cfd15a26090a696ea9c348f99cc8d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: origSize=30461
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Tue, 29 Mar 2022 14:32:36 GMT
Server: cloudflare
Etag: W/"76fd-5db5c4cd42900-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hl3y2cOT6cJ07gjueJgB1%2F9imaDb7pBS6Oq7wXypQhsx2xKnocYJVyPCIoblw0G1RlNxwSVLNijKu5wZEQlBFaZmeQ9PnLfM1KeGXp5k4X0gCNvQ4NENAatwJEZMlxZQTHwnG2u0fBk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
CF-RAY: 7b686c48cb073635-FRA
Expires: Mon, 24 Apr 2023 04:09:10 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 117ms
66ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64fd7c3b188ad31f5981c2673892148913421acc2f082081f6148aa9e6fa28ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48092
x-xss-protection: 0
server: cafe
etag: 2031729316713639293
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H/1.1 200
OK lazysizes.min.js Show response
yeu79.net/assets/themes/nhatrangdev/ 8 KB
4 KB 189ms
188ms Script
application/javascript 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/lazysizes.min.js
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3494
Last-Modified: Mon, 17 May 2021 09:26:41 GMT
Server: cloudflare
Etag: "1ed1-5c28330ee9640-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLJmVQDrJqZDSA%2FoNuh4ccGpN2EZzVXUrUhprMu9FJR491ORTuPeEsZRWJBpjcLAZtF2Y2E5iD4huiUtEv7bUXrMX%2Bo129cuSjz3Wrw6mRIY5zvlcL%2BU5ovkRr%2FNR%2BCWq8GsnTIF9To%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4dcd94903c-FRA
Expires: Sun, 30 Apr 2023 02:39:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 89ms
39ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XR6HEJL7JT

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf0eefe3c5070f58a2418b197f259894929f407a2560152b0bdc4ceb0d841a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
47 KB 90ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922513212758368

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b74670a96cc2e05292ab2972cdfcf324599fd48af11e1d30d08b3ecfdffba8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48082
x-xss-protection: 0
server: cafe
etag: 11467346105806248004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H/1.1 200
OK logo-yeu79-ngang.png
yeu79.net/assets/images/ 60 KB
60 KB 350ms
350ms Image
image/png 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/images/logo-yeu79-ngang.png
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecb53ffa63012b05c9b5f2e21720abe9fe9738c2013dd472a00606494329695

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 61076
Last-Modified: Thu, 03 Sep 2020 19:00:06 GMT
Server: cloudflare
Etag: "ee94-5ae6d5c413980"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc1foiSQ12Aegk%2Bk4q74PoumaWtWfAmZyEmh2srShZ6P5qhsi%2B7tJX40gHl6fCm1b9ySLwcxPyfquE0upcMGah6DNE%2BUgKunsHVpELZQSmmSd2qY5SnWvWQ77ZN853CuXZu9QiOpPqw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4dca5103a0-FRA
Expires: Sat, 15 Apr 2023 03:24:45 GMT

GET
DATA 200
OK truncated
/ 116 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7482b6eaa9a50729dc26bd9c4f1b37063f6f2706e340f9f7cce9e98dd68231eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK banghieu11.jpg
yeu79.net/assets/thumbs/ 23 KB
24 KB 719ms
718ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/banghieu11.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d82f2f31dd64376f2bff0a8b5315576d16587735f0161b072d8d1e0742b7731e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 23649
Last-Modified: Thu, 23 Mar 2023 17:38:08 GMT
Server: cloudflare
Etag: "5c61-5f794bd663d80"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jOcx2YTb2JfwulxBUVn%2BioWSWJEkMAsTzGOmpsiQ4OXu4N4MIFyKoNuRi7cU9ECYDgK0%2FTIrCEw6uzgo1aicXKUNbvV4ZwB8hxEz7QqPltlokLETzX2Q8yDjByUFIiA08S42gycy6Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4e0f5b3635-FRA
Expires: Sat, 22 Apr 2023 17:38:12 GMT

GET
H2 200 dia-diem-an-uong-nha-trang-05-1.jpg
static.vinwonders.com/2022/03/ 225 KB
225 KB 835ms
750ms Image
image/jpeg 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.vinwonders.com/2022/03/dia-diem-an-uong-nha-trang-05-1.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d0e6a944dd77ad7b918bfc0f8887f5802f787a0205c3f5df51b54ee6947fdc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
last-modified: Fri, 18 Mar 2022 10:53:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "911bef346d22002fae493cdc6b81178d"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 230241
x-amz-cf-id: 5KfpZEedbR72GulE20nBS09b7ZnXD5uGis3lOa_jD3tmjPuec9XKPQ==

GET
H/1.1 200
OK Geekvape-AU-Pod-So-Huu-Ve-Ngoai-Trang-Nha-Tinh-Te.jpg
yeu79.net/assets/thumbs/ 12 KB
12 KB 1609ms
699ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/Geekvape-AU-Pod-So-Huu-Ve-Ngoai-Trang-Nha-Tinh-Te.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f4357d6230ea6f3882456d0378bc95f0a8350f5a3e622a97230a1b7329bf47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 11826
Last-Modified: Thu, 23 Mar 2023 17:47:52 GMT
Server: cloudflare
Etag: "2e32-5f794e0385d20"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHbLuELGsAYqPG2AyYHXc7CFKMaFxbOyTHEbdGZ81jiM02wCPvGL7bOURIrpUsUZFBPViqMrwwERnRa%2Bcs08d7gV8TgrGEEXxvITtV1Np83PmL0FcW7z3s66MN1g4C0NeZRZbWp6OsM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c53bd529c00-FRA
Expires: Sat, 22 Apr 2023 17:47:53 GMT

GET
H/1.1 200
OK 61124114_453354648544376_6338652961824047104_n.jpg
yeu79.net/assets/thumbs/an-uong/nha-hang/nhatrangxua/ 34 KB
35 KB 289ms
218ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/an-uong/nha-hang/nhatrangxua/61124114_453354648544376_6338652961824047104_n.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 602924c24feffb0a906d3fd7b62d58121548cb91f74162e06e36b3247745a51e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 34672
Last-Modified: Sat, 08 May 2021 04:38:11 GMT
Server: cloudflare
Etag: "8770-5c1ca1ca719c8"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfTuVxwqhQ0VlcRA0OXm%2ByY2w5rUJcktvgVWLwyGGmSeb6xQFr2Xyg011B4JIowx%2F42X0duDYfp3Yn8Oh06pmcRGgG1HAsnM0PpHoNJvLENBs2CcdW2uJwOXVlgxI47%2FCP6XvzbGF1c%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4e99fb2bb6-FRA
Expires: Sat, 22 Apr 2023 11:00:44 GMT

GET
H2 200 hot-15-quan-an-ngon-re-o-nha-trang-duoc-yeu-thich-nhat-62b13c5d55e15.jpg
owa.bestprice.vn/images/articles/uploads/ 139 KB
140 KB 1496ms
216ms Image
image/jpeg 118.68.218.174
FPT-AS-AP FPT Tel...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://owa.bestprice.vn/images/articles/uploads/hot-15-quan-an-ngon-re-o-nha-trang-duoc-yeu-thich-nhat-62b13c5d55e15.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.68.218.174 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software: Apache /
Resource Hash: 694bb8a02d3468f0cb58ff43e5a784e820674c28139a8e8095c7cbbb615dc023

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
last-modified: Tue, 21 Jun 2022 03:34:53 GMT
server: Apache
etag: "22d09-5e1ece759c700"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 142601

GET
H2 200 cho-hai-san-nha-trang-04.jpg
static.vinwonders.com/2022/03/ 233 KB
233 KB 758ms
689ms Image
image/jpeg 18.66.97.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.vinwonders.com/2022/03/cho-hai-san-nha-trang-04.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-101.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 088c7dda347ed4a7857dd52f3b388d26cee790714b0199999d5ec042c4fc940d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
last-modified: Wed, 16 Mar 2022 10:18:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "d0c0a5360300691f33dac4bca4367e94"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 238330
x-amz-cf-id: 1P4VMACOoOCbMannsThhPqMvshNooQq0QKTqV8IPX6u7uulvNUOngw==

GET
H/1.1 200
OK saffron-nha-trang-2.jpg
yeu79.net/assets/thumbs/an-uong/saffron/ 22 KB
23 KB 850ms
728ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/an-uong/saffron/saffron-nha-trang-2.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 719747def64ee1750a31c429da84257c2abcf10142533273caa797e89c399f75

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 22616
Last-Modified: Wed, 08 Jun 2022 05:59:29 GMT
Server: cloudflare
Etag: "5858-5e0e9688ec0c8"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haGR9ybO7AGh0JZCE%2FFKQcV7qqGUYVav5JkT0mVKqicC3Rvfub6r8w%2FH7M2yHT6tqXGB9rMtQXQRjSvEdFkeYjJZcywk7cl%2BglDG9u%2BDkgddPhDv9ZMfuivfSC9ZRo4mXomkBMmk6MY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4efe50903c-FRA
Expires: Sat, 06 May 2023 20:12:23 GMT

GET
H/1.1 200
OK z3856669749599_4ad0cce5fd711eba0dc0b2cd2293a092.jpg
yeu79.net/assets/thumbs/khac/bat-dong-san/ 28 KB
29 KB 824ms
676ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/khac/bat-dong-san/z3856669749599_4ad0cce5fd711eba0dc0b2cd2293a092.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cd388eb52f0fb6604a77ea951fc67e957570f230e2db29db380492460d4380a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28814
Last-Modified: Sat, 05 Nov 2022 07:11:59 GMT
Server: cloudflare
Etag: "708e-5ecb3e80b2578"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyION8OHKBQQ4ZfrWfnSMQ8spzZK%2FcZPHkzmbs1B4cAGMl9bVDp4tnnhN0p83P194WQBcjL9rbrTZ%2B%2FeGYgSV8NC3rbK4NMEuaXOQtodRUGYx0KL0CVI2%2FyPIHppHLELaYNWrZrQrTQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4f299e9c00-FRA
Expires: Tue, 09 May 2023 06:05:44 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 347 KB
116 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5922513212758368&plah=yeu79.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922513212758368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c6a3034a3e2ca653de461dd69db36f385df830c499466e00b167a5eae43cbfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118931
x-xss-protection: 0
server: cafe
etag: 6594104212695169492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/ Frame 9DDF 10 KB
5 KB 72ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5922513212758368

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 15:37:40 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 15:37:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK san-bay-cam-ranh.jpg
yeu79.net/assets/thumbs/tin-tuc/ 28 KB
28 KB 364ms
230ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/tin-tuc/san-bay-cam-ranh.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae8b01b406e9fea4cda7041411f95473921c1eb3c1dfe07b5ed896abfa7f9b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 28328
Last-Modified: Fri, 20 May 2022 10:07:01 GMT
Server: cloudflare
Etag: "6ea8-5df6ea6d598b0"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTmD1kLm3nFuU7iS4NdmCFYoiqRKSZqw8srF9iRuaPkRSjo0Ritrveaf1I8BT2lFV3yjlltSy42ROotzK3TY4lQ8C2GSqyGRdts9t47iAu3KRdpZnPDymoTOQoVAq4Oz12IYQb7GFL4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c4ffb1d2bb6-FRA
Expires: Thu, 11 May 2023 04:08:09 GMT

