ezcash.vn Open in urlscan Pro
2606:4700:3031::ac43:c737 Public Scan

URL:
https://ezcash.vn/
Submission: On August 09 via manual (August 9th 2021, 5:12:16 pm UTC) from US

Summary HTTP 209 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 16 domains to perform 209 HTTP transactions. The main IP is 2606:4700:3031::ac43:c737, located in United States and belongs to CLOUDFLARENET, US. The main domain is ezcash.vn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 31st 2020. Valid for: a year.

This is the only time ezcash.vn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
63	2606:4700:303... 2606:4700:3031::ac43:c737	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
14	192.53.117.207 192.53.117.207	63949 (LINODE-AP...) (LINODE-AP Linode)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:800::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:63::9	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
209	34

63 2606:4700:3031::ac43:c737 (United States)

ASN13335 (CLOUDFLARENET, US)

ezcash.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.53.117.207 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li2213-207.members.linode.com

www.tygia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tygia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:800::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:63::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nsr.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	ezcash.vn ezcash.vn	1 MB
49	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	2 MB
39	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	664 KB
14	tygia.com www.tygia.com tygia.com	279 KB
13	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	121 KB
8	google.com 4 redirects adservice.google.com www.google.com	1000 B
8	googleapis.com fonts.googleapis.com ajax.googleapis.com	128 KB
4	googletagservices.com www.googletagservices.com	140 KB
4	google-analytics.com www.google-analytics.com	58 KB
3	google.de adservice.google.de www.google.de	394 B
2	gvt1.com 1 redirects redirector.gvt1.com r4---sn-4g5e6nsr.gvt1.com	1 MB
2	2mdn.net s0.2mdn.net	96 KB
2	dmca.com images.dmca.com	5 KB
1	googleadservices.com partner.googleadservices.com	655 B
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
209	16

	Domain	Requested by
63	ezcash.vn	ezcash.vn static.cloudflareinsights.com
28	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com ezcash.vn s0.2mdn.net pagead2.googlesyndication.com
27	www.gstatic.com	googleads.g.doubleclick.net www.tygia.com www.google.com www.gstatic.com
20	fonts.gstatic.com	fonts.googleapis.com
13	www.tygia.com	ezcash.vn www.tygia.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ezcash.vn
11	pagead2.googlesyndication.com	ezcash.vn pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
6	www.google.com	4 redirects ezcash.vn tpc.googlesyndication.com
4	ajax.googleapis.com	tpc.googlesyndication.com www.tygia.com
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.tygia.com
4	fonts.googleapis.com	ezcash.vn tpc.googlesyndication.com googleads.g.doubleclick.net
2	csi.gstatic.com	www.gstatic.com
2	s0.2mdn.net	tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	images.dmca.com	ezcash.vn
1	tygia.com	www.tygia.com
1	r4---sn-4g5e6nsr.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	www.google.de	ezcash.vn
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.cloudflareinsights.com	ezcash.vn
1	www.googletagmanager.com	ezcash.vn
209	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.pinterest.com
ezcashvn.tumblr.com
twitter.com
www.dmca.com
ezagency.vn
ezbeauty.vn
trungtamniengrang.vn
trungtamimplant.org
cuoiholoi.vn
dansuveneer.vn
nhakhoavietsmile.com
nhakhoavietsmile.vn

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-31` - `2021-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2022-04-04`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.tygia.com R3	`2021-06-06` - `2021-09-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-07-27` - `2021-10-05`	2 months	crt.sh
tygia.com R3	`2021-06-06` - `2021-09-04`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://ezcash.vn/
Frame ID: FE184A61E349B5150F80EE581BD07A7A
Requests: 102 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: 31E91A2B749DDA0B19B51998C643F9F2
Requests: 1 HTTP requests in this frame

Frame: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
Frame ID: E7DDD731219ECFC67A87FA093146C277
Requests: 23 HTTP requests in this frame

Frame: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
Frame ID: D02F422ED8CAF944C33BCF6BE3C76EE1
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162
Frame ID: 193BC055E08EEE1C18F924DC4569A002
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1628529116&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fezcash.vn%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116920&bpp=1&bdt=646&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=7
Frame ID: 8AE054A8B9636D0AC50EFF5D6C48B00C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=2240882208&adf=906138332&w=300&lmt=1628529116&psa=0&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116815&bpp=6&bdt=542&idt=120&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=2248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rHD2dvwOGi&p=https%3A//ezcash.vn&dtd=122
Frame ID: D3C5E7158ADC4F0FAF6CE4043AD63A3E
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html
Frame ID: D23042324F87F4102CD75BE2D41FBA3E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1E3C339FF199BAAA0DDE16F83E871597
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
Frame ID: B5D8ADB1372A57B52233842F83084F41
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html
Frame ID: 738EBAC0C02374526FE9F0AB964D23E9
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js
Frame ID: 0A300D74EC82BB700154BE14E658CBBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F0C1B0EF9B859A1BF193FFD076E0C07A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D137B1CF02971CA2F7AB085AF1BC59E4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E11493505FB6C46F62C7B910CE95BE22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

209
Requests

100 %
HTTPS

91 %
IPv6

16
Domains

25
Subdomains

34
IPs

4
Countries

6405 kB
Transfer

11137 kB
Size

8
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/taichinhdedang
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ezcash_vn
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/ezcashvn/
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/ezcashbm
Title:

Search URL Search Domain Scan URL

URL: https://ezcashvn.tumblr.com/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/Ezcashvn
Title:

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=d08aa2e2-e313-4974-b8df-3a570d7741fd&refurl=https://ezcash.vn/
Title:

Search URL Search Domain Scan URL

URL: https://ezagency.vn/
Title: EzAgency

Search URL Search Domain Scan URL

URL: https://ezbeauty.vn/
Title: EzBeauty

Search URL Search Domain Scan URL

URL: https://trungtamniengrang.vn/
Title: Trung tâm niềng răng

Search URL Search Domain Scan URL

URL: https://trungtamimplant.org/
Title: Trung tâm Implant

Search URL Search Domain Scan URL

URL: https://cuoiholoi.vn/
Title: Điều trị hở lợi

Search URL Search Domain Scan URL

URL: https://dansuveneer.vn/
Title: Dán sứ veneer

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.com/
Title: Phòng khám răng

Search URL Search Domain Scan URL

URL: https://nhakhoavietsmile.vn/
Title: Nha khoa Vietsmile

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 139

https://redirector.gvt1.com/videoplayback?id=a639691103b95daa&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1628536317&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=ABD1BA6138E7E291901DA3C3489DEE7716A23808.34A914A85F4003477F337AB66BF56585220B81D1&key=ck2 HTTP 302
https://r4---sn-4g5e6nsr.gvt1.com/videoplayback?id=a639691103b95daa&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1628536317&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=0605659257A2C5CD115C39E872DC8301314DCA91.4D85111D3EA698A3412C21863FC367CBD281FD07&key=cms1&cms_redirect=yes&mh=ss&mip=2a01:4f8:121:131a::2&mm=28&mn=sn-4g5e6nsr&ms=nvh&mt=1628528787&mv=u&mvi=4&pl=52

Request Chain 164

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 179

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

209 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ezcash.vn/ 221 KB
28 KB 101ms
57ms Document
text/html 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34 PleskLin
Resource Hash: 89ddf822b7439eeeaeb36c7cddbe57e3fe90c25785088ffd4ed0ddabaaa9b4f0

Request headers

:method: GET
:authority: ezcash.vn
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34 PleskLin
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate max-age=86400
expires: Tue, 10 Aug 2021 17:11:56 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q3ekyFR8SewcsOOq7%2BBZ5JfKronqZp9qct4Xof1XXHLLJCMBu3keGns%2BpuhqzSt8kw%2FoxCbyJW%2FLM0Jy%2F5p%2FpykzrJNYmSpSJbh9EHbbimpoWWUSUxUTYivR8ODCrTJSyhs57bkDsI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 67c29b405bc84eaf-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 style.min.css
ezcash.vn/wp-includes/css/dist/block-library/ 79 KB
11 KB 60ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 04:59:28 GMT
server: cloudflare
etag: W/"60f7a9b0-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fF1tS9StPI2MwkxnP%2FEA%2B3wnEMHeyZFZkOvmE%2FkKP9dnxzc4JpQfObYgEZ5jHfN28UTrq6spE6wZl8t1MN2RKxRB%2B%2BCfjYVPrK7vc9gS9QdcgYGpgBD0JO%2BtVgItZOkgloSrc6qWqbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 67c29b40e91f4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 kk-star-ratings.css
ezcash.vn/wp-content/plugins/kk-star-ratings/public/css/ 2 KB
1 KB 59ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f0e5e8d233becdb2d0d9ad0b12ad25bdd2ec71b44bbe32ef4796b9c3dcbca340

Request headers

:path: /wp-content/plugins/kk-star-ratings/public/css/kk-star-ratings.css?ver=4.2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 407264
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:48 GMT
server: cloudflare
etag: W/"60db867c-ba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeu5pL49FGANQJTVyA6nvQUpyyfrdozNwRLLj1OxZKDsqKGw9adz1lKwmzOj3n3%2Bbi2JC3hxsOJV9IivxcTFOOQEbi9TzWYzsir8DnHwkWkHGZRl9EhfOIaDdnwfs4lfa43OhDzBKxs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=2980
cf-ray: 67c29b40e9174e7a-FRA
expires: Sat, 04 Sep 2021 00:04:12 GMT

GET
H3-29 200 style.css
ezcash.vn/wp-content/plugins/td-composer/td-multi-purpose/ 67 KB
10 KB 42ms
16ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd

Request headers

:path: /wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 407264
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:52 GMT
server: cloudflare
etag: W/"60db8680-10f52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkGU3Y7SIGwZtqqOpg9PASISXMGxj5mv8Rua%2FyGlK2EVkA%2FtIsywCsIdlrPwqT4GV9X262Y2C8BkM2QOPMVMZA3Oz%2FJ88TH1eHXe6RSHuTvLhpzubVYy21F9Qae0YZOgTilsH4M3Huk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=69458
cf-ray: 67c29b40e9224e7a-FRA
expires: Sat, 04 Sep 2021 00:04:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 20ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae3bcbf199daa998bcc1f6ce0cc67e10683f1390267efac5670bffd564c44634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 17:11:56 GMT
server: ESF
date: Mon, 09 Aug 2021 17:11:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Aug 2021 17:11:56 GMT

GET
H3-29 200 tablepress-combined.min.css
ezcash.vn/wp-content/ 5 KB
3 KB 44ms
19ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/tablepress-combined.min.css?ver=17
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 1750caab60486cf76485eeefe156bfcde7719e6aa8c253242d44b5ce49855bb3

Request headers

:path: /wp-content/tablepress-combined.min.css?ver=17
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 20 Jul 2021 17:00:44 GMT
server: cloudflare
etag: W/"60f7013c-14c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SCvjg5IzfdWRuf1iLJCIqVtS5VJF%2F8yHQP%2BnyHwQPpvv7IQWipLMhP1HtONzWOWT2seBJCo4SjnsX9EfvTi6HOcF18MonJrBabg70lrxUtCry%2BxZC5DZRFLzDaD9MRdoriLnPE9tJkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 67c29b40e91b4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 tablepress-responsive.min.css
ezcash.vn/wp-content/plugins/tablepress-responsive-tables/css/ 9 KB
2 KB 39ms
14ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db

Request headers

:path: /wp-content/plugins/tablepress-responsive-tables/css/tablepress-responsive.min.css?ver=1.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:50 GMT
server: cloudflare
etag: W/"60db867e-22aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BP4Kl%2BQMefd8Bxq%2F6nOBg6JU0M7J7J76A%2FqqeTxrFI%2F3z3tLDuwUC91BQUlEKpHjzL8chGM7XXMtvQqhtmAY1MJ%2FVc6w7ZKt0qVJMKpVMTFAGWMofwdT24ku%2BDx9MV51PvLTQnwC8U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 67c29b40e90b4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 style.css
ezcash.vn/wp-content/themes/Newspaper/ 110 KB
21 KB 45ms
21ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=5.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9e7970f53b127d33d46f94989031b48f081cb4badc9124cdcaea7310ce37904b

Request headers

:path: /wp-content/themes/Newspaper/style.css?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20407
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:56 GMT
server: cloudflare
etag: W/"60db8684-261c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Phx7tMMmsWms%2FHnyOo61LLjQfqpkgvN%2BPnacfn1%2BHMicwCk8GGoypsyjWnK6P0mLLg3EELW6ZScol3xRZse4JZ8Mh%2BjOpNnNrJh8IUJpH8mYjl0YxAEjxcmVWgcS8Er7E%2B0fkJGNClc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=156099
cf-ray: 67c29b40e90f4e7a-FRA
expires: Wed, 08 Sep 2021 11:31:49 GMT

GET
H3-29 200 style.css
ezcash.vn/wp-content/themes/Newspaper-child/ 0
666 B 39ms
15ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/themes/Newspaper-child/style.css?ver=10.3.9.1.1614265619
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /wp-content/themes/Newspaper-child/style.css?ver=10.3.9.1.1614265619
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:56 GMT
server: cloudflare
etag: W/"14d-5c5edb14f55ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QFgHJIpd51CBe5CogQWARaF4UxN8ij4lQFgMTBFKlDf0fxc2xYxnUjhvWAHLv4L1%2BxZuJnQhGXq6oqs4DtW8W2uOCuelEs%2BAVJy7IxSSEGgfVOU2z6ZQp13Pov6YWYrwvIIRfS9xx0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-accel-version: 0.01
cache-control: max-age=2592000
cf-polished: origSize=333
cf-ray: 67c29b40e9134e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 td_legacy_main.css
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ 198 KB
30 KB 52ms
28ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236629
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:50 GMT
server: cloudflare
etag: W/"60db867e-3cfe4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKuddBBraaWO3ZgFSdc%2B%2FdC9salEU%2FCGuYgtaEsJBelNb5XhZMcA46QI9xpnQZpDKFOn77OwzYmuTBWJcvvMsH0Ph75EDzmEeZBMRbJQzr03y4%2BFKfVCHqQbW66W7d6OslfLzq3R%2FaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=249828
cf-ray: 67c29b40e9144e7a-FRA
expires: Sun, 05 Sep 2021 23:28:07 GMT