GET
H/1.1 200
OK tom-hum-nha-trang.jpg
yeu79.net/assets/thumbs/an-uong/hai-san/ 24 KB
25 KB 954ms
736ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/an-uong/hai-san/tom-hum-nha-trang.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee5c2945e25b3a558076264cba793d2ac05b2b76555a6602abef1a51ffa4d3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 24450
Last-Modified: Mon, 02 May 2022 02:04:23 GMT
Server: cloudflare
Etag: "5f82-5ddfdcf9e6d20"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECXHYAN81g2kAFhebIIkpIU0lryQUCyn4m6VWYLzoujfhGnF7jGP%2BUpJah0R8E8W9T7AFLpBU18Bmln2fZeetG10jSPUJbxYcrK2gm9spVVohwolYBFx0aM%2BXCusz%2B%2FaaEcoMJ2apMk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c507fa95c2c-FRA
Expires: Tue, 09 May 2023 10:17:09 GMT

GET
H/1.1 200
OK tau-ngam-vinpearl-nha-trang.jpg
yeu79.net/assets/thumbs/du-lich/ 26 KB
27 KB 918ms
760ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/du-lich/tau-ngam-vinpearl-nha-trang.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e65774668a62c4aa56cf4fe4a54868a53d0d91dda9feff597de8548a2d87b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 26360
Last-Modified: Thu, 28 Apr 2022 08:38:46 GMT
Server: cloudflare
Etag: "66f8-5ddb2dab1a650"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyyrOe8rsAAwojA0bpCElNFQzhXEbGIMuiqXD2iTyihz%2Box8FgJzf1kzx7MRMLwXsI8n6tWtlhk0KUPIznVuusNXMas3DP2mnMoUylfu1jneDwsYtqM6H%2FJmy2MvcnAoZ43LR7ODlNs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c501c2103a0-FRA
Expires: Thu, 27 Apr 2023 10:09:49 GMT

GET
H/1.1 200
OK xe-buyt-nha-trang.jpg
yeu79.net/assets/thumbs/tin-tuc/xe-buyt/ 21 KB
22 KB 756ms
208ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/tin-tuc/xe-buyt/xe-buyt-nha-trang.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69180f473dfe9e7fe4c02b25be25f9a814b93778dddf51b562a2147fded1ee04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:06 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 21979
Last-Modified: Fri, 22 Apr 2022 15:09:48 GMT
Server: cloudflare
Etag: "55db-5dd3f9e174ab0"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVEmEhk3gwtQS75h5bwugvL1sJsceyIV4lVNnnYIUogqPLWWoxmX9CzZHB7Co7%2BxKGepIrQmhihbo8R54H9Tt5MofDmhhckm%2FwHyhtGf8XU27KXREggkEOaimaegukrWipS254LEBr0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c528acb3635-FRA
Expires: Tue, 09 May 2023 20:14:29 GMT

GET
H/1.1 200
OK quan-nhau-via-he-nha-trang.jpg
yeu79.net/assets/thumbs/an-uong/quan-nhau-via-he/ 25 KB
25 KB 1153ms
785ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/an-uong/quan-nhau-via-he/quan-nhau-via-he-nha-trang.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113a4e03dc0109d1c32cee5e33d93914d1e21e2fd952f62be1b314fe3a76dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 25102
Last-Modified: Tue, 03 May 2022 02:40:54 GMT
Server: cloudflare
Etag: "620e-5de12700e5798"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62bpJ8BSvypF19vneUIJQUxiN3AOjg7n%2FtRWaehKz7RUpnX157fymGgCw7OGS7KjO9KOyrJh0qekxQvNqcDwa6YBmfECmTmYq6iegBrqkTXA%2FwpHHevaD7cDDA4ehYO6r4apoiiy5iw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c516c552bb6-FRA
Expires: Sat, 06 May 2023 20:13:44 GMT

GET
H/1.1 200
OK dau-1986.jpg
yeu79.net/assets/thumbs/an-uong/ 36 KB
37 KB 753ms
753ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/an-uong/dau-1986.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e7e98a906748197ee7a85b5d01f4c3e7111e650cbec8bd2c1df1ccdf19a63e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 36996
Last-Modified: Sat, 23 Apr 2022 06:05:15 GMT
Server: cloudflare
Etag: "9084-5dd4c20731ff0"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UvTVcfEZpYiWX6mFy2kCMI%2BAzzSdlubA8BE%2Fi8rXwHCvi7JK0H2xXrMmEdMstMbH%2B4RyCvrwiDa5NJqS6s0zsW%2Ff2Kj8bc2IhbIaSOorGGD3oO4cm15KFEuRn0F45DbjTWObAK%2F%2B2s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c5628b903a0-FRA
Expires: Sat, 06 May 2023 20:13:56 GMT

GET
H/1.1 200
OK lam-gia-so-hong-so-do-nha-trang.jpg
yeu79.net/assets/thumbs/nha-dat/ 16 KB
17 KB 652ms
652ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/nha-dat/lam-gia-so-hong-so-do-nha-trang.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934ad5598b0254d67f2c10ce6b9f80ca7c557a79cccf4967cdb3c8c2cc21c460

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:08 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 16787
Last-Modified: Tue, 12 Apr 2022 15:31:32 GMT
Server: cloudflare
Etag: "4193-5dc76c1618270"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3rgn3z7TprXXEqw4R0EoRNh4LI%2FD%2FirKC1A8fBQJ%2F6V0%2B28MWTBlORfNGHaqc4%2FLfNgBiNkGREX4WSrIi0ZxgeZ%2FSmoFLQbIFL5u50QtBpEFDiPKV%2Fg28%2F1zb%2B629iBgYxuxBbr2Zjc%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c5658882bb6-FRA
Expires: Sun, 23 Apr 2023 10:11:05 GMT

GET
H/1.1 200
OK iconh2.png
yeu79.net/assets/images/ 935 B
2 KB 189ms
189ms Image
image/png 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/images/iconh2.png
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519bc38cc315928f6678504ebc8f161defc6772072829cfdf77bd6dc214d9c5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 935
Last-Modified: Sun, 21 Nov 2021 09:28:12 GMT
Server: cloudflare
Etag: "3a7-5d1492085a300"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pia9OURc6tCkCwD1Z8mHlYiJ8Q3wgrDT%2FuLiHgLBXUjjqZb4H76R6w7IKp8e%2B%2FTdjsz2UIGGxjaMEpoEp6HIGSMJzBc5R3Idz4HOiFyh29sazbnBwcqhFr5ss3sm5ACbYNW5dIB2kK4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c567b34903c-FRA
Expires: Sat, 22 Apr 2023 12:36:55 GMT

GET
H/1.1 200
OK jquery.min.js Show response
yeu79.net/assets/themes/nhatrangdev/ 86 KB
31 KB 926ms
254ms Script
application/javascript 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/jquery.min.js
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 30677
Last-Modified: Thu, 22 Jul 2021 08:50:10 GMT
Server: cloudflare
Etag: "15851-5c7b25fdd5480-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNreJVF3N0wN%2FDkZF3fUXXYj1twGuNy7okCj3Bnx8dqxedvvDlclRmAzeqkS4Gk%2BPbiAeKmWOtAgw9atAwYAySpaxsT2exEKd2q1S%2F%2BRpJCKoazWu%2B%2BxDTXqPJVZGICVcMgxZ2%2FTLcU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c53896c903c-FRA
Expires: Sat, 06 May 2023 20:10:44 GMT

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
yeu79.net/assets/themes/nhatrangdev/ 79 KB
22 KB 211ms
210ms Script
application/javascript 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/bootstrap.bundle.min.js
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 21724
Last-Modified: Thu, 22 Jul 2021 08:50:10 GMT
Server: cloudflare
Etag: "13cbc-5c7b25fdd5480-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoISmD68YR9zjBJgl5948bgAi9Z3WF1s6DjjPc%2Fm%2F%2BGgkMjBfYSLTbZ9qsigNYTG4rGZgwAEfMO1YsZxs91cwjrnt3h6tpszAsXiQCfs4%2B5vHGR1vuyQTI30MD2v7GZuxseQP72DRdE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c53ebce3635-FRA
Expires: Fri, 05 May 2023 12:57:25 GMT

GET
H/1.1 200
OK slick.min.js Show response
yeu79.net/assets/themes/nhatrangdev/ 42 KB
11 KB 199ms
198ms Script
application/javascript 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/slick.min.js
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10442
Last-Modified: Thu, 22 Jul 2021 08:50:10 GMT
Server: cloudflare
Etag: "a76f-5c7b25fdd5480-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W852U6NhS%2F5JADAzNIvRdnaVYMwHyboMV%2FNT2iSHlc%2FUKxbNJltD6K%2FExN6rl%2FTugsO91xGwZVNFTpbf6bDebHAaLUSYIKhAGc5qxewKn9iRHYmZ2r3n1fBd3MObPn7Oa8Ei8pc7HA4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c54efc403a0-FRA
Expires: Fri, 05 May 2023 22:29:00 GMT

GET
H/1.1 200
OK hc-offcanvas-nav.js Show response
yeu79.net/assets/themes/nhatrangdev/ 17 KB
6 KB 663ms
662ms Script
application/javascript 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/hc-offcanvas-nav.js
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d787dbded94aa45a7efbd24ea8f620d5b4df2b239e764f790cecbe2702ccfce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: origSize=17551
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Thu, 22 Jul 2021 08:50:10 GMT
Server: cloudflare
Etag: W/"448f-5c7b25fdd5480-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69ZIe9YVEJC5lSAVpJsmC9YMgXg0BQij6ANAXPGRy3SwP49DYTJWGnll15cK5VS4K81iXaUCWNoBw%2FGNYVrOv%2B7M3DbArPBlgs0SL9rdCP%2BhxXaAa3KT3WN%2Fc2CGbILB6ODKo5F2cBU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=2592000
CF-RAY: 7b686c551bd35c2c-FRA
Expires: Mon, 08 May 2023 04:21:54 GMT

GET
H/1.1 200
OK osahan.v2.js Show response
yeu79.net/assets/themes/nhatrangdev/ 2 KB
1 KB 207ms
207ms Script
application/javascript 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/osahan.v2.js
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b3557625fcaf835f0edb5664328cd79604280d2cb84b48c201890a556d5f123

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: origSize=4478
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Fri, 26 Nov 2021 06:46:57 GMT
Server: cloudflare
Etag: W/"117e-5d1ab750dba40-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Vpj8AaivtcXk08VKlAVSBXg%2By6N25VRoW5XlJVdYw9bhRu9LooqQ17TcTFtPJ3PzB8wIjxpr%2BVPl3EzdZf7DJQnXV0vrAtBAW0nm0R995FTU4qnvMeTMlNlX8BGLdNiHAAZMFpxatY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=2592000
CF-RAY: 7b686c552a48903c-FRA
Expires: Tue, 18 Apr 2023 04:19:40 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 102ms
36ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c7cfc1492495ee9e2112f0e70377b6bdbd2e89c5cb6c64696efc8b59e831bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://yeu79.net/
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 03:36:06 GMT
content-md5: WvExKBPHMXVZADJ23HWp6Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: /o1LtB6hf6XcRN/XV0Yn2XA/IHj0dLRwseS+W7Gw8RhDzEObokFst9XsNX6zbsSwjQtcO5IPOhyGmUJlcteHVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 720026100
x-fb-content-md5: a75badf12f9e28051e879b0ab57f6db8
cross-origin-opener-policy: same-origin-allow-popups
etag: "6c99e84befede0df0c967e4c0b6ca2fd"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:37:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-69269666-28

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

481eb787c8cbc104ff86e6afdbf4c1785a94bdd70277d8c3c0c73ced93243267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H/1.1 200
OK all-awsome.css
yeu79.net/assets/themes/nhatrangdev/ 58 KB
13 KB 819ms
818ms Stylesheet
text/css 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/themes/nhatrangdev/all-awsome.css
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6462c6a3bb9dd452e16b83087746f4ef65156ec96c07a4992190e615e69875ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:08 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cf-Polished: origSize=73825
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Cf-Bgj: minify
Last-Modified: Fri, 26 Nov 2021 06:30:47 GMT
Server: cloudflare
Etag: W/"12061-5d1ab3b3cb3c0-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9zD051tmF8Gs1W%2F8zVwJMpZvT2qBOjKN402fLmoR3O%2FwQSfQueUy7L0f3RAYnJJ7uV4yXGR%2FskwSpihCIkgRpQJET2wGG6XgvVvcGKv9K7NvVB4M%2Fy6dYLS26TIfn33CRUhWziHsa0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=2592000
CF-RAY: 7b686c553ce83635-FRA
Expires: Wed, 03 May 2023 11:06:58 GMT

GET
H2 200 v2b4487d741ca48dcbadcaf954e159fc61680799950996 Show response
static.cloudflareinsights.com/beacon.min.js/ 16 KB
6 KB 94ms
47ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2

Request headers

Referer: http://yeu79.net/
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
last-modified: Thu, 06 Apr 2023 16:52:30 GMT
server: cloudflare
etag: W/2023.4.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7b686c4faf1dbb7a-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 141ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=yeu79.net&callback=_gfp_s_&client=ca-pub-5922513212758368

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5922513212758368&plah=yeu79.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d92f3abe6accf11223295d9cfd6c2131df18454e3e521cdaf6dcf64bc707e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 128ms
28ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=yeu79.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 129ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=yeu79.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5AC 39 KB
14 KB 178ms
172ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&adk=1812271804&adf=3025194257&lmt=1681270566&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C128x945_r&format=0x0&url=http%3A%2F%2Fyeu79.net%2F&ea=0&pra=5&wgl=1&dt=1681270566173&bpp=5&bdt=958&idt=190&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7339631088846&frm=20&pv=2&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=217

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe4b44a591d22d2c71b1fd92f5f2d7eb7928d621ad460be40345b76ea83b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:06 GMT
expires: Wed, 12 Apr 2023 03:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44E8 83 KB
24 KB 159ms
155ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fecadfd515c2fad98ea81c89ad22d589e575da69f07b2a4180bbd38e6f16e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24060
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:06 GMT
expires: Wed, 12 Apr 2023 03:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BAD 83 KB
24 KB 142ms
138ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=1706824535&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566180&bpp=1&bdt=966&idt=226&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NzPBxKTI6G&p=http%3A//yeu79.net&dtd=229

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e9e8142c5368368827a380ffa05b3311c5eabdae20b15c3220d283cc72e2e4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24076
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:06 GMT
expires: Wed, 12 Apr 2023 03:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6764 83 KB
24 KB 169ms
165ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d99e7f6a786f92756e2818a215d3458fd1f649049e8ac9d71415a158302d421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24075
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:06 GMT
expires: Wed, 12 Apr 2023 03:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6D1 83 KB
24 KB 130ms
128ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60ef134e2cf2f8b8c067fca24ef955a0881bd4712533c7afebb80a8297d659e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:06 GMT
expires: Wed, 12 Apr 2023 03:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3BAD 6 KB
1 KB 83ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=1706824535&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566180&bpp=1&bdt=966&idt=226&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NzPBxKTI6G&p=http%3A//yeu79.net&dtd=229

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

927e28e6f905011cd102263e99fc6a6032d90aab9f7fce9e2be1b5a4a115d7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 02:44:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6D1 6 KB
742 B 90ms
38ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

927e28e6f905011cd102263e99fc6a6032d90aab9f7fce9e2be1b5a4a115d7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 03:36:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame C6D1 36 KB
14 KB 113ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5538b52fc2f2aff1e087f5a63b45317a77d4c04c83bde3fe8c2f50e96d8b14d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
server: cafe
etag: 10834791595223416614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:24:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6D1 159 KB
49 KB 101ms
49ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame C6D1 22 KB
9 KB 87ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame C6D1 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame C6D1 20 KB
8 KB 91ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 3BAD 36 KB
14 KB 107ms
50ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5538b52fc2f2aff1e087f5a63b45317a77d4c04c83bde3fe8c2f50e96d8b14d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
server: cafe
etag: 10834791595223416614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:24:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BAD 159 KB
49 KB 96ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 3BAD 22 KB
9 KB 83ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 3BAD 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 3BAD 20 KB
8 KB 95ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 44E8 6 KB
719 B 68ms
39ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

927e28e6f905011cd102263e99fc6a6032d90aab9f7fce9e2be1b5a4a115d7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 03:36:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 44E8 36 KB
14 KB 103ms
56ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5538b52fc2f2aff1e087f5a63b45317a77d4c04c83bde3fe8c2f50e96d8b14d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
server: cafe
etag: 10834791595223416614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:24:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44E8 159 KB
49 KB 113ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 44E8 22 KB
9 KB 116ms
69ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 44E8 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 44E8 20 KB
8 KB 109ms
63ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6764 6 KB
719 B 65ms
40ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

927e28e6f905011cd102263e99fc6a6032d90aab9f7fce9e2be1b5a4a115d7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Apr 2023 03:36:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 6764 36 KB
14 KB 102ms
60ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5538b52fc2f2aff1e087f5a63b45317a77d4c04c83bde3fe8c2f50e96d8b14d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 14:24:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47470
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
server: cafe
etag: 10834791595223416614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 14:24:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6764 159 KB
49 KB 118ms
93ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/ Frame 6764 22 KB
9 KB 107ms
65ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:35:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 6764 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 6764 20 KB
8 KB 109ms
68ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50302
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 150 KB
51 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0927cb85357dc3dcfa4bd2a7087b12e5dd6778c1384007caab11dee84f5f569d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52059
x-xss-protection: 0
server: cafe
etag: 5790532466529580670
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BAD 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0HgeJic2ZLehH4WlrASqyLXoDcme0rFc1Z2R93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi01OTIyNTEzMjEyNzU4MzY4yAEJqQJZ6Z4y_kyyPqgDAcgDAqoEtQFP0KNPkeDzx-K1YVCeJYZ5svCiv_7hywg8jcx3CTyaNmlJ6R7__LFnr4D4qMKE5f0zpgwbKnwGZRQRWG3SaPzDwkHaqfa0unU5quWccnfun1fz9SlhIUK0LxN_ZvNLFzbwmFH-mNJiMTJ-JtM0PtXsqtVAWFucHrg2YBrXs-Hid9JvNmYcT3LfnWcbot83NwamiBGffi6CoYVvgiTu8ADWLHRVwQN7O4WzKRHFN7BkCS_o1ce9gAbl8YqR0rGwopMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTIyNTEzMjEyNzU4MzY4GAA&sigh=IqmaAnqxtpg&uach_m=[UACH]&cid=CAQSGwDUE5ym56W4nXstLfdNhRS2sjW1Y5v-9a1KHxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=1706824535&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566180&bpp=1&bdt=966&idt=226&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NzPBxKTI6G&p=http%3A//yeu79.net&dtd=229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H2 200 lgn.php Show response
cat.nl3.eu.criteo.com/delivery/ Frame 3BAD 43 B
348 B 102ms
28ms Fetch
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=TAL7Z79l8LIDFBl1bc1JjgewknV4GhGzQ1_0OopS1d5p8kmeAakb7dOV04zCcHuahb_FDbpGcURkAZLEpqkEMayVBIRXB-DOXn-7mx5a7vJcCigmvP2ER2U6ToBPXBtVq2V7FKeZ1E4qbBghbQA0sVuVvmH-qn4wLRIC1tiXgwji5dZw1niSbYxHN0Q_hQ281dltewO_S1lNhJHP6042oreBxroHnORuXUITIZbn_jzFVpxdFx9klMMwvOM34DqprtFVW25sDWxuSTiPqUmIIuvFBHvSD8sUdIwQgi35S8sXNHJhlW-Dw2kODL-JrxCI4hbxrChOlXNq8TizMnlA6cySxz17s7A-xlD9LS680FBMjrJPbAU7GUmp8Vmbam2CfQXoHQ2_hxw7VNFYkUTe3NRyiok&z=ZDYnJgAH0LcKixKFAA1kKsscuIz-8mXOgw3y0A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1706762
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3BAD 0
0 116ms
36ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EIrGMAAAnYNiAgIAAACk7F9Uo_V4hhAlJzZktXNjfIRxyDs6-QAAEgMBCgpBUVVEQVFFQkFR&wp=ZDYnJgAH0LcKixKFAA1kKsscuIz-8mXOgw3y0A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 168738
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BAD 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKajYJic2ZLehH4WlrASqyLXoDcme0rFc1Z2R93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi01OTIyNTEzMjEyNzU4MzY4yAEJqQJZ6Z4y_kyyPqgDAaoEtQFP0KNPkeDzx-K1YVCeJYZ5svCiv_7hywg8jcx3CTyaNmlJ6R7__LFnr4D4qMKE5f0zpgwbKnwGZRQRWG3SaPzDwkHaqfa0unU5quWccnfun1fz9SlhIUK0LxN_ZvNLFzbwmFH-mNJiMTJ-JtM0PtXsqtVAWFucHrg2YBrXs-Hid9JvNmYcT3LfnWcbot83NwamiBGffi6CoYVvgiTu8ADWLHRVwQN7O4WzKRHFN7BkCS_o1ce9gAbl8YqR0rGwopMBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTIyNTEzMjEyNzU4MzY4GAA&sigh=o-fALgN4zdw&uach_m=[UACH]&cid=CAQSGwDUE5ym56W4nXstLfdNhRS2sjW1Y5v-9a1KHxgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=1706824535&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566180&bpp=1&bdt=966&idt=226&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NzPBxKTI6G&p=http%3A//yeu79.net&dtd=229
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 12 Apr 2023 03:36:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B071 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=1706824535&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566180&bpp=1&bdt=966&idt=226&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=NzPBxKTI6G&p=http%3A//yeu79.net&dtd=229
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 02:56:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BAD 16 KB
16 KB 72ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 61495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BAD 15 KB
15 KB 77ms
25ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:30:58 GMT
x-content-type-options: nosniff
age: 61508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:30:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BAD 15 KB
15 KB 92ms
41ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 61506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:00 GMT