GET
H3-29 200 td_standard_pack_main.css
ezcash.vn/wp-content/plugins/td-standard-pack/Newspaper/assets/css/ 494 KB
42 KB 60ms
36ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800

Request headers

:path: /wp-content/plugins/td-standard-pack/Newspaper/assets/css/td_standard_pack_main.css?ver=6b62588d33477b8e3dc5b8b3c9c8d86c
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:52 GMT
server: cloudflare
etag: W/"60db8680-9b323"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7cMFEtBtwzVUb%2Fxh%2BmjVnMiDfhE3CfDHsh%2Bk7Kke4FmlQgkFseIw9Gtf8n0He%2FTpc6oLqAW80co%2FgXYHl8sE3izGX2d1Plqd8kCcdD6SQTSQ0Bo9J2fi9YWrIvDNCcXYsE1dvVHINk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=635683
cf-ray: 67c29b40e9254e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 demo_style.css
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/recipes/ 4 KB
2 KB 56ms
33ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/recipes/demo_style.css?ver=10.3.9.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 613b9183e71eac5f067343bf95174520dde58057b165ecfe1011f83a306380f8

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/includes/demos/recipes/demo_style.css?ver=10.3.9.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 203679
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:52 GMT
server: cloudflare
etag: W/"60db8680-140c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vxrrvmg0vML5mY86yS1oRYKlQ4eCxIGiGv7iMp7nj86IbdQwy9qybn2qhJkPA5yYTLeKE5iZL7GcDxpnCxB%2FSUsmrN8FF7wlmSwhJSfWUeG%2FLcNyq3XKYt8TDKMWBjRWQU8YJ9B2IDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=5132
cf-ray: 67c29b40e9114e7a-FRA
expires: Mon, 06 Sep 2021 08:37:17 GMT

GET
H3-29 200 tdb_less_front.css
ezcash.vn/wp-content/plugins/td-cloud-library/assets/css/ 85 KB
13 KB 57ms
34ms Stylesheet
text/css 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/css/tdb_less_front.css?ver=a50385a2d79d6600973a7e697f735a0b
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:50 GMT
server: cloudflare
etag: W/"60db867e-1a97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1t8rtex8qlljkwlmB1%2F%2BOnYG8TDCJ91D%2FckWT1K2qKjZ0pQeKKboYbb9mbvVHt3AUjq6i28G0Ss7ViDPfsVb%2B%2BA3%2F6OBPecPhWZP9wMHiURy8uLqJa9kcNnN0tH0U1KURZ7EAE7qXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-polished: origSize=108923
cf-ray: 67c29b40e91e4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 jquery.min.js Show response
ezcash.vn/wp-includes/js/jquery/ 87 KB
32 KB 45ms
23ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 04:59:28 GMT
server: cloudflare
etag: W/"60f7a9b0-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP7JF3A3n5HMMcRlBPKvS9KE8DfyMgMgZn78IBvOajaJl5pHZQwGAvRBN593kYpRqRYow%2F1zCqH%2F%2BRjJBHDVc30fjttZw7GyfAaL%2BG3DWE8uuu7RmrKhb0pR9Ydz%2BN7R4Sr3yO88smQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b40e90d4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 jquery-migrate.min.js Show response
ezcash.vn/wp-includes/js/jquery/ 11 KB
5 KB 38ms
16ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:46:21 GMT
server: cloudflare
etag: W/"60db869d-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KReuYveHmXXAEb9P1PbX87aMfQWEOEE4eVTf9JEdhonHztOFdrj%2FysTd6P%2BULYTeVWqdPJITBQZ0%2FI8NZn5ZS5VxbsHzu1kHZEdbh5MYbEn0TPI59anRvI6RDPLJAyvdkr%2BbPewrjc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b40e9194e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-162917087-1

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f457e7ba4f05f037860eee848c712f6eef63127e70eb230b23bc9eee5c36fe35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40795
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 16:35:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 09 Aug 2021 17:11:56 GMT

GET
H3-29 200 wp-emoji-release.min.js Show response
ezcash.vn/wp-includes/js/ 18 KB
5 KB 22ms
19ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 04:59:28 GMT
server: cloudflare
etag: W/"60f7a9b0-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJ295Wxz06BtpFdDVTp38fzXFLe9jLyAH8dASb7OYtgwF%2FI9LB8gKF%2BAqVe%2BcwpiP%2FGT4GYJq2S5pjBoHRajYSuSBCfX5dkWj549cnL%2BdMt8lmKnkfrQaQvFArzNhaquX0kmKaQeIlo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a374e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 api.js Show response
ezcash.vn/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 12ms
10ms Script
text/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ezcash.vn/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecAAnsPR20eAFtMIWhKpseDHKiOAGh2CEh0PJ0Mq8Mqjf%2FbcEg91iLX71Uf5GHqZa64m3kONdWPrOWS%2FF7BTkzByHcE7vBT4%2FeRV%2BB4NtMUgmJOa9rH44p6XYSbfnT5xG1KxyakMYG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 67c29b414a384e7a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
48 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14b96dc0cfb0fd9f1bcf864f8e1c38c8647bf5a6a529b23fd66c5d436676e4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49453
x-xss-protection: 0
server: cafe
etag: 1238463636593028859
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 17:11:56 GMT

GET
H2 200 DMCA_logo-grn-btn120w.png
images.dmca.com/Badges/ 4 KB
5 KB 255ms
8ms Image
image/png 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/DMCA_logo-grn-btn120w.png?ID=d08aa2e2-e313-4974-b8df-3a570d7741fd
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: f096c63a545538cfdebda14fe95764a84d9c77873fc45afc92861e34c15e906c

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
last-modified: Thu, 22 Apr 2010 19:55:29 GMT
server: nginx
x-powered-by: ASP.NET
etag: "8eaf64c255e2ca1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCA_logo-grn-btn120w.png>; rel="canonical"
content-length: 4534
expires: Wed, 08 Sep 2021 17:11:37 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
633 B 274ms
7ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Wed, 08 Sep 2021 17:11:06 GMT

GET
H3-29 200 kk-star-ratings.js Show response
ezcash.vn/wp-content/plugins/kk-star-ratings/public/js/ 1 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/kk-star-ratings/public/js/kk-star-ratings.js?ver=4.2.0
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7f0de4157672afac565b1dd92dd11e6efbc04e3ae43fd3c3e49b29b5cd7fb5ec

Request headers

:path: /wp-content/plugins/kk-star-ratings/public/js/kk-star-ratings.js?ver=4.2.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:48 GMT
server: cloudflare
etag: W/"60db867c-77f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU7ZyJTd3nIjTm%2FRH9Y92viL7zfIMKgvfkFAERXFLQz%2FMd1YhbzttIFqVDGV2QoHr43IgcrcvKTfDiSo33j4YRwoqruDArj5qzdsTomzPJ28jmxCzSchNyf09K2SrAjoekxb%2F2L7WVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-polished: origSize=1919
cf-ray: 67c29b4139d24e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 underscore.min.js Show response
ezcash.vn/wp-includes/js/ 19 KB
8 KB 19ms
16ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/underscore.min.js?ver=1.8.3
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Request headers

:path: /wp-includes/js/underscore.min.js?ver=1.8.3
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236629
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 04:59:28 GMT
server: cloudflare
etag: W/"60f7a9b0-4a84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jH3SWoAVjqkpkGXNwwkgnwyFCOtkC6jLnEisF05mJumsBUeCGXOCXMea2m%2BXf9%2F3k6JgZHrwHTQjBo1Q8CurRVLnDA52TKemsmEO3gBqoYQMl4MznCmPIBKVXtAyLcACLAfK0jV2hvk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a2a4e7a-FRA
expires: Sun, 05 Sep 2021 23:28:07 GMT

GET
H3-29 200 js_posts_autoload.min.js Show response
ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/ 5 KB
2 KB 16ms
13ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=a50385a2d79d6600973a7e697f735a0b
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:50 GMT
server: cloudflare
etag: W/"60db867e-13fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Koj%2FzVqOo%2BId19IGErxxqr4Pxxv3uNO9qKrYxJGZ4LHDkRkNb3I0ZA%2F1XgPNTIlMP6RMIYwoCKwQRmtdLLhczf5Y045zDPyoneeh4UdeqT4k7qpQVDKET5QENZ7qV75XZVcgJY6B8q0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a2d4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 tagdiv_theme.min.js Show response
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/js/ 253 KB
59 KB 23ms
20ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=10.3.9.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:52 GMT
server: cloudflare
etag: W/"60db8680-3f512"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5K6i0U%2FlSoeuNMKzUbHssROfhnDjYTJGpqp49pFBTxIgH1yPopchc2YPdMCUsGhsMqtfOF9E%2BNxlGlKNegsX2C1xpdKc3%2BRLAMrVtax2JqoqsuV3gQi3QSfCYNVAyVt1vmlNeVqM7Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a2f4e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 comment-reply.min.js Show response
ezcash.vn/wp-includes/js/ 3 KB
2 KB 19ms
16ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/comment-reply.min.js?ver=5.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:46:21 GMT
server: cloudflare
etag: W/"60db869d-ba8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMRb2%2BL8r8CpzU6SR8%2FIa2t9n8wfUpRrijvxPedsrCN1iHu3GLmwC1xTpfBNjfim8MqXk0kMqiOnGwOhSKRDWyNN5c2NUZ3W300%2F9cd6Q6U3vnYWsBNxwu674yBxBnBp4tX1lCk44Uc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a304e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 smush-lazy-load-native.min.js Show response
ezcash.vn/wp-content/plugins/wp-smushit/app/assets/js/ 9 KB
5 KB 24ms
21ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834

Request headers

:path: /wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 959008
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Thu, 29 Jul 2021 13:10:14 GMT
server: cloudflare
etag: W/"6102a8b6-24fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNCkMDkyeudo3SehFoWe41wD%2B5kGuC1vK9U2HOEevEqJ66iYTQ%2FYC21GFy70j9qgdbgjkYPHUbFKjk7015nlKVhazdDtumyGZ5FJ9PQa%2Fvipa%2BBnMtofnDhKshlZHIgjEOO1MPFcrNo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a314e7a-FRA
expires: Sat, 28 Aug 2021 14:48:28 GMT

GET
H3-29 200 js_files_for_front.min.js Show response
ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/ 33 KB
9 KB 19ms
16ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae

Request headers

:path: /wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=a50385a2d79d6600973a7e697f735a0b
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:50 GMT
server: cloudflare
etag: W/"60db867e-8387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyGKRSWeozpgFuMPjmr20WgnQ%2BqI5XPNS%2FcEBeRv5VCQxEdehfwTTgQWMpbtbhzhYGEmFCKXgAOKNspcw66jsVEXwyuUemIBoLm5bfi39yBKqaybCHKOAeKqw3cGwh%2Fsddk7QJbgesY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a334e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H3-29 200 wp-embed.min.js Show response
ezcash.vn/wp-includes/js/ 1 KB
1 KB 21ms
18ms Script
application/javascript 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:46:22 GMT
server: cloudflare
etag: W/"60db869e-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9JBOteXoIh1V%2FbQWchguntywzeKNsrJzi4uLDO6O0fQLhQaUBI91NjZz4TjLSyfYWNHqQsdtN5W0DeoibUR7F5Ab7gE5LcLowtGCNtEMghg0HfDgLPkvqbv9Dx9onbrFA11fd4QnhU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 67c29b414a354e7a-FRA
expires: Fri, 27 Aug 2021 14:51:56 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 45ms
21ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 17:24:20 GMT
server: cloudflare
etag: W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 67c29b417a5d4e1a-FRA

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 newspaper.woff
ezcash.vn/wp-content/themes/Newspaper/images/icons/ 123 KB
69 KB 19ms
18ms Font
application/font-woff 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=5.8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b

Request headers

:path: /wp-content/themes/Newspaper/images/icons/newspaper.woff?19
pragma: no-cache
origin: https://ezcash.vn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: ezcash.vn
referer: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=5.8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ezcash.vn
Referer: https://ezcash.vn/wp-content/themes/Newspaper/style.css?ver=5.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:56 GMT
server: cloudflare
etag: W/"60db8684-1eab4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cokWBQLZR6gMKQWxCVXKJKaOfXRtiZnu4O0sb3pv2kedZP8kXkGqeN7p52S6O3PCMkOvqlU7J0fSi0UOZ42ruBTiX3d6O7kZIKONcdehWCsOTh0ER9IuUP%2FV6sGCNSwst4bDZrzhQHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=1209600
cf-ray: 67c29b415a504e7a-FRA
expires: Wed, 11 Aug 2021 14:51:56 GMT

GET
H3-29 200 newspaper-icons.woff
ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/ 6 KB
5 KB 21ms
20ms Font
application/font-woff 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newspaper/assets/images/icons/newspaper-icons.woff?1
pragma: no-cache
origin: https://ezcash.vn
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: ezcash.vn
referer: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://ezcash.vn
Referer: https://ezcash.vn/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=c784b8db3e66cd68082f3ff7aa2d70e6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1045200
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 29 Jun 2021 20:45:50 GMT
server: cloudflare
etag: W/"60db867e-1744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TJbnwDgJnVawW57Ti4GWvRXa4i%2FeiUGkUtUWgxZneTX4uufmArFK0Kyh0bl6Elu6E5vO6Bj8QERcNgPWsQ7v0VqjzOhQy8hZt3BJHLfyGZDAloFcvOlpptZ%2BPoLhZ3im0uTSYOw0M4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=1209600
cf-ray: 67c29b415a534e7a-FRA
expires: Wed, 11 Aug 2021 14:51:56 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options: nosniff
age: 263306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:15 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 600332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v22/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:30 GMT
x-content-type-options: nosniff
age: 263306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:30 GMT

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v11/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v11/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 07:30:47 GMT
x-content-type-options: nosniff
age: 553269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23924
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 22:27:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 07:30:47 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 569482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:00:34 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 12 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:22:29 GMT
x-content-type-options: nosniff
age: 568167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11836
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:22:29 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 gio-lam-viec-eximbank-2.jpg
ezcash.vn/wp-content/uploads/2021/08/ 209 KB
210 KB 66ms
66ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/gio-lam-viec-eximbank-2.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: dbd9ada986679ea93e1c5ce15be14a98d6803966604ae5005bd65c3bc67a842e

Request headers

:path: /wp-content/uploads/2021/08/gio-lam-viec-eximbank-2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 214296
last-modified: Sun, 08 Aug 2021 13:30:32 GMT
server: cloudflare
etag: "610fdc78-34518"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QG4S0%2BW5hftc%2Bw70TeWs85Fkyw6DoVXrrpObEN%2F86eR2lYjm9mB5qrtQbB0T%2FUQnbxszrNZ6KTNXF70vn6hEd28cbVLxyzWiQ%2B4aYw%2F23QHkojn3rFTZOQDjLZ7gmQcG3%2BUqBBYuEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b432edc4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:56 GMT

GET
H3-29 200 Payoo-la-gi-Lam-the-nao-de-dang-ky-va.png
ezcash.vn/wp-content/uploads/2021/06/ 10 KB
10 KB 48ms
48ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/06/Payoo-la-gi-Lam-the-nao-de-dang-ky-va.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a591811de9e9685105858b83a36a2817c3d63f7b3bf328345955271bd0022a61

Request headers

:path: /wp-content/uploads/2021/06/Payoo-la-gi-Lam-the-nao-de-dang-ky-va.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9773
last-modified: Tue, 29 Jun 2021 20:46:18 GMT
server: cloudflare
etag: "60db869a-262d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCvIGDaLo%2BAfrf%2FtKwsSLqNzEcC9ALndTz%2BuBeWpZuFmHNattVUW0QNlUJlrHHjQwhY8u7AjNJ9ZfcVLxjF4VernstShgJksJG%2BH4UNhxtEchyWZpY5AbUagroxtJJFjhqGHY4Qs9aQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b432ede4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:56 GMT

GET
H3-29 200 Ty-suat-loi-nhuan-la-gi-Cong-thuc-va-y-324x400.jpg
ezcash.vn/wp-content/uploads/2021/08/ 24 KB
25 KB 43ms
42ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/Ty-suat-loi-nhuan-la-gi-Cong-thuc-va-y-324x400.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c6bbdfaccf63f482bd7302d1754867f52034ea29a6004ac6a17767c65b92a709

Request headers

:path: /wp-content/uploads/2021/08/Ty-suat-loi-nhuan-la-gi-Cong-thuc-va-y-324x400.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24803
last-modified: Thu, 05 Aug 2021 06:51:28 GMT
server: cloudflare
etag: "610b8a70-60e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRz6XGcaV8j104Y%2FODF%2BNgseil%2BW2FO%2BdYLKizEq72Zumg3zaiYz9DtpTn3ORxXTGIJhaC5xc7MOzhX%2BaTRh1bWRKGssh%2BqBXqHlHwPA1%2FI6KKJak%2Bbq8La8ewt8oCsv3J%2BoW1HJnF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b432ee04e7a-FRA
expires: Wed, 08 Sep 2021 17:11:56 GMT

GET
H3-29 200 Ngan-hang-Tnex-Msb-la-gi-Lam-the-nao-de-324x400.png
ezcash.vn/wp-content/uploads/2021/07/ 83 KB
83 KB 42ms
42ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/07/Ngan-hang-Tnex-Msb-la-gi-Lam-the-nao-de-324x400.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5dec21c9bae74f80682c44236be3c681a26e994b39b9a15101e06b7a79d24461

Request headers

:path: /wp-content/uploads/2021/07/Ngan-hang-Tnex-Msb-la-gi-Lam-the-nao-de-324x400.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 84784
last-modified: Thu, 08 Jul 2021 02:50:31 GMT
server: cloudflare
etag: "60e667f7-14b30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0cIb9Jtk4LUwufsVq%2FjPUtXPJ2JzYBlBaidV7IaRE04x1xWtrIoO9ouG310Rosz59eFOEDRgsCKByebM5E3OCaYmimPgguJlquiaR6XDtF0PjCjReC0xaEo3%2F4CKAbmihoeY0HCHk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b432ee24e7a-FRA
expires: Wed, 08 Sep 2021 17:11:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 01:12:52 GMT
x-content-type-options: nosniff
age: 575944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 01:12:52 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v22/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:03:56 GMT
x-content-type-options: nosniff
age: 263280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:03:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 11 KB
12 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 21:42:00 GMT
x-content-type-options: nosniff
age: 588596
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 21:42:00 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2
fonts.gstatic.com/s/opensans/v22/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOXOhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:08:37 GMT
x-content-type-options: nosniff
age: 262999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11708
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:08:37 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 5 KB
5 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 22:40:11 GMT
x-content-type-options: nosniff
age: 585105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5524
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 22:40:11 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 250 KB
93 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1828578781656677&plah=ezcash.vn

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 390643862346785813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 17:11:56 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 5 KB
5 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:29:07 GMT
x-content-type-options: nosniff
age: 600169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5580
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:29:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame 31E9 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 08 Aug 2021 18:33:48 GMT
expires: Sun, 22 Aug 2021 18:33:48 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 81488
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-162917087-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 7095
date: Mon, 09 Aug 2021 15:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 17:13:41 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2
fonts.gstatic.com/s/opensans/v22/ 6 KB
6 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v22/mem5YaGs126MiZpBA-UN7rgOXehpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3602bf738566f334e1cebb6e5846cbe12a8293db756cd23644a06256dd261239

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:39:02 GMT
x-content-type-options: nosniff
age: 261174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6364
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 15:53:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 16:39:02 GMT

GET
DATA 200
OK truncated Show response
/ Frame E7DD 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated Show response
/ Frame D02F 37 B
37 B Document
image/gif

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFkWaCi_.woff2
fonts.gstatic.com/s/notoserif/v11/ 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v11/ga6Iaw1J5X9T9RW6j9bNfFkWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

addb2c93a5432b562ab1b3288c26bfadf75ac68d726aa7e8f4dd32f0ad858bf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 07:38:43 GMT
x-content-type-options: nosniff
age: 552793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45360
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:27:36 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 07:38:43 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
655 B 58ms
28ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ezcash.vn&callback=_gfp_s_&client=ca-pub-1828578781656677

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1828578781656677&plah=ezcash.vn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0a45e2a368940a339e1fe299a33363ff7349459623f794ab7c794d849c06875f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 193B 108 KB
37 KB 442ms
440ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22d1d97c17ea19d4f84e02222dd6e1d688e998f3f32b5d0d511c4e9ead242f99

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMr-k9y3pPICFUdx4AodyiEFgw&gqi=3GERYfTgNu217_UPz42GoAU&layout=/sadbundle/%24csp%253Der3%24/4974312103960418418/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMr-k9y3pPICFUdx4AodyiEFgw&gqi=3GERYfTgNu217_UPz42GoAU&layout=/sadbundle/%24csp%253Der3%24/4974312103960418418/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 17:11:57 GMT
server: cafe
content-length: 38018
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 17:26:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 17:11:57 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:56 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249289658065"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28112
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:11:56 GMT

GET
H3-29 200 ga6Iaw1J5X9T9RW6j9bNfFgWaCi_.woff2
fonts.gstatic.com/s/notoserif/v11/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v11/ga6Iaw1J5X9T9RW6j9bNfFgWaCi_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif%3A400%7COpen+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700&display=swap&ver=10.3.9.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122f7cd5173cdc0ab93e90075025ada068600a6d39f7ae49aedeb32b7363fc06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ezcash.vn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 22:57:11 GMT
x-content-type-options: nosniff
age: 584085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8852
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:27:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 22:57:11 GMT

GET
H/1.1 200
OK api2.php Show response
www.tygia.com/ Frame E7DD 77 KB
12 KB 897ms
197ms Document
text/html 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 3ed1d836d8cbd345e8e8a63bb70900cbcae415e50d54a5668f86d1aad58832fd

Request headers

Host: www.tygia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezcash.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

Server: openresty
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: </rate/css/bootstrap.css>; as=style; rel=preload </rate/js/bootstrap.js>; as=script; rel=preload </rate/bootstrap-datepicker.min.js>; as=script; rel=preload </rate/fonts/glyphicons-halflings-regular.woff2>; as=font; rel=preload </rate/flags.gif>; as=image; rel=preload
ucs: EXPIRED
s1: -|3||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1|/api2.php
Content-Encoding: gzip

GET
H/1.1 200
OK api2.php Show response
www.tygia.com/ Frame D02F 105 KB
17 KB 1208ms
491ms Document
text/html 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load-native.min.js?ver=3.8.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 4160349bec8bf7c5bf203937ab61abde185aeed9850835e2ac9f9fdb09e83bfa

Request headers

Host: www.tygia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ezcash.vn/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

Server: openresty
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: </rate/css/bootstrap.css>; as=style; rel=preload </rate/js/bootstrap.js>; as=script; rel=preload </rate/bootstrap-datepicker.min.js>; as=script; rel=preload </rate/fonts/glyphicons-halflings-regular.woff2>; as=font; rel=preload
ucs: EXPIRED
s1: -|3||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1|/api2.php
Content-Encoding: gzip

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8AE0 144 KB
42 KB 713ms
713ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1628529116&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fezcash.vn%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116920&bpp=1&bdt=646&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68505ad1861f729c65cd21a9c383c4c48606dd64cfff989d4675f4b0c976c582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1828578781656677&output=html&adk=1812271804&adf=3025194257&lmt=1628529116&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fezcash.vn%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116920&bpp=1&bdt=646&idt=1&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 17:11:57 GMT
server: cafe
content-length: 42941
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 17:26:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 17:11:57 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3C5 103 KB
32 KB 614ms
613ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=2240882208&adf=906138332&w=300&lmt=1628529116&psa=0&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116815&bpp=6&bdt=542&idt=120&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=2248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rHD2dvwOGi&p=https%3A//ezcash.vn&dtd=122

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc4cc8dd02a24b2060c1491520284dd91cc83a132fde9d70d440437257527183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=2240882208&adf=906138332&w=300&lmt=1628529116&psa=0&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116815&bpp=6&bdt=542&idt=120&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=2248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rHD2dvwOGi&p=https%3A//ezcash.vn&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 09 Aug 2021 17:11:57 GMT
server: cafe
content-length: 33125
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 09-Aug-2021 17:26:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 17:11:57 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1597654923&t=pageview&_s=1&dl=https%3A%2F%2Fezcash.vn%2F&ul=en-us&de=UTF-8&dt=T%C6%B0%20v%E1%BA%A5n%20vay%20ti%E1%BB%81n%20m%E1%BA%B7t%20d%E1%BB%85%20d%C3%A0ng%20-%20EzCash.vn&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=45174084&gjid=1148340457&cid=1598871270.1628529117&tid=UA-162917087-1&_gid=1048253551.1628529117&_r=1&gtm=2ou840&z=1739582170

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 logo_500x150.png
ezcash.vn/wp-content/uploads/2020/04/ 8 KB
9 KB 97ms
89ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/04/logo_500x150.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d8804a66490d927d2453d07427a70c6012c305c05cfde5c5c45b417dfa5e8b6f

Request headers

:path: /wp-content/uploads/2020/04/logo_500x150.png
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8676
last-modified: Tue, 29 Jun 2021 20:46:05 GMT
server: cloudflare
etag: "60db868d-21e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ysXkIC%2FVmCsu%2B8Gzhl0yu6Y7OwVzlEGYJrjEDSlk8GU9PAqYfpwyI0PckdgLXFqrm0t%2FxGf3OJPbZHY4cHzlVnOWQ2x867GzY5y%2FsXw0mjEHBXt8NuljMifoudCZruhTSqHV5bUrhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b524e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Tra-cuu-CMND-218x150.jpg
ezcash.vn/wp-content/uploads/2021/02/ 6 KB
7 KB 76ms
68ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/02/Tra-cuu-CMND-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4531fda02acff2e3d2a89e953dcc6c90a1a5c1ed5ad8da9b8e853542bb256d7d

Request headers

:path: /wp-content/uploads/2021/02/Tra-cuu-CMND-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6331
last-modified: Tue, 29 Jun 2021 20:46:10 GMT
server: cloudflare
etag: "60db8692-18bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Djxlaxi%2BFgj5epUcOZ4rLGFZ%2B2dArOh4Y2t6%2BU4nSjlb4UxNix4%2FoFGVefLOlt31GsGftHa47NWWPs9yOfvqQVIv5HWAC9U6c60Ps4tbWsJfRDMVZlXeyISzViKxgNHZQ21akJy1TFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b554e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 the-Black-Card.jpg
ezcash.vn/wp-content/uploads/2020/11/ 50 KB
50 KB 165ms
157ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/the-Black-Card.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5bc0801fc599eedc1692df6cb6e77b45785113cadcc2a48e1725c9a20af4bba4

Request headers

:path: /wp-content/uploads/2020/11/the-Black-Card.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 50818
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-c682"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji9HZllgNrJcfi%2B1EFAJoHUr2KcjkaRFNXiN4qB6H%2BbvJjDGqzRQJURNmUZuueJu%2Bu44CXlyGdfZa4nHkz5hpFV71nqwMmHbX4DeEQ0RTKC%2BxL8vFRqeLMhko6c9a3a%2Fc%2Ftt0slDgP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b574e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 vay-tien-online-tren-app-mbbank-400x225.png
ezcash.vn/wp-content/uploads/2020/10/ 57 KB
57 KB 96ms
89ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/10/vay-tien-online-tren-app-mbbank-400x225.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: bb2eee7604f3f0b5dc55018626557adccda61c7a98732f1649df6b095838fc36

Request headers

:path: /wp-content/uploads/2020/10/vay-tien-online-tren-app-mbbank-400x225.png
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58003
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-e293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FiXRw%2FmwNG%2FxeiObyGl%2B6REF6uxt99YqqzfnBnQ4IHgCK7ut%2BKl3Mtzeg1HE2DAj%2Fnz20600%2BAKEQw9MzEQON8keaQrIVC%2Fj4FsedyFqhR1O5%2BRxEnqur8U8XH06p4S8oWprQC4QdE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b594e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Tai-sao-khong-in-tien-400x216.jpg
ezcash.vn/wp-content/uploads/2020/11/ 21 KB
21 KB 77ms
70ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/Tai-sao-khong-in-tien-400x216.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b53ab797b969fe986c2d98e0de813c9163596c66e63fced24b4f6bdcf5fb90f9