GET
DATA 200
OK truncated
/ Frame 3BAD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1761e2379824a3e84b3ef28d67f91759bbacfedfc0e9af8d61c792c34eee8940

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=yeu79.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 30ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=yeu79.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/ Frame 5524 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 14:28:34 GMT
etag: 2378337311435320485
expires: Tue, 25 Apr 2023 14:28:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6D1 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB4hnJic2ZJbjHouv3wOZr4SgCMme0rFc1Z2R93DAjbcBEAEgAGCV2q6CtAeCARdjYS1wdWItNTkyMjUxMzIxMjc1ODM2OMgBCakCWemeMv5Msj6oAwHIAwKqBLUBT9AT80WAyqZN5BC6fzqnqKjmF9fnv_AThshyIGVmIDFgBe77p7Z0EbUj7tUAN0BeF87vBvVVMXodOXFkZuflg4uJzkzOPbt3q1jXqobykbaMZ97-psmmrZMG2mKf75g6p2GgqoWQTl8EkbL-bDFKu4y96BYFXiLQSDUON3VwZiOpgySkBB2qO81do9AuQoQ9U6W8fnVGEJYckFvfx50mN9svX96Q7OyvirDsefIXOXCiiD54_YAG5fGKkdKxsKKTAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyMjUxMzIxMjc1ODM2OBgA&sigh=4wIzZcKRrGo&uach_m=[UACH]&cid=CAQSGwDUE5ym0y7f_KZiuau22lJcjK2OtnGoSHXzmBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 lgn.php Show response
cat.nl3.eu.criteo.com/delivery/ Frame C6D1 43 B
347 B 29ms
28ms Fetch
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.nl3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=0-3M2r9l8LIDFBl1bc1JjgewknVwX6XVrEZZrNVSCGVGrc_zQ3DEeBcW04H1rIncaY-z9lHbRJ29vhD1OeK0LJk81lDG0X4XBLOOiyv0Cj1M90GH7HZQ6fKKkJT0DyjMrnPEZJHeQVOL0cQWS4O7Jm02NyzLVm7GTE727p3l6xq19dDi33SuS1oTb9WakDDy6v9L9OxGU-ETmZvAgF_gKVdQ6P25rc-TnfNvzFcYUOdhNMVtCZLOrPivNDEw7PSKxltwNNNISh_LADV-PA2bAQIBOFGNVIEQ9XJKYiEkKGsRHoP4_9c12u4WHZ1pZETLKGjaQyoO6NgkzkOf_Rb4EmpPpemtMIDgiWcRuCEtvDUa3pXbedtncNkCbN2PCmuxZYR0mJBfonlFZBQzD4kvoEbNRcg&z=ZDYnJgAHsZYKd9eLAAEXmfczOJZ0oHgyJWsLyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1627146
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame C6D1 0
0 281ms
280ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EIrGMAAAnYNiAgIAAACk7F9Uo_V4hhAmJzZkRcgwpFcYvoZHHAAAEgMBCgpBUVVCQVFFQkFR&wp=ZDYnJgAHsZYKd9eLAAEXmfczOJZ0oHgyJWsLyg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 175079
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6D1 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpevrJic2ZJbjHouv3wOZr4SgCMme0rFc1Z2R93DAjbcBEAEgAGCV2q6CtAeCARdjYS1wdWItNTkyMjUxMzIxMjc1ODM2OMgBCakCWemeMv5Msj6oAwGqBLUBT9AT80WAyqZN5BC6fzqnqKjmF9fnv_AThshyIGVmIDFgBe77p7Z0EbUj7tUAN0BeF87vBvVVMXodOXFkZuflg4uJzkzOPbt3q1jXqobykbaMZ97-psmmrZMG2mKf75g6p2GgqoWQTl8EkbL-bDFKu4y96BYFXiLQSDUON3VwZiOpgySkBB2qO81do9AuQoQ9U6W8fnVGEJYckFvfx50mN9svX96Q7OyvirDsefIXOXCiiD54_YAG5fGKkdKxsKKTAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyMjUxMzIxMjc1ODM2OBgA&sigh=j98hidrP9GU&uach_m=[UACH]&cid=CAQSGwDUE5ym0y7f_KZiuau22lJcjK2OtnGoSHXzmBgB&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7619 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 02:56:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44E8 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUOqiJic2ZMvKHsfk3wPUn4qYCMme0rFc1Z2R93DAjbcBEAEgAGCV2q6CtAeCARdjYS1wdWItNTkyMjUxMzIxMjc1ODM2OMgBCakCWemeMv5Msj6oAwHIAwKqBK8BT9DYBG5eW25BmoAGo_gH1bBGZPXuKfXMspotF-_COxZ4QE2qYUAp7dd9JEZQedqLvhY_1m6aoEPAvxzY-4ldrW0qz6Cwrk1GtlOMuObk-Zpy35Z7kf9jWVlXehNOIMh33OPwgVQEyAcQ6Gm3c2Q_ayw6V9Nb_g8cTV6-d_oODmeP0Byb5TIPttTtfrIT543Jio8SVx8vKTeF5e_auCYL-2xQSwsK095hrgsuhPodUIAG5fGKkdKxsKKTAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyMjUxMzIxMjc1ODM2OBgA&sigh=xDEUEXSVm3k&uach_m=[UACH]&cid=CAQSGwDUE5ymG6nkeYKXXEoZZZFm6imvwPmxZwjNgBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 lgn.php Show response
cat.fr3.eu.criteo.com/delivery/ Frame 44E8 43 B
348 B 130ms
31ms Fetch
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=rcCXNr9l8LIDFBl1bc1JjgewknXU_jlZONrIYRn2wu7wpCfZ-9W4HbdwLwjj7h2PFAkBhREGhmECWT7zs1feGUrVpO9RItfRrKSvQd-cZ9qNJTlL24HAhKAyrEQrzJ9g9rg9OVb1SEMQ8Db6oYwN8N91qQIrRZt1ZInmUqxadgIOrhadKzg2vIJ-ube2Qvt4rY0gixRtsADFDD2OaNzRRHWo1UH4-6UyRZUmXo5TI95eVlJKebBzPf87j3_y8bFXagmRY98CemktsF1lJPhVGgzlhgU2QT1VYEtNo_QRqxoBrmAE9jIkZNVrmqvjpKHOM57oCqXgzxG3bay3v9JMVSmRTtDA60uBIfGs23m2v4_Lx4RQQJemYOH386wtUhir1NU_Xt537bHfN0LG8FcZWaFpVBc&z=ZDYnJgAHpUsKd_JHAAKP1LP3mutzJYI9ehd47Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1631074
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 44E8 0
0 100ms
32ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EIrGMAAAnYNiAgIAAACk7F9Uo_V4hhAlJzZkgAM3RagnQeR-WwAAEgMBCgpBUVVCRHdFQkR3&wp=ZDYnJgAHpUsKd_JHAAKP1LP3mutzJYI9ehd47Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 157345
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44E8 0
0 58ms
58ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJcsQJic2ZMvKHsfk3wPUn4qYCMme0rFc1Z2R93DAjbcBEAEgAGCV2q6CtAeCARdjYS1wdWItNTkyMjUxMzIxMjc1ODM2OMgBCakCWemeMv5Msj6oAwGqBK8BT9DYBG5eW25BmoAGo_gH1bBGZPXuKfXMspotF-_COxZ4QE2qYUAp7dd9JEZQedqLvhY_1m6aoEPAvxzY-4ldrW0qz6Cwrk1GtlOMuObk-Zpy35Z7kf9jWVlXehNOIMh33OPwgVQEyAcQ6Gm3c2Q_ayw6V9Nb_g8cTV6-d_oODmeP0Byb5TIPttTtfrIT543Jio8SVx8vKTeF5e_auCYL-2xQSwsK095hrgsuhPodUIAG5fGKkdKxsKKTAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyMjUxMzIxMjc1ODM2OBgA&sigh=pKUmiEM8_rg&uach_m=[UACH]&cid=CAQSGwDUE5ymG6nkeYKXXEoZZZFm6imvwPmxZwjNgBgB&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9858 143 B
166 B 54ms
54ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 02:56:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6764 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT06RJic2ZJnRHor23wOtj6rwDcme0rFc1Z2R93DAjbcBEAEgAGCV2q6CtAeCARdjYS1wdWItNTkyMjUxMzIxMjc1ODM2OMgBCakCWemeMv5Msj6oAwHIAwKqBLUBT9DJw9M_04i4IIDxHJRKoS-8DeAit-OlNJnXdDeaa36WzSMv0wUL8YN8hTR9EW7aeKmYLtQcHXp-XdqkaAKmc8d_PFHborloL5a1sGaLQBkk_Ogc7LMThkk7M77WyaEd6ZBthQobV23MQmyJEHqZZfN7fmGEPFIdIrFujn4H6CjffzeWfyyk3OeMKx8J2k7q2vb5tRBLT3gonb0cdACyuJ31OUc75Qh80dsbBaMPTCd9LqN-pIAG5fGKkdKxsKKTAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyMjUxMzIxMjc1ODM2OBgA&sigh=EyGFnwRCXJM&uach_m=[UACH]&cid=CAQSGwDUE5ymqs8Lu50v3uVF4JtZfjwu0dDwBuP9fhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 lgn.php Show response
cat.fr3.eu.criteo.com/delivery/ Frame 6764 43 B
347 B 113ms
32ms Fetch
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cat.fr3.eu.criteo.com/delivery/lgn.php?cppv=3&cpp=VPaZIr9l8LIDFBl1bc1JjgewknW-AyGsRyBcjndIrE_6z4ghE7-C7eYqh_HeXlAMFIMACo4bTbUP1VBc9C0gPuu8lHKvA4razAdGBLqKMxQgBlrFVWd5kyBLSp6NqjCbOxAZJ_TgEzE58-qjd-Xf5oqPWT1mdxMMT-muLWsi0PL_nQfU92-Zh3k61aMxHa6msgtdLXE3g4bt17X5o_OJm0vSm-BoUi42MJBsECat-5BMbBPCmcwCv8kz-J2wbb1NUaHzhmNeMIEB05gHhYWuw7m6-acHzUDIkiFFemnLwca7wGCz0b7mvuUJ_TVCnwA4QnwA24ykbMbOsuKYo_6-2Dd3jgHioG-ceZGegVdd9ar_lPsLrS9ZLTYkc3atO5s0mCeop3ItyhwhTHhUStryCKobtLc&z=ZDYnJgAHqJkKd_sKAAqHrUgpSy2BmUfo4QA8Hg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1612398
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 6764 0
0 83ms
33ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EIrGMAAAnYNiAgIAAACk7F9Uo_V4hhAmJzZkVdRZXzCR6JSj9QAAEgMBCgpBUVVCRHdFQkR3&wp=ZDYnJgAHqJkKd_sKAAqHrUgpSy2BmUfo4QA8Hg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 139280
server: Kestrel
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6764 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq1KYJic2ZJnRHor23wOtj6rwDcme0rFc1Z2R93DAjbcBEAEgAGCV2q6CtAeCARdjYS1wdWItNTkyMjUxMzIxMjc1ODM2OMgBCakCWemeMv5Msj6oAwGqBLUBT9DJw9M_04i4IIDxHJRKoS-8DeAit-OlNJnXdDeaa36WzSMv0wUL8YN8hTR9EW7aeKmYLtQcHXp-XdqkaAKmc8d_PFHborloL5a1sGaLQBkk_Ogc7LMThkk7M77WyaEd6ZBthQobV23MQmyJEHqZZfN7fmGEPFIdIrFujn4H6CjffzeWfyyk3OeMKx8J2k7q2vb5tRBLT3gonb0cdACyuJ31OUc75Qh80dsbBaMPTCd9LqN-pIAG5fGKkdKxsKKTAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTkyMjUxMzIxMjc1ODM2OBgA&sigh=wFCBLZwAxeI&uach_m=[UACH]&cid=CAQSGwDUE5ymqs8Lu50v3uVF4JtZfjwu0dDwBuP9fhgB&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F047 143 B
166 B 22ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 02:56:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 44E8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 612c4d80aa2bda24cc1c74cc65cd802ba2bc78d5fe8384f1858edd94aa6da2ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44E8 16 KB
16 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 61495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44E8 15 KB
15 KB 26ms
24ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:30:58 GMT
x-content-type-options: nosniff
age: 61508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:30:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 44E8 15 KB
15 KB 29ms
27ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 61506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:00 GMT

GET
DATA 200
OK truncated
/ Frame 6764 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75e59faa9d7561b17310a47c9e276a0123578843f3064696ca794574a729b4a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6764 16 KB
16 KB 32ms
31ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 61495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6764 15 KB
15 KB 35ms
33ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:30:58 GMT
x-content-type-options: nosniff
age: 61508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:30:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6764 15 KB
15 KB 42ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 61506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:00 GMT

GET
DATA 200
OK truncated
/ Frame C6D1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9155698dbfa97cab02e9e7b3140350d2b047cac9f10f9fb0745299de68b75110

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6D1 16 KB
16 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 61495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6D1 15 KB
15 KB 50ms
49ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:30:58 GMT
x-content-type-options: nosniff
age: 61508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:30:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C6D1 15 KB
15 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&lang=vi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:00 GMT
x-content-type-options: nosniff
age: 61506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B071
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

30ms
29ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
expires: Wed, 12 Apr 2023 03:36:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5524 0
0 65ms
64ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLmmCJic2ZJ6TH9nk3wPXwLi4Dcme0rFc1Z2R93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi01OTIyNTEzMjEyNzU4MzY4yAEJqQJZ6Z4y_kyyPqgDAaoErwFP0PInXKFRTP_ZB4YAQfI8mlzZ2keQmB0JLcaj3YkWSPqeMWV6p8Hj9_cnr4Lu20Z-lU2s2BygkPXprLElrzt1kHeGtmvsKqhzRmkkj7qpCejNv61jADp3msfHKxk6rKgklt2enPP6LYOPmt6pAjrlZQ1Foj_meoj8n0sn_t1ZAP3X-P-X1kWitxOG2VGpBEbybVbzZEzlUwY3kfevduVDnmqFLwX2N46C98lxXcs4gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01OTIyNTEzMjEyNzU4MzY4GAA&sigh=VAKjQ1VEnMw&uach_m=[UACH]&cid=CAQSGwBygQiD_8dSI7Mbve4Ql7GcZ1XqaLJb40DzyxgB

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 12 Apr 2023 03:36:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 5524 0
0 33ms
33ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAA9NGfyEuE0ykQJic2ZMw0DZM7msBPUUwAABIAAAoKQVFVRER3RUJEdw&wp=ZDYnJgAHyZ4Kd_JZAA4gV5GGA4JER7q2zZR6fA

Requested by

Host: yeu79.net
URL: http://yeu79.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 144471
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B194 185 KB
56 KB 167ms
93ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDYnJgAHyZ4Kd_JZAA4gV5GGA4JER7q2zZR6fA&u=%7ChhYXw1eKLPhanx%2F%2BM%2BFLHZ0df4zm8rVjYOsH%2FQk%2FBV0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86xR6Z-0MRlNessreAXwnDzYX58e-CYGNHGmJRLzNlhPsxTcK0aVtuEbwD9zt9l5kgv_90WdiKkUh3HDr0TtojXBcp-LqgegEXbvsPy9Hup9zKuDAKS-5df57ERCVJd9mztgcbMGIiSKPptH-agapEBBETyZJFcnZUEsEQvWP1ebVDscxqETmGW0-mh9yWKpE6rE-QD6rTqHYTNV2BQzGEJLN1cIyLw-_M1XO2SoJE9mWrnTlgZhurXfiX4LPt4Zs2wpFSMYeK9wYOabrSRqwAHjiP08KbW55UNPg8byS4mSN8NAXvR6qgiGTqucTSJ-vS19nf1hMIRo84_hN3Hlm5SoLjhXOb964s2o4CmQT6ynJgzyqBFP9SrTblGwHDcNm1q8j7Txbw1nWlS1rJM-hZMeoCFG-jb1IyPlklWxDLzY0ljTF0voH_q4YdVGN4AggRUtg1RFalEgCSbCgn6Cx6pShjPhqHiGVjA3oT0ulIyfF0gLh3L5yKEwVdU28Pbv0gPGt8j41dFQ66MJMDS8LDG4vzMVOfpYo9CqTf7XT8Ui38Z11V8ASh14&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-4kgJic2ZJ6TH9nk3wPXwLi4Dcme0rFc1Z2R93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi01OTIyNTEzMjEyNzU4MzY4yAEJqQJZ6Z4y_kyyPqgDAaoEsgFP0PInXKFRTP_ZB4YAQfI8mlzZ2keQmB0JLcaj3YkWSPqeMWV6p8Hj9_cnr4Lu20Z-lU2s2BygkPXprLElrzt1kHeGtmvsKqhzRmkkj7qpCejNv61jADp3msfHKxk6rKgklt2enPP6LYOPmt6pAjrlZQ1Foj_meoj8n0sn_t1ZAP3X-P-X1kWit1GE-MMui9rh0srnx5zY9f4-hf0ZfMtbHN5NEqMEiJCu70zb2diHxgy8gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3T7ByWXSt69BjqsPubtP_C-MN52A%26client%3Dca-pub-5922513212758368%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9f0174772f64028970efd1ed1d525932345fcefc27d1f610ed10197e043319d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=bu1mKp67AunAshA4UmPTk7HLYnU7YQchk82MgkVhZNmgnJfKCi3vUfHzuAzNrj_qhOoN7GzMva4G9gH7Ea1JlfI2KPZ88Pts2U0lEz_HeTViujcio5WUDWFvpK3iYYPyl1Lqs32G-V2Cz3jPOUJSAWwMeY671BGNnIPLIdLHxNTsiXu1S7PJ7Pmwb15foTafBfkNaoFqnRqVc11DztTh-Mh7AfWjmxzaj7aB0Z02SNfTAXBrsAkoEccX1TgSdlScpXGjGA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52539904
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 5524 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 18:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31783
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 18:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/ Frame 5524 20 KB
8 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230410/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 13:37:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8512
x-xss-protection: 0
server: cafe
etag: 10859400315404043642
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 25 Apr 2023 13:37:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5524 159 KB
49 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 03:36:07 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7619
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
37ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=3179628286&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566282&bpp=6&bdt=1067&idt=135&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3024&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=lnNZhLnaFK&p=http%3A//yeu79.net&dtd=139

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
expires: Wed, 12 Apr 2023 03:36:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F047
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

42ms
42ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=2221415025&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566258&bpp=10&bdt=1044&idt=155&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x130%2C1200x130&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=qgzMZL6JV2&p=http%3A//yeu79.net&dtd=157

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
expires: Wed, 12 Apr 2023 03:36:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9858
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5922513212758368&output=html&h=130&slotname=7980254497&adk=2897910459&adf=683863926&pi=t.ma~as.7980254497&w=1200&lmt=1681270566&rafmt=11&format=1200x130&url=http%3A%2F%2Fyeu79.net%2F&wgl=1&dt=1681270566178&bpp=2&bdt=964&idt=219&shv=r20230410&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7339631088846&frm=20&pv=1&ga_vid=815196457.1681270566&ga_sid=1681270566&ga_hid=1548132381&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532185%2C42532089%2C44759842%2C31071755%2C44785293%2C21065725&oid=2&pvsid=2992544977387838&tmod=773704595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Z7viSZry7S&p=http%3A//yeu79.net&dtd=223

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
expires: Wed, 12 Apr 2023 03:36:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5524 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e7feba25f6f64b3230a26d223a7fe18970654cd6cd449a3c4efb10fccec6934