Request headers

:path: /wp-content/uploads/2020/11/Tai-sao-khong-in-tien-400x216.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 21211
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-52db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ9Ba5dCRiVMKoWIjlSyikHUkWAmKvE4T3yzMrxSHZ14DOJ4ciBGhqmIctqw3bVQHqQeJysRYDrgQ4MeHcaMIxu3LHCXPWCn9qi29OxOvesssOFxjwSUGxaOK1ZJo3VEpS6LDQLYwNs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b5d4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 GDP-la-gi-600x338.jpg
ezcash.vn/wp-content/uploads/2021/02/ 47 KB
47 KB 74ms
67ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/02/GDP-la-gi-600x338.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 81b114a11452945ea46ae9cb99f373ffb717c87f2740761a48991c757e386bba

Request headers

:path: /wp-content/uploads/2021/02/GDP-la-gi-600x338.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 47849
last-modified: Tue, 29 Jun 2021 20:46:10 GMT
server: cloudflare
etag: "60db8692-bae9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VypvhKZ5GzDdXNaEEm9uTFnKaDe96laZMIQXXFZS8KpHsnj7R5RzBLo9RQkvmq6Aj2Aetbg3UlGykBztsGdhftirt7envD8GS0%2FpGMV5dgjM0lGuFkAG40tRFIpVyPOTpuWInE7fHZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b5f4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Internet-banking-ABBank.jpg
ezcash.vn/wp-content/uploads/2020/12/ 25 KB
26 KB 71ms
63ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/12/Internet-banking-ABBank.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d9ecff865234ffc669a22fd3ba7d7f1ce3649cd633bc337a4a0e96cf298df179

Request headers

:path: /wp-content/uploads/2020/12/Internet-banking-ABBank.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 26014
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-659e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FguSpyAiLb5R1UlhO4RNwOr7m6hp3BUgRxyPHYbcpTmRlv7dGpPa8XrnNenDsGm%2BHBLTKVB0T2ztneEwtsrIQtiL67LBdUKw8l88S7WtbHHy9R0BueoDvWFdvwgVkx6H6oNObqU9SM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b614e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Cac-ngan-hang-co-phi-thanh-toan-som-Cap-nhat-218x150.jpg
ezcash.vn/wp-content/uploads/2021/08/ 8 KB
8 KB 94ms
86ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/Cac-ngan-hang-co-phi-thanh-toan-som-Cap-nhat-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b42684aec36ece3b90cf107fe7a504702c7a657127d426d6ef1b97e3a7b90d11

Request headers

:path: /wp-content/uploads/2021/08/Cac-ngan-hang-co-phi-thanh-toan-som-Cap-nhat-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7813
last-modified: Thu, 05 Aug 2021 04:46:20 GMT
server: cloudflare
etag: "610b6d1c-1e85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2rmgX3JfmU4GTJJJqUoJ%2BReB2f4NyjMHZqBwjboGmtYfp0%2BUbULFzTOONevsNzXsRm9o0HqTWVKOk8wwUL6dX%2B4lCq0PASew569ZJmYAO1oha6ueZzYyI30%2BlDGgQf%2FzBSU7afhPns%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b624e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Ngan-hang-UOB-la-gi-218x150.jpg
ezcash.vn/wp-content/uploads/2021/05/ 9 KB
10 KB 150ms
143ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/05/Ngan-hang-UOB-la-gi-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f6375c1018a359c267512dcb3b3bf9ae8e2221a9017afb71aeee382cfc3ea795

Request headers

:path: /wp-content/uploads/2021/05/Ngan-hang-UOB-la-gi-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9338
last-modified: Tue, 29 Jun 2021 20:46:16 GMT
server: cloudflare
etag: "60db8698-247a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLhDYAd30pRPTpCwpi%2Bb337VwjuDWE71e765eMQf%2FYxi67Y7rV%2BexmD0rbeSJFiKKWlqcj1QKLs8t0Q1OBcfbT%2FYyQ4Mw3P2NI0KjU7TZ3O5ThNCF%2BliBRDILfA%2B1rOhYIQPTXecRY0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b634e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 mo-tai-khoan-techcombank-tai-phong-giao-dich-218x150.jpg
ezcash.vn/wp-content/uploads/2021/03/ 12 KB
12 KB 86ms
78ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/03/mo-tai-khoan-techcombank-tai-phong-giao-dich-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ce2a70970d9ac570c26ba739edffb3b907d36b34623cecbea92e980deedd5f87

Request headers

:path: /wp-content/uploads/2021/03/mo-tai-khoan-techcombank-tai-phong-giao-dich-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11934
last-modified: Tue, 29 Jun 2021 20:46:13 GMT
server: cloudflare
etag: "60db8695-2e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iJELVWzboBunjaFfsffSkPwz6Z3bgkyLI9j6AKBCT1PotXFoGWE3fjliv7J9blWRaevUDBoVO%2BNdDghYKxtZDwD%2BnWLLcUbEjS1H%2BqB71FfV8D3N0tOhockUf1SZ0pKClmuC%2FaCEbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b654e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 du-no-la-gi-218x150.jpg
ezcash.vn/wp-content/uploads/2021/05/ 6 KB
7 KB 68ms
61ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/05/du-no-la-gi-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 31bd206bcb89ba57cf7edffc5a6d7148b46e530cb8668c72a0df2e2842990655

Request headers

:path: /wp-content/uploads/2021/05/du-no-la-gi-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6139
last-modified: Tue, 29 Jun 2021 20:46:17 GMT
server: cloudflare
etag: "60db8699-17fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0psysAEf0i7E0PVisWLkxIBaC%2BbK%2FbdjixoY1bsDj0hOLKdb6dMQrM1EgIcVOsChMP%2FbfO14%2BpuyOZQbNVa6IDoazdjIHuRtM5i0utmbX7mpqokYE%2FaKKZq9QJ8AtgyoKEYJk6pcLWQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b664e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Top-3-Bao-hiem-cham-soc-suc-khoe-toan-dien-218x150.jpg
ezcash.vn/wp-content/uploads/2021/04/ 9 KB
10 KB 150ms
143ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/04/Top-3-Bao-hiem-cham-soc-suc-khoe-toan-dien-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 25e21eb533eb562a618d736044639ccb2fd6d701ed0d28f859841cbb239dc49d

Request headers

:path: /wp-content/uploads/2021/04/Top-3-Bao-hiem-cham-soc-suc-khoe-toan-dien-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9624
last-modified: Tue, 29 Jun 2021 20:46:14 GMT
server: cloudflare
etag: "60db8696-2598"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMC0jMiCtykA1P4bVYc1DE3JNPuihMvmc1sqXWmT7ZCBied%2BEF38oJBrATQimBkUoaT2s87O0VtLNM0cl%2BU%2BXYmXrecQrYcZGeYpSA0tsPyZs3gRqkedwiv4npK2XDAIAB0e1bkFLkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b684e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Quy-tac-bao-hiem-suc-khoe.jpg
ezcash.vn/wp-content/uploads/2020/11/ 100 KB
100 KB 82ms
75ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/Quy-tac-bao-hiem-suc-khoe.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a373d21f884ed26b4ff8528f7e4e3bbbcb2698744b9a71e7d51ce75723e13a4f

Request headers

:path: /wp-content/uploads/2020/11/Quy-tac-bao-hiem-suc-khoe.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 102034
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-18e92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu7KFI8wXf3Eoc1SZijcg%2FOugvrLzcpSRQdx7mhgRPL97276ZV8kyWX1ZAINaZma%2FqctNgxKAuLCGIR6ZZirve4nEMxRekP6fas9CJl%2BG62QrJ%2F2X9cQ3LeVxyK%2Bd2m7Y1piqWefMk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b6a4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 HD-Bank-scaled-218x150.jpg
ezcash.vn/wp-content/uploads/2021/03/ 8 KB
9 KB 76ms
69ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/03/HD-Bank-scaled-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7992b9b762ee59ddf729840bd3086b75367c099ca83232f8bc1dbc7584a1dd80

Request headers

:path: /wp-content/uploads/2021/03/HD-Bank-scaled-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8667
last-modified: Tue, 29 Jun 2021 20:46:12 GMT
server: cloudflare
etag: "60db8694-21db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BfrQosOWDeB5WM0%2BJCRsAsdI4Ul3WCYHy9%2BCFAQskv39bNppWRRMGKJIMzBrPAsgO4ytPhB14iLkLnVnH7A85%2Bok1iQmk2KsK0m%2F47HiYrRPDc06In28KrEBzSZC%2B4P2Kr6t7tYDqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b6c4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Goi-san-pham-Mon-qua-suc-khoe-Manulife-218x150.jpg
ezcash.vn/wp-content/uploads/2021/05/ 8 KB
9 KB 86ms
79ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/05/Goi-san-pham-Mon-qua-suc-khoe-Manulife-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 7d50c5f73e7b0e353372844fd19592889052aa13ad29093d645aa4328e4ecf34

Request headers

:path: /wp-content/uploads/2021/05/Goi-san-pham-Mon-qua-suc-khoe-Manulife-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8222
last-modified: Tue, 29 Jun 2021 20:46:16 GMT
server: cloudflare
etag: "60db8698-201e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yS%2BdxRPBaXYePKZZK9X0vnptDbN2vUkvFMaSKrCjLeuK571QrMbJTqwzy7o%2F4TL67h6FPO%2BzOMDUdfLLFLPsFqhTakGVqotoOiqOHIptpc4EZZkWLLEB4MeLCbKQVt3rTAkDBOEqUkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b6f4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Che-do-thai-san-cho-chong.jpg
ezcash.vn/wp-content/uploads/2020/11/ 45 KB
45 KB 52ms
45ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/Che-do-thai-san-cho-chong.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 89106860a7c784462a40436cb042c010725594610f0e20b8ada0ef68f2f03860

Request headers

:path: /wp-content/uploads/2020/11/Che-do-thai-san-cho-chong.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45768
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-b2c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8aYEvU1UJCkDLxWXfEAPyBNu2pzCsYRoU42FaQdo6h2oQZh7y1rE0LnzVLEbmk4x3X8giuM9ErwN%2Fp6QEMvamOb2NeEIE%2F1vvQVeqBP6wmEZO%2FO7cbKjS8nWOvd4pBVlB5q%2Bjd%2BTlDI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b704e7a-FRA
expires: Wed, 08 Sep 2021 17:11:56 GMT

GET
H3-29 200 the-ghi-no-la-gi-218x150.jpg
ezcash.vn/wp-content/uploads/2021/04/ 8 KB
9 KB 150ms
144ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/04/the-ghi-no-la-gi-218x150.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: aac895735d966d6e18c8ee06714a3a7c079ee18a393189f114199f7ff4300608

Request headers

:path: /wp-content/uploads/2021/04/the-ghi-no-la-gi-218x150.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8222
last-modified: Tue, 29 Jun 2021 20:46:15 GMT
server: cloudflare
etag: "60db8697-201e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TRHnQDdg5X9eQm7dvSZyZKYWf2VE7Z9W%2FcbmC5xEVszeZIGQfeyQc8GEWRBgqwmjNujHQWGLFS3kpWrQn%2BS2CicS2gTFHA6WCEVa%2FPVIwUP8Y5%2BhROgPmgRcuxd20uyWN441HPMScpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b714e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 nen-mo-the-tin-dung-ngan-hang-nao-218x150.png
ezcash.vn/wp-content/uploads/2021/03/ 42 KB
42 KB 150ms
144ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/03/nen-mo-the-tin-dung-ngan-hang-nao-218x150.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: fe5ef1ee8e268831347be7ce525ac65dc3141813a9c68f1c60a0419cf2748fc5

Request headers

:path: /wp-content/uploads/2021/03/nen-mo-the-tin-dung-ngan-hang-nao-218x150.png
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 42745
last-modified: Tue, 29 Jun 2021 20:46:13 GMT
server: cloudflare
etag: "60db8695-a6f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G52I2%2FBWIv6S3hoJrzYTnX54z%2FKOU3hK3%2FWgUuoyLtHFyRRo%2BuBiJ5KjxG13MEQtFAdcvYWYWntCdFNjh7K%2BDqp5P20BhogKEYmPd7ClFPg%2FWyQnRs3Gqa5uqRvFHuiVg96%2BueBzq9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b724e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Smart-Cash-VPBank.png
ezcash.vn/wp-content/uploads/2020/11/ 141 KB
142 KB 104ms
97ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/Smart-Cash-VPBank.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: b99c406631898c913a9b9710eb6039c960bddf7d35063c9c72aa0d7b33aadde6

Request headers

:path: /wp-content/uploads/2020/11/Smart-Cash-VPBank.png
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 144366
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-233ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BOEMn8AYWxEWkxMS5KjzIUxRp6K2u5hA54Pizaeagkc61LLa%2BmtxU1qa9ayNzdtS0kwnyySTvilTj2YeuRIWenjEG3YfiH1oIsZU%2B7dGk40Ws%2BT1q%2B1qvNG6FU6mBW%2FnQJDQaXszI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b754e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 The-tin-dung-SCB-Bank-400x248.jpg
ezcash.vn/wp-content/uploads/2020/11/ 14 KB
15 KB 153ms
147ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/11/The-tin-dung-SCB-Bank-400x248.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e8bb53095035f224d0317c48a574922a0b20dfb525e6ed701d19401013057410

Request headers

:path: /wp-content/uploads/2020/11/The-tin-dung-SCB-Bank-400x248.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14452
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-3874"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmsxZNhotLfnA%2FYFz1XKj0T6JTuATJQkbpg2Q%2BXMtty%2BHFyQrHfU5qgjaJAADYwAAymZptnQNV9WGOM3fFZhyZeZs4%2B%2B%2FkPOh14vowv%2FcfRYjfFuXs9bQiy4HPd90GFW%2BhzI8pE7DEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b774e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 the-jcb-la-gi-400x252.jpg
ezcash.vn/wp-content/uploads/2020/10/ 18 KB
18 KB 141ms
135ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2020/10/the-jcb-la-gi-400x252.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: d9fe574cb48957e1eb4e919cb39b7c1fdfb1e76df31bd4c38dabe7ad739c030b