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B194 2 KB
1 KB 109ms
35ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZDYnJgAHyZ4Kd_JZAA4gV5GGA4JER7q2zZR6fA&u=%7ChhYXw1eKLPhanx%2F%2BM%2BFLHZ0df4zm8rVjYOsH%2FQk%2FBV0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86xR6Z-0MRlNessreAXwnDzYX58e-CYGNHGmJRLzNlhPsxTcK0aVtuEbwD9zt9l5kgv_90WdiKkUh3HDr0TtojXBcp-LqgegEXbvsPy9Hup9zKuDAKS-5df57ERCVJd9mztgcbMGIiSKPptH-agapEBBETyZJFcnZUEsEQvWP1ebVDscxqETmGW0-mh9yWKpE6rE-QD6rTqHYTNV2BQzGEJLN1cIyLw-_M1XO2SoJE9mWrnTlgZhurXfiX4LPt4Zs2wpFSMYeK9wYOabrSRqwAHjiP08KbW55UNPg8byS4mSN8NAXvR6qgiGTqucTSJ-vS19nf1hMIRo84_hN3Hlm5SoLjhXOb964s2o4CmQT6ynJgzyqBFP9SrTblGwHDcNm1q8j7Txbw1nWlS1rJM-hZMeoCFG-jb1IyPlklWxDLzY0ljTF0voH_q4YdVGN4AggRUtg1RFalEgCSbCgn6Cx6pShjPhqHiGVjA3oT0ulIyfF0gLh3L5yKEwVdU28Pbv0gPGt8j41dFQ66MJMDS8LDG4vzMVOfpYo9CqTf7XT8Ui38Z11V8ASh14&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-4kgJic2ZJ6TH9nk3wPXwLi4Dcme0rFc1Z2R93DAjbcBEAEgAGC7BoIBF2NhLXB1Yi01OTIyNTEzMjEyNzU4MzY4yAEJqQJZ6Z4y_kyyPqgDAaoEsgFP0PInXKFRTP_ZB4YAQfI8mlzZ2keQmB0JLcaj3YkWSPqeMWV6p8Hj9_cnr4Lu20Z-lU2s2BygkPXprLElrzt1kHeGtmvsKqhzRmkkj7qpCejNv61jADp3msfHKxk6rKgklt2enPP6LYOPmt6pAjrlZQ1Foj_meoj8n0sn_t1ZAP3X-P-X1kWit1GE-MMui9rh0srnx5zY9f4-hf0ZfMtbHN5NEqMEiJCu70zb2diHxgy8gAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3T7ByWXSt69BjqsPubtP_C-MN52A%26client%3Dca-pub-5922513212758368%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B194 2 KB
1 KB 109ms
35ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B194 308 B
637 B 105ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B194 293 B
621 B 106ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B194 43 B
347 B 28ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=siEbm3snO68UYrYiDu2RaQt1qcy7itLQoIrNUXnnXFWt2JpIovWACCh-B0V20x5rKGZF9oKfZZh3lWQDqC0ngYhN14GRahac_i1lyp9de6_J6iBHcI1-J1QbA12hYEFZRLWqJ0y-PWi1q9aFt-5L4hbdA27aPlA_YB7lYUu53NXJ8XoOcN4Srzo9PngjMscG9cQUqUnHelEymrAthjsYfsG8iqnCkObKk7KJVnmE9HN3UoGGeU4dRVbEQADwHifSdFT2-7P2SojaY3YYRClxFB76VclKBTDNObnr4wnUkkacF_uwxKFfbzjOD0BHJ_LXBzaobupuQy0y4qoRIkVl9-u4Nk4uylwoRPe3xhCZdphtMvB0FpzMNgqIoKZSWmhEepdzJkXFzqS9OO2YH7qs0QBVIaq4zxMiy2CNpDaugNGFeaKv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1834529
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B194 12 KB
5 KB 74ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 465475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DK3Mj%2BfJ%2F72mZirMmxxJbELZc0li1USoWT1D8oYjhnrdlz8r55By1U4n%2Fj4uO%2FfRApPw1fMvHPcLUlINRgXyH39FL8ZH%2BqqvMiXmN2rG5nJOHORPetNvLhMaWcu43ucPn%2FCplFo2rKdFFId37s4ovCSk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b686c558e1e9a17-FRA
expires: Mon, 01 Apr 2024 03:36:07 GMT

GET
H/1.1 200
OK quan-nhau-chill-nha-trang.jpg
yeu79.net/assets/thumbs/an-uong/quan-nhau-chill/ 32 KB
33 KB 29ms
29ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/an-uong/quan-nhau-chill/quan-nhau-chill-nha-trang.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a4adaaa76a4f17affd36b7e3e543a7c45cc59cd177148ab5997cacb256b703f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 28701
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 32542
Last-Modified: Thu, 31 Mar 2022 08:47:54 GMT
Server: cloudflare
Etag: "7f1e-5db7fb7d2fe48"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtlwL5i3K0S2SslAFOigtlsbW3Q%2Bj193GIOyNUsQR0ntwLWZLHwpWx7EinXotFMuw%2BsgH1Ucjy8IuhldeR0hrQJcG355JGTTlaDyqrLL5RG5OIVf%2Ffo2OARR0JEN0IXCmFfiQt5G9Vo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c57ac1b903c-FRA
Expires: Thu, 11 May 2023 04:08:11 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame B194 46 KB
46 KB 229ms
158ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame B194 38 KB
38 KB 339ms
268ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B194 12 KB
6 KB 199ms
199ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 4 KB
4 KB 404ms
34ms Image
image/png 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230313%2F083d2df2aad24ff99da4ddde5249fccb_bonprix_logo_rgb_pos.png&v=3&w=196&s=Zn7IsJRun35lO7KsFBiq7rap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

53db5de5f5524dc372b21d1d0a677d993b739b30b6e5c4276c45083ec28fabc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28551282
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3866
expires: Thu, 07 Mar 2024 14:30:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 62 KB
62 KB 453ms
84ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F230322%2F1f0cc0bfc2bc4295aa7ba7e3e2471f5e_img_horizontal_1.jpg&v=3&w=1200&s=omp8P1yF0BwKBZCDHJqk-APs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3f94ddbb28e4d7034764bb2f4595677f15d4850acab6195bd141a816cc1bec48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29840059
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 63140
expires: Fri, 22 Mar 2024 12:30:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 9 KB
9 KB 507ms
138ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1541573180%2F18316508-Fn21UoMR.jpg&v=3&w=400&s=PgMu1WiaOuh2y0iR0WGsjU0h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

12a083976f3a0590ab7eee8e6e802316df6e99feff92d591e810f1f29b09e630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=50472
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8820
expires: Wed, 12 Apr 2023 17:37:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 13 KB
13 KB 438ms
69ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1475740230%2F16209727-6wnyNe0i.jpg&v=3&w=400&s=iXwa8LSIVCjBKattIYfK37lu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

1d7036cd7c27816006a31c726f89cb8358c2283e82f078ed8b3bb45b01af7d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=41595
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12968
expires: Wed, 12 Apr 2023 15:09:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 22 KB
22 KB 489ms
120ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1610625481%2F21006829-MGonjyUc.jpg&v=3&w=400&s=EB5NVzvXKP8qWvE6dwTQsEgl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3c4042e16b70ca430e8dd89fcfa5b3710189345c658bec187673702f4d378e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=40644
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22424
expires: Wed, 12 Apr 2023 14:53:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 354 B
618 B 506ms
137ms Image
image/png 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=razrptKBi3DfvApO0YzRGhyS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=26287243
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Sat, 10 Feb 2024 09:36:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 8 KB
8 KB 107ms
106ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1539940250%2F18321145-4xXQJaMw.jpg&v=3&w=400&s=DFwAbDa2XgerKDY8wKDXZ1EL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c633fcb673fd5ab1a11fcb862177478a8408326ddc4aa2d177448be590db951f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=42527
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7704
expires: Wed, 12 Apr 2023 15:24:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 11 KB
11 KB 108ms
107ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F16055430-ERcssJGh.jpg&v=3&w=400&s=OmTydPDewHK8C6w7BTbh2jBR&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

935fb28345670a4e9a15dcc2611aa0bea45c169f9d2973c0ed1f4828dc1abee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=40645
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10938
expires: Wed, 12 Apr 2023 14:53:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 11 KB
11 KB 117ms
116ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19349932-ZseJiX5S.jpg&v=3&w=400&s=bL6rHfLOrI8xR4MwhnKaBsfQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c3fbda5aaf08b79384354c91b5a7d8cd6196fb8a797afac0212181c6df0074bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=40645
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10766
expires: Wed, 12 Apr 2023 14:53:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 22 KB
22 KB 113ms
112ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1594983169%2F20117059-0kCtbvjw.jpg&v=3&w=400&s=exwaYeXg14suYKg5IDvuzZEz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ab6b374b50ba1f25ac83c25ac8be54ba6ea56643d4b4502ada68a2c5adcd03e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=40638
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22502
expires: Wed, 12 Apr 2023 14:53:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 305 B
569 B 115ms
114ms Image
image/png 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=jcK49oeUiuuNLVIfXvpJTqGu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=26287270
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 305
expires: Sat, 10 Feb 2024 09:37:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 11 KB
11 KB 121ms
120ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1670846102%2F22265277-MKu3smF2.jpg&v=3&w=400&s=oxYsjZ3V7Pqf4BEobeUgl__e&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3441db3ab2ab6fd57057ec78b670f88c2ff94f6ea7f0750b87ab0f1d53b24da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=96508
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11326
expires: Thu, 13 Apr 2023 06:24:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 19 KB
19 KB 133ms
132ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1562682545%2F19190816-bOM8mUfA.jpg&v=3&w=400&s=J5cx9K1yEpilIcl9GnXf1y1x&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ca2746cc5eb4a69f5a500a6192258fafe3831bef91cde16b6e24e02368a9375b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=96542
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19088
expires: Thu, 13 Apr 2023 06:25:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 12 KB
12 KB 121ms
120ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1675445959%2F23021857-rh80XpHR.jpg&v=3&w=400&s=FWlyTOolAYtB9m5L1PpcLa_w&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8191458d176787dc85a6a281fa2a1196538253b4ede683ddbf95cb84d25c3c4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:06 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=40645
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12186
expires: Wed, 12 Apr 2023 14:53:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 8 KB
8 KB 128ms
128ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1526645088%2F18140319-mMSqAZPu.jpg&v=3&w=400&s=a-nVAQvOFZ6Diuu5iGZnkLnL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

d8a9883a456c70686e73353697c67b3aec08eb67b66ec583711ccab070441136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=113554
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7790
expires: Thu, 13 Apr 2023 11:08:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B194 15 KB
15 KB 129ms
129ms Image
image/webp 2a02:2638:d::14
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1606465840%2F20266426-uiAnXaLs.jpg&v=3&w=400&s=t5JWJQq3gI3rN3CoZZwwFY9E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::14 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

8bfadf29262ac0c22314bd5abe91f18fdfb92a4bf692c44d3fc08762ddc39f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=41230
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15464
expires: Wed, 12 Apr 2023 15:03:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B194 0
128 B 112ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=bu1mKp67AunAshA4UmPTk7HLYnU7YQchk82MgkVhZNmgnJfKCi3vUfHzuAzNrj_qhOoN7GzMva4G9gH7Ea1JlfI2KPZ88Pts2U0lEz_HeTViujcio5WUDWFvpK3iYYPyl1Lqs32G-V2Cz3jPOUJSAWwMeY671BGNnIPLIdLHxNTsiXu1S7PJ7Pmwb15foTafBfkNaoFqnRqVc11DztTh-Mh7AfWjmxzaj7aB0Z02SNfTAXBrsAkoEccX1TgSdlScpXGjGA&sds=2&rev=85712&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B194 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B194 2 KB
1 KB 34ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Apr 2024 03:36:07 GMT

GET
H/1.1 200
OK nha-dat-nha-trang-gia-re.jpg
yeu79.net/assets/thumbs/nha-dat/ 25 KB
25 KB 28ms
28ms Image
image/jpeg 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://yeu79.net/assets/thumbs/nha-dat/nha-dat-nha-trang-gia-re.jpg
Requested by: Host: yeu79.net
URL: http://yeu79.net/
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e958e2b5adbc93b7fa2745c5c27f183e3ac0e224fa5ed868c7fa08cf722298

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:07 GMT
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 28702
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 25190
Last-Modified: Mon, 04 Apr 2022 09:11:37 GMT
Server: cloudflare
Etag: "6266-5dbd083fb8e18"
Vary: User-Agent, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaVoIysFhj4uK1kLN4Z2fZ3N7TR%2FXdWoZ4orqSmRXykNNRok3eqOfZNY0oK8m7rbqG4Is0bPNQv7xgfF7ICfQk8u8vKkQnLRS6%2B5Xfi15svr9WdNR4oX6iptHkmpsulr6QwhUfbm85E%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7b686c57ec5f903c-FRA
Expires: Thu, 27 Apr 2023 09:10:33 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-69269666-28&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XR6HEJL7JT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

054ec5987b87790f519a22c11da59db7fef5e57549e7367747b74e8d77a13182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44627
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 12 Apr 2023 03:36:07 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/vi_VN/ 301 KB
86 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=41eac2758f79b823ce9bb522bc635cd2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86d6e0f81c7e8c68fbc83b9fc431679813ef5370a497e4d528f6383d604f92d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://yeu79.net/
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 03:36:07 GMT
content-md5: M751dRdPnPBI/CZp+R4d9w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87253
x-fb-rlafr: 0
x-fb-debug: LDE70R97ZzKj2dF5F/nOx8cop6lFlbPFpnpNTA3fclCQKxAHfrKNyTwQCS000qD6+s9F4iEsMYQCydqF5TONUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 720026100
x-fb-content-md5: 210635b65b22b8873ac0529967b4c0bb
cross-origin-opener-policy: same-origin-allow-popups
etag: "ae14f0b38a1ff1cc9da09589783e4311"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 10 Apr 2024 23:37:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 114ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-69269666-28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Apr 2023 02:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5459
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 12 Apr 2023 04:05:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 28ms
28ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1548132381&t=pageview&_s=1&dl=http%3A%2F%2Fyeu79.net%2F&ul=en-us&de=UTF-8&dt=B%E1%BA%A3n%20%C4%90%E1%BB%93%20%C4%82n%20U%E1%BB%91ng%20Nha%20Trang%20-%20C%E1%BA%A9m%20Nang%20Vui%20Ch%C6%A1i%20T%E1%BA%A1i%20Kh%C3%A1nh%20H%C3%B2a&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1249281198&gjid=894578447&cid=815196457.1681270566&tid=UA-69269666-28&_gid=2083837517.1681270568&_r=1&gtm=457e34a0&jsscut=1&z=962037091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://yeu79.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://yeu79.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
yeu79.net/assets/fonts/fontawesome/ 75 KB
76 KB 1369ms
1369ms Font
application/x-gzip 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by: Host: yeu79.net
URL: http://yeu79.net/assets/themes/nhatrangdev/all-awsome.css
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: http://yeu79.net/assets/themes/nhatrangdev/all-awsome.css
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:09 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 04 Aug 2021 10:25:46 GMT
Server: cloudflare
Etag: "12bc0-5c8b939b19e80-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mh59N9Czu0oQ8pbpmehZo731v1PM1flCBHHH2yBByPm3ciXc2UEu2VGYelEjdU0gBwGdLZFMoslgYwqQ%2B5vfPQEEkNBlUM0%2F4H48835244bn6dM2YAnZ640yYJa%2FAi1iB%2Fkpn1CYVKo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-gzip
Cache-Control: max-age=172800
CF-RAY: 7b686c5a693b3635-FRA
Expires: Fri, 14 Apr 2023 03:16:23 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
yeu79.net/assets/fonts/fontawesome/ 76 KB
77 KB 2404ms
2404ms Font
application/x-gzip 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://yeu79.net/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by: Host: yeu79.net
URL: http://yeu79.net/assets/themes/nhatrangdev/all-awsome.css
Protocol: HTTP/1.1
Server: 2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: http://yeu79.net/assets/themes/nhatrangdev/all-awsome.css
Origin: http://yeu79.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Wed, 12 Apr 2023 03:36:10 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Wed, 04 Aug 2021 10:25:46 GMT
Server: cloudflare
Etag: "131bc-5c8b939b19e80-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibhoV22HUnOnivwOKEYqlnFujPU%2F1QiD%2B9aesIGXjDzBfY5hW7IGs%2FlekBA2AEX5HsEhyTn94rx4vMw0jin9K2Bpey0hGKZ1%2BseKgODOSjL8lwOb4y6Vq31Yl3dl6kHgqsEC3rxVrPk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-gzip
Cache-Control: max-age=172800
CF-RAY: 7b686c5a684f5c2c-FRA
Expires: Fri, 14 Apr 2023 03:16:23 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44E8 42 B
174 B 60ms
55ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUKhZzw-IOnNyifRmBAFruQQ3XHL3-N6jKdSnO580xvk4S5AkDfgG62yyapusCJnxGYprnknER4GI054V-7okv6rY&sig=Cg0ArKJSzL56kqwYE38OEAE&id=lidar2&mcvt=1072&p=0,0,119,1200&mtos=1072,1072,1072,1072,1072&tos=1072,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=14&adk=2897910459&rs=2&la=0&cr=0&vs=4&r=v&rst=1681270566402&rpt=668&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5524 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDojMn-dHiuZuaz5IkBM9yonZSekS81irzexAKVLbYZJoYkBTGIyMivgLze3WxkEdgF86dWm4G1gnxDym3aI2l6_U&sig=Cg0ArKJSzAJIIZidKGHgEAE&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=93,777,1003,1128,1146&tos=93,684,226,125,18&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1681270566876&rpt=221&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Apr 2023 03:36:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B194 0
127 B 35ms
34ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 12 Apr 2023 03:36:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 36ms
35ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230410&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe28ea4332b34879da2d62f0f9bb5aa07cd31dd5c5f2e879178b47654a3047ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11154
x-xss-protection: 0

POST
H/1.1 204
No Content rum Show response
yeu79.net/cdn-cgi/ 0
370 B 22ms
21ms XHR
text/plain 2606:4700:3034::6815:3c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://yeu79.net/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v2b4487d741ca48dcbadcaf954e159fc61680799950996

Protocol

HTTP/1.1

Server

2606:4700:3034::6815:3c7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://yeu79.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

Date: Wed, 12 Apr 2023 03:36:10 GMT
X-Content-Type-Options: nosniff
Server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: http://yeu79.net
X-Frame-Options: DENY
access-control-allow-credentials: true
Connection: keep-alive
CF-RAY: 7b686c6b6df15c2c-FRA

GET
H2 200 logo-yeu79-ngang.png
yeu79.net/assets/images/ 60 KB
60 KB 912ms
865ms Image
image/png 2606:4700:3030::ac43:8326
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yeu79.net/assets/images/logo-yeu79-ngang.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8326 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fecb53ffa63012b05c9b5f2e21720abe9fe9738c2013dd472a00606494329695

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:11 GMT
cf-cache-status: HIT
last-modified: Thu, 03 Sep 2020 19:00:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ee94-5ae6d5c413980"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJz6gT4axM48a2Xe9s2k46BqJboPQogM7%2FfengO%2FBTMXZ1q3ov7%2FeHIWtLXicGKwr%2F4DYn5avJdewDXiaS%2FaXosqqYP8O%2BU%2FYZ2E8rM%2FsQLg5DucRimDG9u5Jia2iblkZrwBYZkcDPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7b686c6bdcb43a57-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61076
expires: Sat, 15 Apr 2023 03:24:45 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 12 Apr 2023 03:36:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0AB7 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 18:46:22 GMT
expires: Wed, 10 Apr 2024 18:46:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A6A 783 B
972 B 30ms
29ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d196f0f9b8a5360ba71c4e0107b06279fbbbddc1f67e0fbd0124f776ea60a191