Request headers

:path: /wp-content/uploads/2020/10/the-jcb-la-gi-400x252.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18213
last-modified: Tue, 29 Jun 2021 20:46:09 GMT
server: cloudflare
etag: "60db8691-4725"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYO%2FZXG8Wstz7GP8miKxbUjsZH9cafXu4Ox0h8L%2FtSuCumbGjX6R80JqTRrO1v2b8vajUg7geD3mcGro32BhJiIbs5QSrTYq5Vx28W4oXWmDugsQiBLoByUT2CRrKi0ermCDtIGSSnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b7b4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 gio-lam-viec-eximbank-2-324x160.jpg
ezcash.vn/wp-content/uploads/2021/08/ 10 KB
10 KB 153ms
148ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/gio-lam-viec-eximbank-2-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5d64061b4109274b3101b2e57927746aec152e4cdac818602252774868ce0c89

Request headers

:path: /wp-content/uploads/2021/08/gio-lam-viec-eximbank-2-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10096
last-modified: Sun, 08 Aug 2021 13:30:35 GMT
server: cloudflare
etag: "610fdc7b-2770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ix%2BrfbVtn92VCvPegeDcFP%2FluhVruAemuHFOjTFngOANgaieMh4qUZZL%2FyumBIEa%2B86s8ipDCEBtTeDja%2FB8zWIgoDex1kC9CBqPcRPhGXqA56Xzv9XeIatX0INSCNN48vxeKqzdBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b7d4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Cac-ngan-hang-co-phi-thanh-toan-som-Cap-nhat-324x160.jpg
ezcash.vn/wp-content/uploads/2021/08/ 11 KB
12 KB 93ms
88ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/Cac-ngan-hang-co-phi-thanh-toan-som-Cap-nhat-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5c9b8ebd639bf794cf255afb75bccb1d44593c32b4ea586be0f7ef83661d715a

Request headers

:path: /wp-content/uploads/2021/08/Cac-ngan-hang-co-phi-thanh-toan-som-Cap-nhat-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11402
last-modified: Thu, 05 Aug 2021 04:46:25 GMT
server: cloudflare
etag: "610b6d21-2c8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aHdjeSoHZ%2FsWLc4407IiewBkYMjGOOHn7BAg1EDh60l%2FeiCXolSRgU0x33a3o5%2BqClIZkcWQQEg8jLI60VWPpJaHdSl4G7jzJCfcc0NEOSWF%2BWtpAXAIISZtjFvkAYUWmtGETbGigw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b7e4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Payoo-la-gi-Lam-the-nao-de-dang-ky-va-324x160.png
ezcash.vn/wp-content/uploads/2021/06/ 7 KB
8 KB 153ms
148ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/06/Payoo-la-gi-Lam-the-nao-de-dang-ky-va-324x160.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 88ec183d1c0170fe46c48faaa08825244ae1d6bf45eae36f4068a897be2b2bfb

Request headers

:path: /wp-content/uploads/2021/06/Payoo-la-gi-Lam-the-nao-de-dang-ky-va-324x160.png
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7584
last-modified: Tue, 29 Jun 2021 20:46:18 GMT
server: cloudflare
etag: "60db869a-1da0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fA6RK5WcLDBb5OXbdkTB9wwg0OKXXkuB5BiXABepRDOzEFUDhkp3b1ImuG5fefIVvuT9WsWRW4WrXlfhnajiv%2FteWFFVpB%2BER9HAKNt%2BO6rozwd0W%2BDcoUYyk5dIuq5g62GcL044oM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b7f4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Ty-suat-loi-nhuan-la-gi-Cong-thuc-va-y-324x160.jpg
ezcash.vn/wp-content/uploads/2021/08/ 12 KB
13 KB 80ms
75ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/Ty-suat-loi-nhuan-la-gi-Cong-thuc-va-y-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 5732380d5d0408e5996474cb2f30781b8eef508b325c5f77195ec2bd6a7e1a1f

Request headers

:path: /wp-content/uploads/2021/08/Ty-suat-loi-nhuan-la-gi-Cong-thuc-va-y-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 12210
last-modified: Thu, 05 Aug 2021 06:51:33 GMT
server: cloudflare
etag: "610b8a75-2fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK3gZsKJIZEfJdqMxA7CsZYMj7sK%2FBlrAzFhaR8jums4VIIMHtQ3bh%2B%2BIb74auVEkvDEPd8a2iDuhaT8dj1rrMDDWMell%2BIuZB7dG5gS%2FfhsM%2BiLsf2uH3fIILPkfb0aA75izgIkVIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b804e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 huong-dan-tra-cuu-ma-so-bao-hiem-xa-hoi-324x160.jpg
ezcash.vn/wp-content/uploads/2021/08/ 11 KB
12 KB 130ms
125ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/huong-dan-tra-cuu-ma-so-bao-hiem-xa-hoi-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ea3d3b201e0a5456f4ff2809e335a017c94e0f153c4b1267e78884b05f03e913

Request headers

:path: /wp-content/uploads/2021/08/huong-dan-tra-cuu-ma-so-bao-hiem-xa-hoi-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11294
last-modified: Thu, 05 Aug 2021 04:42:55 GMT
server: cloudflare
etag: "610b6c4f-2c1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59VxtaMKGtgwejedAGTlnMO9j86h1T2sNigArMOVqqPKg1Robb6dyi6cvB6xY18zAxSt5P%2BaTh7e%2Fyr6tfrDk71eN3nvdTQxQDeGpe0GvDR3gjFKWMa1XY4DZb8sxSWWI%2BSv2vfjZMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b814e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Ngan-hang-Tnex-Msb-la-gi-Lam-the-nao-de-324x160.png
ezcash.vn/wp-content/uploads/2021/07/ 38 KB
39 KB 154ms
149ms Image
image/png 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/07/Ngan-hang-Tnex-Msb-la-gi-Lam-the-nao-de-324x160.png
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8ff944fa851b1d2ab4751eea22a2a387baf75517d3f28be9477dae409e2705e2

Request headers

:path: /wp-content/uploads/2021/07/Ngan-hang-Tnex-Msb-la-gi-Lam-the-nao-de-324x160.png
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 38805
last-modified: Thu, 08 Jul 2021 02:50:40 GMT
server: cloudflare
etag: "60e66800-9795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPuQyvO1cTAVTN6SYm5d0zXLdC39tm5ph%2BXH9VU08sJEm8pZrU5PWP%2FyP8WJF3TUpDfPkgqocjnICElS%2BeUdPSLseSq3SQBftiyhUFPTQYuqYraNuWmFGPfNPLBquOGBtwpP6vgiZ8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b844e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 Finhay-co-quothayquot-khong-Danh-gia-va-loi-khuyen-cho-324x160.jpg
ezcash.vn/wp-content/uploads/2021/08/ 10 KB
11 KB 121ms
117ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/08/Finhay-co-quothayquot-khong-Danh-gia-va-loi-khuyen-cho-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 6972b687cccf3ce0f64e1addff9b7f5c749874ffdf4b48da0c12886cabd3990e

Request headers

:path: /wp-content/uploads/2021/08/Finhay-co-quothayquot-khong-Danh-gia-va-loi-khuyen-cho-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10307
last-modified: Wed, 04 Aug 2021 16:46:05 GMT
server: cloudflare
etag: "610ac44d-2843"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvnzlF59VJXQ9FeccP3T4dRHQINFUpPSFZ90gwH6xWJOhAqRp0ksdluwDJ6jbnMSqXBQ0pX6WR8A3CBYvgtlHS1m20Zt1%2Fc04MI5u%2FMSAMPrI%2B3vT9Q%2FPfO%2B997WvPSOlSd%2FPCz6UpA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b884e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 dao-han-la-gi-324x160.jpg
ezcash.vn/wp-content/uploads/2021/07/ 12 KB
12 KB 154ms
150ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/07/dao-han-la-gi-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e16ddca48d0094937df693c45b9f7a303a28a33ba9756f86859a67ac14e84e2b

Request headers

:path: /wp-content/uploads/2021/07/dao-han-la-gi-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11893
last-modified: Mon, 02 Aug 2021 15:04:30 GMT
server: cloudflare
etag: "6108097e-2e75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olJ6yicCyFlmZIiLStvifPVM7LhBCPzT4Ll6FxfY369qHZUur1RR%2FWyokl%2BDt09rU3jNxkVzM3fbWZ974x3NET4jy9GEZ75htUaLsZfZm1ujmWO96bbR7V9juMoUROcVhhxSKKkPGr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b450b894e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

POST
H3-29 204 result Show response
ezcash.vn/cdn-cgi/bm/cv/ 0
745 B 22ms
22ms XHR
text/plain 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezcash.vn/cdn-cgi/bm/cv/result?req_id=67c29b405bc84eaf
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://ezcash.vn
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1; __gads=ID=1d047d5f5f18e5f1-223397689cc90021:T=1628529116:RT=1628529116:S=ALNI_MZI6TMqJuWZ271_KTJVhuo-N39TSw
content-length: 424
:path: /cdn-cgi/bm/cv/result?req_id=67c29b405bc84eaf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr4F2NrbwG08y7kNPhfTvRxN96IOv3PrFU550Qehdh6yf5BI69km3%2BzOLn%2FriXweYB%2BYmMPrE8L6j6%2FasMhW6iuRA89AOTrGXGizpuwIB0hf6BRltnmWWuMMIq%2B8SGHAb8E9AZzW150%3D"}],"group":"cf-nel","max_age":604800}
set-cookie: __cf_bm=99b3e0038074420d2e1e78e8f70fa0a91c6f7b6f-1628529117-1800-AWW1MjUxiGglLAhqzrVfzvBFchI8oeZYsuQEWPUpOn+US2lud4ZTa8uMKpRKaXhArFCN6IvQYl2Uun9zjOln/4udRUltwS5Wl8Uq2/56IF5eGntKZSlzbHgxsF2WCCJ3FKNVERRmRbW82vxhebBmKus=; path=/; expires=Mon, 09-Aug-21 17:41:57 GMT; domain=.ezcash.vn; HttpOnly; Secure; SameSite=None
cf-ray: 67c29b459c9e4e7a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 Von-luu-dong-rong-la-gi-Cong-thuc-tinh-toan-324x160.jpg
ezcash.vn/wp-content/uploads/2021/07/ 14 KB
14 KB 34ms
34ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/07/Von-luu-dong-rong-la-gi-Cong-thuc-tinh-toan-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a19a28ec2e31c591d2c0d1f9a0575f03744a0d5f43ff251671ffebc787240b1e

Request headers

:path: /wp-content/uploads/2021/07/Von-luu-dong-rong-la-gi-Cong-thuc-tinh-toan-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1; __gads=ID=1d047d5f5f18e5f1-223397689cc90021:T=1628529116:RT=1628529116:S=ALNI_MZI6TMqJuWZ271_KTJVhuo-N39TSw; __cf_bm=99b3e0038074420d2e1e78e8f70fa0a91c6f7b6f-1628529117-1800-AWW1MjUxiGglLAhqzrVfzvBFchI8oeZYsuQEWPUpOn+US2lud4ZTa8uMKpRKaXhArFCN6IvQYl2Uun9zjOln/4udRUltwS5Wl8Uq2/56IF5eGntKZSlzbHgxsF2WCCJ3FKNVERRmRbW82vxhebBmKus=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14213
last-modified: Sat, 31 Jul 2021 06:50:25 GMT
server: cloudflare
etag: "6104f2b1-3785"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvcZ%2BTtioCjv0vr95Kgni3c9JmCIo4Nhcx2pWmW%2BTNXfEDSOP2PxnexPN8MmD0c8Nocyq4t8I7ySe3DH04ZXYFOaOd24rctPzfg6Agv9ChDW9iNwt01NXfnKhjLrFumYxcbOMBJhhOY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b461dca4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

GET
H3-29 200 gio-lam-viec-citibank-1-324x160.jpg
ezcash.vn/wp-content/uploads/2021/07/ 16 KB
16 KB 43ms
43ms Image
image/jpeg 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ezcash.vn/wp-content/uploads/2021/07/gio-lam-viec-citibank-1-324x160.jpg
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c77f633dc81c42bd71b7fad4db4461942af2b51bd78cc041452a8bd2c0bd9e94

Request headers

:path: /wp-content/uploads/2021/07/gio-lam-viec-citibank-1-324x160.jpg
pragma: no-cache
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1; __gads=ID=1d047d5f5f18e5f1-223397689cc90021:T=1628529116:RT=1628529116:S=ALNI_MZI6TMqJuWZ271_KTJVhuo-N39TSw; __cf_bm=99b3e0038074420d2e1e78e8f70fa0a91c6f7b6f-1628529117-1800-AWW1MjUxiGglLAhqzrVfzvBFchI8oeZYsuQEWPUpOn+US2lud4ZTa8uMKpRKaXhArFCN6IvQYl2Uun9zjOln/4udRUltwS5Wl8Uq2/56IF5eGntKZSlzbHgxsF2WCCJ3FKNVERRmRbW82vxhebBmKus=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15993
last-modified: Thu, 29 Jul 2021 13:27:46 GMT
server: cloudflare
etag: "6102acd2-3e79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FjzXqZ71cy18e5lvUFA6Sus3pEE8vVah2Cm0kC6TzACsvGP%2FKgl2Fe3WQ492phDGCSoIg0mfko8SwTdP%2B8UNRED7spo5xWn%2BqLEXdEzSotaobYKqefDRFRME3ThwN2ONWi1sBRT1eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67c29b461dcb4e7a-FRA
expires: Wed, 08 Sep 2021 17:11:57 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c01::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-162917087-1&cid=1598871270.1628529117&jid=45174084&gjid=1148340457&_gid=1048253551.1628529117&_u=YAhAAUAAAAAAAC~&z=1989629792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 09 Aug 2021 17:11:57 GMT
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-162917087-1&cid=1598871270.1628529117&jid=45174084&_u=YAhAAUAAAAAAAC~&z=870240514

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-162917087-1&cid=1598871270.1628529117&jid=45174084&_u=YAhAAUAAAAAAAC~&z=870240514

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame 193B 18 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:09:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 193B 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:20:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 16:20:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 193B 125 KB
38 KB 36ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame 193B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:09:40 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame D230 6 KB
2 KB 19ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c42b68c843ca2f384a0d8956675026b89016e9cc2cecc2cf95fd5051dd714e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4974312103960418418/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2363
date: Tue, 03 Aug 2021 13:01:12 GMT
expires: Wed, 03 Aug 2022 13:01:12 GMT
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 533445
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 193B 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C8jB73GERYcqgN8figQfKw5SYCPzTisJj85zVzt0NyKeItEIQASC7479-YJUCoAH_hK3tA8gBCagDAcgDSKoEtwFP0BtC2Y5u94Ct-9ijOg3xNLj7Wqkc2FtCx61kx0YmpgJiuT_hSc7Th-VN0FkbVGdaXl1Hfz3YNCZHscE64twkh8FqIo6IklkOU-8iE-7mp4cnhzHkLRbAwY30oLAH1sv_AE32ckrzzIp7n7uNV84MX4IizufN0GOIc07yfJ-jgJJVBLMXBKX1ynmpnRRP1V4TtoPqlmTI7si88-HbP4a4mzax6wk7amVlMtq5taDQwmaAvw9nVHHABJyCx8L4ApIFBAgEGAGSBQQIBRgEoAYugAeS-5odqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEENe2T9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0xODI4NTc4NzgxNjU2Njc3&sigh=kt3cvXjP7XE&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 17:11:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E3C 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=90&adk=4100517743&adf=1183505835&w=728&lmt=1628529116&psa=0&format=728x90&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116719&bpp=34&bdt=446&idt=136&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&correlator=3660410951871&frm=20&pv=2&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=606&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=QHOvxJW3li&p=https%3A//ezcash.vn&dtd=162

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 16:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1740
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D230 9 KB
3 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D230 26 KB
10 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 12:37:33 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D230 186 KB
48 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame D230 84 KB
29 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 14:37:44 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame D230 73 KB
17 KB 11ms
7ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedcb6a21e5c61b02a3ceffac7393648d6ecbb4715301454be5afc2feea8b46a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 556819
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17453
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Tue, 03 Aug 2021 06:31:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:31:38 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D230 2 KB
536 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 16:51:11 GMT
server: ESF
date: Mon, 09 Aug 2021 17:11:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1E3C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXw9VcnhNKwHOnuML9jKQHD9Uez_YQ5FKOLHLojrG7nGFpFMsnYpXEOldLm4o
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 17:11:57 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 09-Aug-2021 18:11:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 17:11:57 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 17:11:57 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 193B 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5bea11af0e8b7182a239ba6a702097b524b1f12bce2723e810dae487ac99cbf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 iphone.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame D230 34 KB
34 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/iphone.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca47181ed92ffcc150bede46f12f67ddac9717e832b73ffad4effe4ab512e9c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 551892
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34600
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Tue, 03 Aug 2021 07:53:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 07:53:45 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame D230 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 20:17:54 GMT

GET
H3-29 200 screen2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame D230 18 KB
18 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/screen2.png

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5eecf7064a67fd50f39fb6a284da28b7303b79656d7f75f6ddeb9e105ba3340

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 524652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18375
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Tue, 03 Aug 2021 15:27:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 15:27:45 GMT

GET
H3-29 200 screen3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame D230 19 KB
19 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/screen3.png

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

667b811ce6a7db6c2af74280bc125a503069b2fa6a2c0e5208bec86885f022f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 377312
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19889
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Thu, 05 Aug 2021 08:23:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 08:23:25 GMT

GET
H2 200 359d8744270302c99802f1759c580b27.js Show response
www.gstatic.com/mysidia/ Frame D3C5 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/359d8744270302c99802f1759c580b27.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=2240882208&adf=906138332&w=300&lmt=1628529116&psa=0&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116815&bpp=6&bdt=542&idt=120&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=2248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rHD2dvwOGi&p=https%3A//ezcash.vn&dtd=122

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 09:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3505
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 17:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 09:18:09 GMT

GET
H2 200 697eb35175a5e1a92c6f513115607e09.js Show response
www.gstatic.com/mysidia/ Frame D3C5 132 KB
49 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/697eb35175a5e1a92c6f513115607e09.js?tag=video_mra/web_raspberry

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33e8ca7e480e677aa3d3c013967d5473b07d886c233f5a2d12edfd0a0171a209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Aug 2021 23:05:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49756
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 17:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Nov 2021 23:05:52 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame D3C5 5 KB
615 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

173f455d47754c1069234e9a72ea304ed3c631a68ad2b0a1148e9a4421396e9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 16:48:20 GMT
server: ESF
date: Mon, 09 Aug 2021 17:11:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame D3C5 1 KB
857 B 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:05:22 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame D3C5 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:09:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame D3C5 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 706
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:00:11 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3C5 125 KB
38 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame D3C5 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:09:40 GMT

GET
H3-29 200 42d1b86cb875341df5a163347562cfa0.js Show response
www.gstatic.com/mysidia/ Frame D3C5 26 KB
11 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/42d1b86cb875341df5a163347562cfa0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 09:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10795
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 17:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Nov 2021 09:18:09 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1380436365541526711/ Frame D3C5 595 B
622 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1380436365541526711/downsize_200k_v1?w=100&h=100

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34893f66ebd8a99fcaea439feba10ccbaaae4cda54572a0ac722b670d35e4ad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 01:52:57 GMT
x-content-type-options: nosniff
age: 314340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 595
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 15:21:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Aug 2022 01:52:57 GMT

GET
DATA 200
OK truncated
/ Frame D3C5 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame D3C5 0
339 B 277ms
99ms Ping
image/gif 2607:f8b0:4006:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ks4w6thc&c=8452644853912&slotId=4226322426956&qqid=CO-0p9y3pPICFRgZ4AodmfYDsA&sei=44729911%2C44730425%2C44730426&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/697eb35175a5e1a92c6f513115607e09.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5637485221042009518/ Frame D3C5 144 KB
144 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5637485221042009518/downsize_200k_v1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

882150b8819ce1baf43c527e3235433da1aa512de61fc15aa668db30ca911cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 01:36:33 GMT
x-content-type-options: nosniff
age: 56124
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147808
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 10:20:28 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 01:36:33 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3C5 0
0 34ms
33ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6O5N3WERYa_SDZiygAeZ7Y-AC9SXotBjuNa00fkN_viA2sMBEAEgu-O_fmCVAqAB1dX1wwPIAQmpAhQDzsy2u7M-qAMByAPLBKoEuAFP0EWKhGalRr4v4v1B4Gzzkgjg-0XbB1YZs4R7rYPEnICBpj9mLQxO9otuRXS3KLve49tQmH1BCPcMGFIJz5C8aNjW8janDk-FyLo4z_maYu-KGO6ifdUDQnxL1IdqWi2AkeCLI_U_TAGtmNqGVzTjusWAMki1VCq3ou75My8g5UBf9hzIHMnX5vG686FNCXNZxVuGyoNq5qLnP0b891NL9sZ0g9_g3n77Z-XO0mUjmXTASvDIHaX_wATIwf6nxQOSBQQIBBgBkgUECAUYBKAGLoAHk6qKPKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCmrwbSCAkIgOGAEBABGB-ACgHICwHYEw2IFALQFQGAFwGyFxoKGAgAEhRwdWItMTgyODU3ODc4MTY1NjY3Nw&sigh=bmiW13_fXz8&template_id=3484

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1828578781656677&output=html&h=250&adk=2240882208&adf=906138332&w=300&lmt=1628529116&psa=0&format=300x250&url=https%3A%2F%2Fezcash.vn%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628529116815&bpp=6&bdt=542&idt=120&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C0x0&nras=1&correlator=3660410951871&frm=20&pv=1&ga_vid=1598871270.1628529117&ga_sid=1628529117&ga_hid=1597654923&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=2248&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062065%2C31062165&oid=3&pvsid=1853456320022606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=rHD2dvwOGi&p=https%3A//ezcash.vn&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 17:11:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D3C5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2350ba2140d5195b160d25ad03bc9c8904c773eb0b2fe95bbca7252b7c6a175d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D3C5 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 12:05:12 GMT
x-content-type-options: nosniff
age: 536805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21520
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:11 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 12:05:12 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D3C5 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 07:00:41 GMT
x-content-type-options: nosniff
age: 555076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 07:00:41 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D3C5 21 KB
21 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 03:22:28 GMT
x-content-type-options: nosniff
age: 568169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 03:22:28 GMT

GET
H3-29

206

videoplayback
r4---sn-4g5e6nsr.gvt1.com/ Frame D3C5
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=a639691103b95daa&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1628536317&sparams=ip,ipbits,expire,id,...
https://r4---sn-4g5e6nsr.gvt1.com/videoplayback?id=a639691103b95daa&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1628536317&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

1 MB
1 MB

73ms
64ms

Media
video/mp4

2a00:1450:4001:63::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nsr.gvt1.com/videoplayback?id=a639691103b95daa&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1628536317&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=0605659257A2C5CD115C39E872DC8301314DCA91.4D85111D3EA698A3412C21863FC367CBD281FD07&key=cms1&cms_redirect=yes&mh=ss&mip=2a01:4f8:121:131a::2&mm=28&mn=sn-4g5e6nsr&ms=nvh&mt=1628528787&mv=u&mvi=4&pl=52

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

de48b21d8548a4cc2482f4643248751e8895aacf732b7837ddc8de70fcdcf6c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 09 Jul 2021 20:27:29 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1248276/1248277
client-protocol: quic
cache-control: private, max-age=6899
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1248277
expires: Mon, 09 Aug 2021 17:11:58 GMT

Redirect headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:57 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5e6nsr.gvt1.com/videoplayback?id=a639691103b95daa&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1628536317&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=0605659257A2C5CD115C39E872DC8301314DCA91.4D85111D3EA698A3412C21863FC367CBD281FD07&key=cms1&cms_redirect=yes&mh=ss&mip=2a01:4f8:121:131a::2&mm=28&mn=sn-4g5e6nsr&ms=nvh&mt=1628528787&mv=u&mvi=4&pl=52
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 707
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 144 KB
52 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b0fd833274156a5954c4f6f409f14c829219d9d0d88e0f6f7ea89ed6fa6d0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52807
x-xss-protection: 0
server: cafe
etag: 12684224549817012931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 09 Aug 2021 17:11:57 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 17:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ezcash.vn

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 17:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/ Frame B5D8 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXw9VcnhNKwHOnuML9jKQHD9Uez_YQ5FKOLHLojrG7nGFpFMsnYpXEOldLm4o; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 08 Aug 2021 20:49:40 GMT
expires: Sun, 22 Aug 2021 20:49:40 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 73338
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame 738E 6 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c42b68c843ca2f384a0d8956675026b89016e9cc2cecc2cf95fd5051dd714e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4974312103960418418/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2363
date: Tue, 03 Aug 2021 13:01:12 GMT
expires: Wed, 03 Aug 2022 13:01:12 GMT
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 533446
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B5D8 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwJjz3WERYdjZDdf47gPN3JPYBPzTisJj85zVzt0NyKeItEIQASC7479-YJUCoAH_hK3tA8gBCagDAcgDSKoEwgFP0EBbdbArBk41lThdRfyCpMPNdLRkYEOHynwp4TW7l0xZiO0lNmybYR8b7YhnUrmwO6HPJPV0rHCiFyvpAxVLDPRU8XTGIztYFdsiZp9oQLaXZyB8qpbIgNpd_FCw4JdULKGilsDQME0T4IOXOwEeHlna7BA4my_mr2zQQmDjfcXLKKO83vVD-vFCfoMaXi-jwxetsbkZ9IQvE4C9xlJNIaMxJOUperkDiZtlqPKFdMU6lIB-Pj7jol88GIgjzDWbBMAEnILHwvgCkgUECAQYAZIFBAgFGASgBi6AB5L7mh2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwUQ09GSA9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0xODI4NTc4NzgxNjU2Njc3&sigh=6S-nxW-7O_o&template_id=419

Requested by

Host: ezcash.vn
URL: https://ezcash.vn/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 09 Aug 2021 17:11:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/ Frame B5D8 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7614
x-xss-protection: 0
server: cafe
etag: 9899176843389144697
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:09:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame B5D8 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:00:11 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5D8 125 KB
38 KB 192ms
191ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:58 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1628249295356546"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38372
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:11:58 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/ Frame B5D8 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210805/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 11055049251678278959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 23 Aug 2021 17:09:40 GMT

GET
H/1.1 200
OK bootstrap.css
www.tygia.com/rate/css/ Frame E7DD 324 KB
43 KB 185ms
184ms Stylesheet
text/css 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/css/bootstrap.css
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 421496ac07d134df15432e1e72bcd8ef51e2f764b28732c7ed8aaad6ea716b6e

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: W/"5a61cad4-50f62"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.js Show response
www.tygia.com/rate/js/ Frame E7DD 67 KB
15 KB 304ms
303ms Script
application/javascript 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/js/bootstrap.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: W/"5a61cad4-10d5a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bootstrap-datepicker.min.js Show response
www.tygia.com/rate/ Frame E7DD 60 KB
19 KB 478ms
173ms Script
application/javascript 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/bootstrap-datepicker.min.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 9057da746eeace2b46bb45f6a64e45dee47932fd8d9c15307f9e1fac4ab4c570

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: W/"5a61cad4-f0ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
www.tygia.com/rate/fonts/ Frame E7DD 18 KB
18 KB 493ms
187ms Font
font/woff2 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: "5a61cad4-466c"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18028

GET
H/1.1 200
OK flags.gif
www.tygia.com/rate/ Frame E7DD 30 KB
31 KB 521ms
348ms Image
image/gif 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tygia.com/rate/flags.gif
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: a1b45e5284559e7f2601c96de3a8b3b1245a4a34dd1b6eb3c95b6a4563e28dd1

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: "5a61cad4-7897"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30871

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 738E 9 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 19:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77768
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 09 Aug 2021 19:35:50 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 738E 26 KB
10 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 12:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 10 Aug 2021 12:37:33 GMT

GET
H3-29 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 738E 186 KB
48 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 09 Aug 2021 17:11:58 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 738E 84 KB
29 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 14:37:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 14:37:44 GMT