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zR6IPGjBwljnh-0V2WULJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://yeu79.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-zR6IPGjBwljnh-0V2WULJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 12 Apr 2023 03:36:10 GMT
expires: Wed, 12 Apr 2023 03:36:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A6A 0
0 54ms
53ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230410&jk=2992544977387838&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 200 lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0AB7 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lLwpSR5MnyGzOFtGAuW1fc1OQlo0k-g4ASkZp7pYH4M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 11:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Apr 2024 11:15:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0AB7 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6EmIhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 03:36:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
57ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230410&jk=2992544977387838&bg=!u7iluOzNAAYIJb0jKCU7ADkAdvg8WuKOJKHxuj9P6ImGDGhH_ZENps9Z7Yip7k4feeAoip-gLzzWhythaS5DGn-2F_zvoKzduasCAAAAS1IAAAAEaAEHCgC6QX_0KiJBunSsVicfmQAvwu8FmTLGU6_36lkrlxR2oJK0NRuBmt3BEuOTUD94sqFzGt1Irf1XKCcBMgN3snW52tGrrE6lRHsrIzQPvbYanStqxHxrNw2P1aaZ_bjYEoT6bZSUlKWpFtS7s1gAE4Aa3ouZPiNLZyh1okzUA7zkbut9xuVJxlFINNTGcBrRxU_HLeo6EgKB3k0F1N4OJ25KlqOFpt8CYUx37XF4Wfu1VwpPSKDwg0mwRa5ImQKb0AtPoXDWE5NdtOZK-Ql3iecyq93bmh0gT47rpSypWd3uIyApYUgAH1VCztbINQqZJqsafBfLduAregFnveW8WL3m9tPhGsKAHg4olDGXuPYBnu13ppG7hhXx53D9GRZaScKClGbLXy_H4bZTFMFHjbtrM39FVmJXLVZ8xSExBVTy9CZkvLtVLsDVfpyHhl-DkbxLiMUlvgTSM20beDsl82zYKeDB7spmPjzdibOC5j9DiaBmIhNidnLWLJVFpTIXrSoL0jyNNkOxBTCK9sslsEParj4SCBzm09EbUqCOqRz0DVqZ_1LPIAszYHmmtdwcApjEGRYigD7bQIgubmwY2rMJKImXslbS_OPMLpaiKFnNi1cSCRiWyeXraCbXJvJRjpa_OEVY8iBgaM6iW6SHBvPOyO6V128z0XCwjkVteWbZ7KPHXRFM21hSl95pI5rgTUNkBaSj7ODCWbl_69lVD8H3y3PNIIu3tRoR1wOBZxLjneqrdr14PNRmW9qiC3pPiKWWn4JpP1Jj7dOPrtrRMjVCLoUt4IjjFKEI9PGdj8MtvGIrSr0qYbFM6V57HRieCpGxatBCezgjbJZ3kW92ItiVIa0Zx6uR5sByWbZKpZMiVSAp3fj1bYyJnApOyFrWrzt9s_t4cOuPSYpE92nDsi55QMem52EjK_ablOpSUf4eLJJFKi3kD0TvJepTLD38d2wyZ0JgRhUzwZ4tYX0gOjdDrgzfh69wbj6WN9P9VcA9bxn2yHavnvkWvDNYGLEJ3QH7U2GFURI1oAk4sZ01xuBMdgxJ-wvzIHFNvoCt69q6EViuEoryCtgnEQQ9dxBre5W_sxlqYqBrpI0ZD2pHHJPmlMHW_hWCNwGZH9zBQrdwuXbdR6M7VDur0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://yeu79.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yeu79.net/	1970-01-20 11:01:17	Name: ci_session Value: qc18ughdv7c2e1u1e3shpvggcjbs0k8g
.yeu79.net/	1970-01-20 20:22:46	Name: __gads Value: ID=67fd44686afe8efb-2213a9d88cdd004c:T=1681270566:RT=1681270566:S=ALNI_MYtVwRl30rjOT4jJbs4W5HrIlqgqQ
.yeu79.net/	1970-01-20 20:22:46	Name: __gpi Value: UID=00000bddc68f297f:T=1681270566:RT=1681270566:S=ALNI_MaoFuzjfPNVWp3oI7SCN5-B5hqrPQ
.doubleclick.net/	1970-01-20 20:22:46	Name: IDE Value: AHWqTUkPV1jG3NMNQY7TfUSGFQYyAt4axqJfxZJzkKk8-YmufvTH0pI1NKFq9KieblA
.doubleclick.net/	1970-01-20 11:01:14	Name: DSID Value: NO_DATA
.yeu79.net/	1970-01-20 20:37:10	Name: _ga Value: GA1.2.815196457.1681270566
.yeu79.net/	1970-01-20 11:02:36	Name: _gid Value: GA1.2.2083837517.1681270568
.yeu79.net/	1970-01-20 11:01:10	Name: _gat_gtag_UA_69269666_28 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230410/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr3.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
owa.bestprice.vn
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr3.eu.criteo.com
rtb.nl3.eu.criteo.com
static.cloudflareinsights.com
static.criteo.net
static.vinwonders.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
yeu79.net
118.68.218.174
178.250.1.6
178.250.7.9
18.66.97.101
2606:4700:3030::ac43:8326
2606:4700:3034::6815:3c7
2606:4700::6810:3965
2606:4700::6811:180e
2a00:1450:4001:802::2001
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a02:2638:3::12
2a02:2638:3::9
2a02:2638:d::11
2a02:2638:d::14
2a02:2638:d::2
2a02:2638:d::c
2a03:2880:f007:8:face:b00c:0:1
04bcfd70942872f2e832964ca2928736a3d4743ce35ee564c512d84f5db8c89f
054ec5987b87790f519a22c11da59db7fef5e57549e7367747b74e8d77a13182
088c7dda347ed4a7857dd52f3b388d26cee790714b0199999d5ec042c4fc940d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0927cb85357dc3dcfa4bd2a7087b12e5dd6778c1384007caab11dee84f5f569d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
113a4e03dc0109d1c32cee5e33d93914d1e21e2fd952f62be1b314fe3a76dda5
12a083976f3a0590ab7eee8e6e802316df6e99feff92d591e810f1f29b09e630
1761e2379824a3e84b3ef28d67f91759bbacfedfc0e9af8d61c792c34eee8940
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
1c6a3034a3e2ca653de461dd69db36f385df830c499466e00b167a5eae43cbfe
1d7036cd7c27816006a31c726f89cb8358c2283e82f078ed8b3bb45b01af7d29
1fecadfd515c2fad98ea81c89ad22d589e575da69f07b2a4180bbd38e6f16e67
208ebabe50b9abe45cb0d4bdbd97c2078e59ba7ef3cd954bcce062ed1e4a88ad
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
2e7feba25f6f64b3230a26d223a7fe18970654cd6cd449a3c4efb10fccec6934
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c4042e16b70ca430e8dd89fcfa5b3710189345c658bec187673702f4d378e85
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
3f94ddbb28e4d7034764bb2f4595677f15d4850acab6195bd141a816cc1bec48
4381409c9cba8c4e0229630b4ba239e956fc1f58952c4dfdd17bac6261f53fe9
476294ca8a1174739263ce97d0add0408cfd15a26090a696ea9c348f99cc8d36
481eb787c8cbc104ff86e6afdbf4c1785a94bdd70277d8c3c0c73ced93243267
4860695983e79ae4c596701d7203945837da206d3fdba56684661a5cd60b16c2
4b3557625fcaf835f0edb5664328cd79604280d2cb84b48c201890a556d5f123
4cd388eb52f0fb6604a77ea951fc67e957570f230e2db29db380492460d4380a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4357d6230ea6f3882456d0378bc95f0a8350f5a3e622a97230a1b7329bf47a
519bc38cc315928f6678504ebc8f161defc6772072829cfdf77bd6dc214d9c5b
53db5de5f5524dc372b21d1d0a677d993b739b30b6e5c4276c45083ec28fabc1
5538b52fc2f2aff1e087f5a63b45317a77d4c04c83bde3fe8c2f50e96d8b14d5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c7cfc1492495ee9e2112f0e70377b6bdbd2e89c5cb6c64696efc8b59e831bd8
5d787dbded94aa45a7efbd24ea8f620d5b4df2b239e764f790cecbe2702ccfce
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
602924c24feffb0a906d3fd7b62d58121548cb91f74162e06e36b3247745a51e
60ef134e2cf2f8b8c067fca24ef955a0881bd4712533c7afebb80a8297d659e8
612c4d80aa2bda24cc1c74cc65cd802ba2bc78d5fe8384f1858edd94aa6da2ff
618cacf7e3c9cf90cb3245f033e6b0cbf5fc41ef5ecb98c136247eb6aa8641c5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6462c6a3bb9dd452e16b83087746f4ef65156ec96c07a4992190e615e69875ec
64fd7c3b188ad31f5981c2673892148913421acc2f082081f6148aa9e6fa28ad
69180f473dfe9e7fe4c02b25be25f9a814b93778dddf51b562a2147fded1ee04
694bb8a02d3468f0cb58ff43e5a784e820674c28139a8e8095c7cbbb615dc023
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
719747def64ee1750a31c429da84257c2abcf10142533273caa797e89c399f75
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7482b6eaa9a50729dc26bd9c4f1b37063f6f2706e340f9f7cce9e98dd68231eb
75e59faa9d7561b17310a47c9e276a0123578843f3064696ca794574a729b4a7
7d0e6a944dd77ad7b918bfc0f8887f5802f787a0205c3f5df51b54ee6947fdc7
7d99e7f6a786f92756e2818a215d3458fd1f649049e8ac9d71415a158302d421
7e9e8142c5368368827a380ffa05b3311c5eabdae20b15c3220d283cc72e2e4e
8191458d176787dc85a6a281fa2a1196538253b4ede683ddbf95cb84d25c3c4e
82dd75ae2b4b2bc88a50a1956d5994b81e317f140179aa9cbd452aca218e202d
86d6e0f81c7e8c68fbc83b9fc431679813ef5370a497e4d528f6383d604f92d6
8a4adaaa76a4f17affd36b7e3e543a7c45cc59cd177148ab5997cacb256b703f
8bfadf29262ac0c22314bd5abe91f18fdfb92a4bf692c44d3fc08762ddc39f8a
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8efe4b44a591d22d2c71b1fd92f5f2d7eb7928d621ad460be40345b76ea83b89
9155698dbfa97cab02e9e7b3140350d2b047cac9f10f9fb0745299de68b75110
927e28e6f905011cd102263e99fc6a6032d90aab9f7fce9e2be1b5a4a115d7ff
934ad5598b0254d67f2c10ce6b9f80ca7c557a79cccf4967cdb3c8c2cc21c460
935fb28345670a4e9a15dcc2611aa0bea45c169f9d2973c0ed1f4828dc1abee6
94bc29491e4c9f21b3385b4602e5b57dcd4e425a3493e838012919a7ba581f83
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9d92f3abe6accf11223295d9cfd6c2131df18454e3e521cdaf6dcf64bc707e22
9e65774668a62c4aa56cf4fe4a54868a53d0d91dda9feff597de8548a2d87b82
9f0174772f64028970efd1ed1d525932345fcefc27d1f610ed10197e043319d2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab6b374b50ba1f25ac83c25ac8be54ba6ea56643d4b4502ada68a2c5adcd03e2
ae9a7dc37d2cf1e2dab0aa8aed93b881cbe3feb18afc2dc1465fc9c4de63d012
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1c251c6f0101227a9e8444af6a4e392721a2cee114a4f6ae74c6c0f95d37eed
b74670a96cc2e05292ab2972cdfcf324599fd48af11e1d30d08b3ecfdffba8df
b8e958e2b5adbc93b7fa2745c5c27f183e3ac0e224fa5ed868c7fa08cf722298
bf0eefe3c5070f58a2418b197f259894929f407a2560152b0bdc4ceb0d841a23
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c3fbda5aaf08b79384354c91b5a7d8cd6196fb8a797afac0212181c6df0074bb
c633fcb673fd5ab1a11fcb862177478a8408326ddc4aa2d177448be590db951f
c7e7e98a906748197ee7a85b5d01f4c3e7111e650cbec8bd2c1df1ccdf19a63e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca2746cc5eb4a69f5a500a6192258fafe3831bef91cde16b6e24e02368a9375b
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d196f0f9b8a5360ba71c4e0107b06279fbbbddc1f67e0fbd0124f776ea60a191
d82f2f31dd64376f2bff0a8b5315576d16587735f0161b072d8d1e0742b7731e
d8a9883a456c70686e73353697c67b3aec08eb67b66ec583711ccab070441136
dae8b01b406e9fea4cda7041411f95473921c1eb3c1dfe07b5ed896abfa7f9b3
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3441db3ab2ab6fd57057ec78b670f88c2ff94f6ea7f0750b87ab0f1d53b24da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee5c2945e25b3a558076264cba793d2ac05b2b76555a6602abef1a51ffa4d3ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
fe28ea4332b34879da2d62f0f9bb5aa07cd31dd5c5f2e879178b47654a3047ef
fecb53ffa63012b05c9b5f2e21720abe9fe9738c2013dd472a00606494329695

yeu79.net Open in urlscan Pro 2606:4700:3034::6815:3c7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

80 %HTTPS

85 %IPv6

18 Domains

26 Subdomains

27 IPs

5 Countries

3116 kBTransfer

5876 kBSize

8 Cookies

4 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

yeu79.net Open in urlscan Pro
2606:4700:3034::6815:3c7 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

80 %
HTTPS

85 %
IPv6

18
Domains

26
Subdomains

27
IPs

5
Countries

3116 kB
Transfer

5876 kB
Size

8
Cookies

167 HTTP transactions
6 data transactions