GET
H3-29 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame 738E 73 KB
17 KB 10ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bedcb6a21e5c61b02a3ceffac7393648d6ecbb4715301454be5afc2feea8b46a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 556820
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17453
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Tue, 03 Aug 2021 06:31:38 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:31:38 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 738E 2 KB
536 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 16:48:16 GMT
server: ESF
date: Mon, 09 Aug 2021 17:11:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Aug 2021 17:11:58 GMT

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 0A30 35 KB
13 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 20:17:54 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0C1 143 B
163 B 13ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXw9VcnhNKwHOnuML9jKQHD9Uez_YQ5FKOLHLojrG7nGFpFMsnYpXEOldLm4o; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 09 Aug 2021 16:42:57 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame E7DD 95 KB
33 KB 19ms
8ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.tygia.com
URL: https://www.tygia.com/api2.php?auto=1&change=1&flag=1&column=3&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=0&gold=0&rate=1&ngoaite=USD,JPY,EUR,GBP,AUD,CAD,CHF,DKK,HKD,INR,KRW,KWD,MYR,NOK,RUB,SAR,SEK,SGD,THB&expand=1&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 11:09:48 GMT

GET
H3-29

200

loader.js Show response
www.gstatic.com/charts/ Frame E7DD
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
19 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:25:58 GMT

Redirect headers

date: Mon, 09 Aug 2021 17:00:47 GMT
x-content-type-options: nosniff
server: sffe
age: 671
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:30:47 GMT

GET
H3-29 200 iphone.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame 738E 34 KB
34 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/iphone.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca47181ed92ffcc150bede46f12f67ddac9717e832b73ffad4effe4ab512e9c5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 551893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34600
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Tue, 03 Aug 2021 07:53:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 07:53:45 GMT

GET
H3-29 200 screen2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame 738E 18 KB
18 KB 6ms
5ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/screen2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5eecf7064a67fd50f39fb6a284da28b7303b79656d7f75f6ddeb9e105ba3340

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 524653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18375
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Tue, 03 Aug 2021 15:27:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 15:27:45 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0C1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

46ms
45ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkXw9VcnhNKwHOnuML9jKQHD9Uez_YQ5FKOLHLojrG7nGFpFMsnYpXEOldLm4o; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 17:11:58 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 09-Aug-2021 18:11:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 09 Aug 2021 17:11:58 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 09 Aug 2021 17:11:58 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 738E 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 20:17:54 GMT

GET
H3-29 200 screen3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/ Frame 738E 19 KB
19 KB 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974312103960418418/screen3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

667b811ce6a7db6c2af74280bc125a503069b2fa6a2c0e5208bec86885f022f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 377313
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19889
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:47:09 GMT
server: sffe
date: Thu, 05 Aug 2021 08:23:25 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Aug 2022 08:23:25 GMT

GET
DATA 200
OK truncated
/ Frame B5D8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 392af02fa2b21efd001d114bd253a281b834bc64a469ab31fc8bc5e937891d25

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bootstrap.css
www.tygia.com/rate/css/ Frame D02F 324 KB
43 KB 227ms
183ms Stylesheet
text/css 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/css/bootstrap.css
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 421496ac07d134df15432e1e72bcd8ef51e2f764b28732c7ed8aaad6ea716b6e

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: W/"5a61cad4-50f62"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bootstrap.js Show response
www.tygia.com/rate/js/ Frame D02F 67 KB
15 KB 506ms
168ms Script
application/javascript 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/js/bootstrap.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: W/"5a61cad4-10d5a"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK bootstrap-datepicker.min.js Show response
www.tygia.com/rate/ Frame D02F 60 KB
19 KB 336ms
168ms Script
application/javascript 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/bootstrap-datepicker.min.js
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 9057da746eeace2b46bb45f6a64e45dee47932fd8d9c15307f9e1fac4ab4c570

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: W/"5a61cad4-f0ec"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
www.tygia.com/rate/fonts/ Frame D02F 18 KB
18 KB 369ms
187ms Font
font/woff2 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: ezcash.vn
URL: https://ezcash.vn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: "5a61cad4-466c"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18028

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 193B 42 B
64 B 25ms
24ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKu8OP_lczATiSl8ZP9z2f8PRcumwkO4gRO3t59VAxfeGU65W16QpBELrCC_RuAbTIM9SWQTSphjtEEISNHjgtW61XxPXTisrNajEVWFOV4ezfHj1GvcAGflxVHQ&sai=AMfl-YRsgCUSSfRy9wxd1VhDfF9PX_5nQi6K-GyFZdMQaJuTuQuc5aGp_GHGX_Nl4GvCuKddMs-QOp4hzUhG&sig=Cg0ArKJSzDXpSn131iHLEAE&id=lidar2&mcvt=1009&p=57,606,147,1334&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4100517743&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628529116884&dlt=446&rpt=118&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame D02F 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.tygia.com
URL: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 11:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Aug 2022 11:09:48 GMT

GET
H/1.1 200
OK loading.gif
www.tygia.com/rate/ Frame D02F 5 KB
6 KB 186ms
185ms Image
image/gif 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tygia.com/rate/loading.gif
Requested by: Host: www.tygia.com
URL: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 58a5c2684b9865c646f6f9091b65c71cacd95519539f1c1c52afda48047127bc

Request headers

Referer: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: "5a61cad4-1528"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5416

GET
H/1.1 200
OK loading.gif
tygia.com/rate/ Frame D02F 5 KB
6 KB 552ms
181ms Image
image/gif 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tygia.com/rate/loading.gif
Requested by: Host: www.tygia.com
URL: https://www.tygia.com/api2.php?auto=1&change=1&flag=0&column=2&titlecolor=fefefe&upcolor=00bb00&downcolor=bb0000&textcolor=333333&gbcolor=&css=&title=0&chart=1&gold=1&rate=0&ngoaite=USD,JPY,EUR,GBP,AUD,CAD&expand=0&color=5aa332&nganhang=&fontsize=100&ngay&locale=vn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: 58a5c2684b9865c646f6f9091b65c71cacd95519539f1c1c52afda48047127bc

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:59 GMT
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: "5a61cad4-1528"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5416

GET
H3-29

200

loader.js Show response
www.gstatic.com/charts/ Frame D02F
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
19 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:25:58 GMT

Redirect headers

date: Mon, 09 Aug 2021 17:00:47 GMT
x-content-type-options: nosniff
server: sffe
age: 671
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:30:47 GMT

GET
H3-29 200 loader.js Show response
www.gstatic.com/charts/51/ Frame E7DD 48 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/loader.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:04:22 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:15:55 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame E7DD 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5724
date: Mon, 09 Aug 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 17:36:34 GMT

GET
DATA 200
OK truncated
/ Frame E7DD 692 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039b82df886e6b2ba08449ed203b689c4059700545a69858cd6ab587fb208643

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
www.tygia.com/rate/fonts/ Frame E7DD 18 KB
18 KB 225ms
178ms Font
font/woff2 192.53.117.207
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tygia.com/rate/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.tygia.com
URL: https://www.tygia.com/rate/css/bootstrap.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.53.117.207 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li2213-207.members.linode.com
Software: openresty /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://www.tygia.com
Referer: https://www.tygia.com/rate/css/bootstrap.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

s1: -|1||tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|tg_com_112234/tygia.com/public_html|/customize/index.php|1
Date: Mon, 09 Aug 2021 17:11:58 GMT
Last-Modified: Fri, 19 Jan 2018 10:39:16 GMT
Server: openresty
ETag: "5a61cad4-466c"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18028

GET
H3-29 200 tooltip.css
www.gstatic.com/charts/51/css/core/ Frame E7DD 1 KB
558 B 7ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/core/tooltip.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 533
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:46:40 GMT

GET
H3-29 200 util.css
www.gstatic.com/charts/51/css/util/ Frame E7DD 12 KB
12 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/util/util.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:08:43 GMT
x-content-type-options: nosniff
age: 195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12720
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 18:08:43 GMT

GET
H3-29 200 jsapi_compiled_default_module.js Show response
www.gstatic.com/charts/51/js/ Frame E7DD 263 KB
263 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_default_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7e72eecf6a4fb2981627eb8d15b947d394398db4e67c7ca7705749cdb2f832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:37:58 GMT
x-content-type-options: nosniff
age: 2040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269363
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:37:58 GMT

GET
H3-29 200 jsapi_compiled_graphics_module.js Show response
www.gstatic.com/charts/51/js/ Frame E7DD 24 KB
24 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_graphics_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad0d8bf9e4659eb773ec937a69b25c1e8869b17c43acd258f01e268f0194088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:18:23 GMT
x-content-type-options: nosniff
age: 3215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24811
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:18:23 GMT

GET
H3-29 200 jsapi_compiled_ui_module.js Show response
www.gstatic.com/charts/51/js/ Frame E7DD 507 KB
508 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_ui_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0867ee1df230c80dc1601a8c56c499fabe444ab3ec173ce8b901444560c8816d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:26:49 GMT
x-content-type-options: nosniff
age: 2709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519614
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:26:49 GMT

GET
H3-29 200 jsapi_compiled_corechart_module.js Show response
www.gstatic.com/charts/51/js/ Frame E7DD 8 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_corechart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c48eef4e305a1f7e77d50dcac4b5f7baf250b0d55dfbab468db645bfb13c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1354
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 18:10:23 GMT

GET
H3-29 200 jsapi_compiled_fw_module.js Show response
www.gstatic.com/charts/51/js/ Frame E7DD 83 KB
25 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_fw_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23dda07bcc257665b937985a24a105e5e759cda1bd2e277a0cb43acbf6f92f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25803
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:48:01 GMT

GET
H3-29 200 dygraph-tickers-combined.js Show response
www.gstatic.com/charts/51/third_party/dygraphs/ Frame E7DD 18 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/third_party/dygraphs/dygraph-tickers-combined.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d9e48b0d5a604dbce0921ef4c0a8f8e44e265ef52faad0031cca0449d066c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6003
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:47:57 GMT

GET
H3-29 200 webfont.js Show response
www.gstatic.com/charts/51/third_party/webfontloader/ Frame E7DD 17 KB
7 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/third_party/webfontloader/webfont.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770caf20a6970edf3c4af368145962743cc58ed16d29ff235c758e9788d37b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6672
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:28:02 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:37:35 GMT

GET
H3-29 200 jsapi_compiled_line_module.js Show response
www.gstatic.com/charts/51/js/ Frame E7DD 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_line_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a262933654f6acffd409a81ebf5505989db1082c0f956bd9e2bef955e7b92df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 18:10:29 GMT

GET
H3-29 200 loader.js Show response
www.gstatic.com/charts/51/ Frame D02F 48 KB
16 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/loader.js

Requested by

Host: www.google.com
URL: https://www.google.com/jsapi

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15900
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:04:22 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:15:55 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame D02F 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 5724
date: Mon, 09 Aug 2021 15:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Mon, 09 Aug 2021 17:36:34 GMT

GET
H3-29 200 tooltip.css
www.gstatic.com/charts/51/css/core/ Frame D02F 1 KB
558 B 6ms
5ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/core/tooltip.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 533
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:46:40 GMT

GET
H3-29 200 util.css
www.gstatic.com/charts/51/css/util/ Frame D02F 12 KB
12 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/css/util/util.css

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:08:43 GMT
x-content-type-options: nosniff
age: 195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12720
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 18:08:43 GMT

GET
H3-29 200 jsapi_compiled_default_module.js Show response
www.gstatic.com/charts/51/js/ Frame D02F 263 KB
263 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_default_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7e72eecf6a4fb2981627eb8d15b947d394398db4e67c7ca7705749cdb2f832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:37:58 GMT
x-content-type-options: nosniff
age: 2040
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 269363
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:37:58 GMT

GET
H3-29 200 jsapi_compiled_graphics_module.js Show response
www.gstatic.com/charts/51/js/ Frame D02F 24 KB
24 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_graphics_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad0d8bf9e4659eb773ec937a69b25c1e8869b17c43acd258f01e268f0194088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:18:23 GMT
x-content-type-options: nosniff
age: 3215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24811
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:18:23 GMT

GET
H3-29 200 jsapi_compiled_ui_module.js Show response
www.gstatic.com/charts/51/js/ Frame D02F 507 KB
508 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_ui_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0867ee1df230c80dc1601a8c56c499fabe444ab3ec173ce8b901444560c8816d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:26:49 GMT
x-content-type-options: nosniff
age: 2709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519614
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:26:49 GMT

GET
H3-29 200 jsapi_compiled_corechart_module.js Show response
www.gstatic.com/charts/51/js/ Frame D02F 8 KB
1 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_corechart_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c48eef4e305a1f7e77d50dcac4b5f7baf250b0d55dfbab468db645bfb13c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1354
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 18:10:23 GMT

GET
H3-29 200 jsapi_compiled_fw_module.js Show response
www.gstatic.com/charts/51/js/ Frame D02F 83 KB
25 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_fw_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23dda07bcc257665b937985a24a105e5e759cda1bd2e277a0cb43acbf6f92f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25803
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:48:01 GMT

GET
H3-29 200 dygraph-tickers-combined.js Show response
www.gstatic.com/charts/51/third_party/dygraphs/ Frame D02F 18 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/third_party/dygraphs/dygraph-tickers-combined.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476d9e48b0d5a604dbce0921ef4c0a8f8e44e265ef52faad0031cca0449d066c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:47:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6003
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:22:13 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:47:57 GMT

GET
H3-29 200 webfont.js Show response
www.gstatic.com/charts/51/third_party/webfontloader/ Frame D02F 17 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/third_party/webfontloader/webfont.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770caf20a6970edf3c4af368145962743cc58ed16d29ff235c758e9788d37b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 16:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6672
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:28:02 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 17:37:35 GMT

GET
H3-29 200 jsapi_compiled_line_module.js Show response
www.gstatic.com/charts/51/js/ Frame D02F 3 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/51/js/jsapi_compiled_line_module.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/charts/51/loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a262933654f6acffd409a81ebf5505989db1082c0f956bd9e2bef955e7b92df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tygia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:10:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 89
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1033
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 03:09:09 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Mon, 09 Aug 2021 18:10:29 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame D3C5 0
17 B 189ms
98ms Ping
image/gif 2607:f8b0:4006:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ks4w6tho&c=8452644853912&slotId=4226322426956&qqid=CO-0p9y3pPICFRgZ4AodmfYDsA&umsem=0&ape=1&ple=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/697eb35175a5e1a92c6f513115607e09.js?tag=video_mra/web_raspberry
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:800::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5D8 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOqZ2vO7D_-8hxm9snnTn6f5KRRgI7F0bjCH4DUmoWB8xtW7os_jHZp4qgvSK0egJwA_VHb95_6ONfg9oR_g7WDGCCVm5O7Ek5ypKfMLJpVSf4c3cn9eKOndmvTQ&sai=AMfl-YQFRx1Fu3eLiX3pdzvBmzTtoeEgwPyegttmnkG5OSBVWDilLZtNDf7mNZfk9wmcTJxltin1nkE6Yc6q&sig=Cg0ArKJSzF5rn1fr4y_ZEAE&id=lidar2&mcvt=1001&p=1106,299,1231,1304&mtos=0,763,1001,1106,1106&tos=0,763,238,105,0&v=20210806&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=2&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628529118053&dlt=17&rpt=12&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7acfd3a5fd76be1700c6749205c29ec6aa2af85d21e48b2a46334f6f159a8d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 09 Aug 2021 17:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8672
x-xss-protection: 0

POST
H3-29 200 rum Show response
ezcash.vn/cdn-cgi/ 0
162 B 10ms
9ms XHR
text/plain 2606:4700:3031::ac43:c737
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ezcash.vn/cdn-cgi/rum?req_id=67c29b405bc84eaf

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::ac43:c737 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ezcash.vn
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _ga=GA1.2.1598871270.1628529117; _gid=GA1.2.1048253551.1628529117; _gat_gtag_UA_162917087_1=1; __gads=ID=1d047d5f5f18e5f1-223397689cc90021:T=1628529116:RT=1628529116:S=ALNI_MZI6TMqJuWZ271_KTJVhuo-N39TSw; __cf_bm=99b3e0038074420d2e1e78e8f70fa0a91c6f7b6f-1628529117-1800-AWW1MjUxiGglLAhqzrVfzvBFchI8oeZYsuQEWPUpOn+US2lud4ZTa8uMKpRKaXhArFCN6IvQYl2Uun9zjOln/4udRUltwS5Wl8Uq2/56IF5eGntKZSlzbHgxsF2WCCJ3FKNVERRmRbW82vxhebBmKus=
content-length: 1275
:path: /cdn-cgi/rum?req_id=67c29b405bc84eaf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ezcash.vn
referer: https://ezcash.vn/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

date: Mon, 09 Aug 2021 17:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://ezcash.vn
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 67c29b5568154e7a-FRA
vary: Origin

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Aug 2021 17:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 09 Aug 2021 17:11:59 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D137 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Mon, 09 Aug 2021 16:37:32 GMT
expires: Tue, 09 Aug 2022 16:37:32 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E114 783 B
532 B 17ms
17ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ae15b9d65515e28d9f55283161c8a803948373bccf3b51353f743f3dcf148fea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gtO+i/BUk4gJ1T++4WNjCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ezcash.vn/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ezcash.vn/

Response headers

expires: Mon, 09 Aug 2021 17:11:59 GMT
date: Mon, 09 Aug 2021 17:11:59 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-gtO+i/BUk4gJ1T++4WNjCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js Show response
pagead2.googlesyndication.com/bg/ Frame D137 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tBv30B7cEwOfmOtuBIU0RKM2cx09bPxFJYI-bfU5S6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Aug 2021 20:17:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13260
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Aug 2022 20:17:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=1853456320022606&bg=!X1ylXBjNAAals0SOpbM7ACkAdvg8WkjByCSOfZhoDXDzcl7rxhrksWHmneJ3jiRjue4BV35BqkY9RAIAAABSUgAAAApoAQcKAQYz-2xdkOc5BvmApmtlR7HYQaKEybUDAsFGBsJs4BKHKEQa22ErbTCKHvNZebqzYv7OE5Dfp8DD7hgkxOSWpnttyH7x4HvUJPn9pL27E_wCMoHNcVoZIaOdH3aZviJTxlXZw6Wo2e25ZjVC560C3jPwgnVawHTL9FHghNt7Hh4e99dKbtReQdm3xrt0oVZJgQXelnt1U7jRcr5Kh3O7ax2BiEirT0cExBDBnh_U3psYGHL0fIZRN2L5a1PporFrcmyEfPH3Cnk0iC8eDSPXy25NqaL9a0gs_Tf9uNBEDuAzmMKGX_bThwJ2RY2cTYJxnmuEc6ZYoqvh0QPaAtrR1e3HtvfiNUsfmQJp-sFlq7DMXYrU04BkBg0J7RqWtK2ItmsukV-67k8WxEcX7apFa_L7120PDjvogs-KAEvsdqZa8B2hI0TpZdy8RnoRDjII0dlmG9WnNPgvTCEpuNhvlFtdiucarjTpOpspF0c0Kot9LCeNKAh2A7ta7596CLGOqhU4_o5FgsUiqGJC6KsV2oDxiOcx82YQKs7q5vQyZw1kG-chtALfXD6EhfnbS2sAtlWMMPEKtep5m4TGaiPKHTskx0NwmzebzOcYyx8LGkFvF4V89OoxNlekJSXYg_76pzeL1YvjnLkzrDxuITaU7eTkOVTKZsoS5OwO3uxVz6nPMtIXlhxMeHuodoXLrFZUlZOxolaEXfV-OZlLcLm70UYLOWx4-UdHQvqdN6xCekGa9DQu8Twae5VWaBdDljuOegAfiHuN__JlSMFTbqa-HJBXxR6MkBCNAJK47VMwXci8-w2Mopo9JyLR1wz9ww-SkyGaILYd990QNWLet-2DJqqyEoxHOfnSw19Eh58cxu-FLqsVlHFH7IbGffIq-C9tkKLROL4HZ1adYu29T-dpf634zw8gV8qIrwMzne4I2jO2b4P2Dol8-a-dB0ESNGq9kd1dj_s8yDnZQ6UVA9da1PGQC8sErd1mZDTzwhuC4i1lCz_7HAUUPEHI4V6IZH5d3aixx4wfZncv-UaG3FGssNsw2oadJg2r-nuVvSl9MpRXqiGMD6EoJfTdLX3ilcI77II6tnFQxQX3Gu_7amN0gjdLOSCUwzl_N6DNeTJnE-wVe-ytlDuypzNECnvQZ85K9IzpawCr1M09mZGe1uIOehpzrsE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ezcash.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Aug 2021 17:11:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame D230 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 600346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Aug 2022 18:26:24 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 738E 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 555593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Aug 2022 06:52:18 GMT

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:22:10	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 20:22:12	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 05:43:45	Name: IDE Value: AHWqTUkXw9VcnhNKwHOnuML9jKQHD9Uez_YQ5FKOLHLojrG7nGFpFMsnYpXEOldLm4o
.ezcash.vn/	1970-01-20 13:53:21	Name: _ga Value: GA1.2.1598871270.1628529117
.ezcash.vn/	1970-01-19 20:23:35	Name: _gid Value: GA1.2.1048253551.1628529117
.ezcash.vn/	1970-01-19 20:22:10	Name: __cf_bm Value: 99b3e0038074420d2e1e78e8f70fa0a91c6f7b6f-1628529117-1800-AWW1MjUxiGglLAhqzrVfzvBFchI8oeZYsuQEWPUpOn+US2lud4ZTa8uMKpRKaXhArFCN6IvQYl2Uun9zjOln/4udRUltwS5Wl8Uq2/56IF5eGntKZSlzbHgxsF2WCCJ3FKNVERRmRbW82vxhebBmKus=
.ezcash.vn/	1970-01-20 05:43:45	Name: __gads Value: ID=1d047d5f5f18e5f1-223397689cc90021:T=1628529116:RT=1628529116:S=ALNI_MZI6TMqJuWZ271_KTJVhuo-N39TSw
.ezcash.vn/	1970-01-19 20:22:09	Name: _gat_gtag_UA_162917087_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ezcash.vn/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
csi.gstatic.com
ezcash.vn
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.dmca.com
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5e6nsr.gvt1.com
redirector.gvt1.com
s0.2mdn.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tygia.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tygia.com
142.250.186.98
151.139.242.29
192.53.117.207
2606:4700:3031::ac43:c737
2606:4700::6810:5f41
2607:f8b0:4006:800::2003
2a00:1450:4001:63::9
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:803::200a
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2006
2a00:1450:400c:c01::9c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
039b82df886e6b2ba08449ed203b689c4059700545a69858cd6ab587fb208643
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0867ee1df230c80dc1601a8c56c499fabe444ab3ec173ce8b901444560c8816d
0a45e2a368940a339e1fe299a33363ff7349459623f794ab7c794d849c06875f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
122f7cd5173cdc0ab93e90075025ada068600a6d39f7ae49aedeb32b7363fc06
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14b96dc0cfb0fd9f1bcf864f8e1c38c8647bf5a6a529b23fd66c5d436676e4fc
15f9c7dcb6d3f3fd50ac55a55f8a4168652122756d7763c13c333c9d4b8a36f0
173f455d47754c1069234e9a72ea304ed3c631a68ad2b0a1148e9a4421396e9f
1750caab60486cf76485eeefe156bfcde7719e6aa8c253242d44b5ce49855bb3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ec45978f0a68004bbcff5a150f9eb62cfac449a51f15c5a61336a2ad1d4675
1ce8bffe9993debe0780d6912df0ac9350f43416d4a7f23c5fd86702281328dd
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
22d1d97c17ea19d4f84e02222dd6e1d688e998f3f32b5d0d511c4e9ead242f99
2350ba2140d5195b160d25ad03bc9c8904c773eb0b2fe95bbca7252b7c6a175d
23dda07bcc257665b937985a24a105e5e759cda1bd2e277a0cb43acbf6f92f7e
24b46213f316c4339410661249924ae9ec8dc9cccb2a2ff3cba18212e879fa3f
25e21eb533eb562a618d736044639ccb2fd6d701ed0d28f859841cbb239dc49d
27e54854af25b175f482f4acc3c32a5dfd363ae62292e66b9212764d323af2db
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
2a2ac34136c00e48cd04edf792aec5e6dba2b4cd5942b9383f3f56764125e808
2cb6d99c8ba2262a4d0c6d0333a35b67be6d4db6c5a7d2c4a9cff74e5970e4f6
30c48eef4e305a1f7e77d50dcac4b5f7baf250b0d55dfbab468db645bfb13c65
31bd206bcb89ba57cf7edffc5a6d7148b46e530cb8668c72a0df2e2842990655
31bd4156e14d269de39d5e4bda8b81140fe74ccf3f91c49103c4ea22c8b4cd90
32bbb415575937d96b0e0987e865afb5d6fb6cca0573cc30d2d2cebd3b817fb2
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
33e8ca7e480e677aa3d3c013967d5473b07d886c233f5a2d12edfd0a0171a209
34893f66ebd8a99fcaea439feba10ccbaaae4cda54572a0ac722b670d35e4ad5
3602bf738566f334e1cebb6e5846cbe12a8293db756cd23644a06256dd261239
36c42b68c843ca2f384a0d8956675026b89016e9cc2cecc2cf95fd5051dd714e
392af02fa2b21efd001d114bd253a281b834bc64a469ab31fc8bc5e937891d25
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
3ed1d836d8cbd345e8e8a63bb70900cbcae415e50d54a5668f86d1aad58832fd
4160349bec8bf7c5bf203937ab61abde185aeed9850835e2ac9f9fdb09e83bfa
421496ac07d134df15432e1e72bcd8ef51e2f764b28732c7ed8aaad6ea716b6e
4531fda02acff2e3d2a89e953dcc6c90a1a5c1ed5ad8da9b8e853542bb256d7d
476d9e48b0d5a604dbce0921ef4c0a8f8e44e265ef52faad0031cca0449d066c
4efd43ff6d6dc2c922d3ba71a80f7f499eb56f65df5fe2c60305b35e66062eae
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
557c7d8dd32557129cec3d5d4f221eef6e8706e0855f826f5f6db4278e08420b
5732380d5d0408e5996474cb2f30781b8eef508b325c5f77195ec2bd6a7e1a1f
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
58a5c2684b9865c646f6f9091b65c71cacd95519539f1c1c52afda48047127bc
5a262933654f6acffd409a81ebf5505989db1082c0f956bd9e2bef955e7b92df
5bc0801fc599eedc1692df6cb6e77b45785113cadcc2a48e1725c9a20af4bba4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c9b8ebd639bf794cf255afb75bccb1d44593c32b4ea586be0f7ef83661d715a
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5d64061b4109274b3101b2e57927746aec152e4cdac818602252774868ce0c89
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5dec21c9bae74f80682c44236be3c681a26e994b39b9a15101e06b7a79d24461
5e657b28cb084ea0db5d890b2e2c087134cca2e68cecdf498ae903d01c9427c1
613b9183e71eac5f067343bf95174520dde58057b165ecfe1011f83a306380f8
667b811ce6a7db6c2af74280bc125a503069b2fa6a2c0e5208bec86885f022f0
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68505ad1861f729c65cd21a9c383c4c48606dd64cfff989d4675f4b0c976c582
6972b687cccf3ce0f64e1addff9b7f5c749874ffdf4b48da0c12886cabd3990e
6ac62ad133b177d67c52cfd6b1fa821b3566637b15c3637335036aae03cf972a
770caf20a6970edf3c4af368145962743cc58ed16d29ff235c758e9788d37b50
7992b9b762ee59ddf729840bd3086b75367c099ca83232f8bc1dbc7584a1dd80
7acfd3a5fd76be1700c6749205c29ec6aa2af85d21e48b2a46334f6f159a8d12
7d50c5f73e7b0e353372844fd19592889052aa13ad29093d645aa4328e4ecf34
7e7e72eecf6a4fb2981627eb8d15b947d394398db4e67c7ca7705749cdb2f832
7f0de4157672afac565b1dd92dd11e6efbc04e3ae43fd3c3e49b29b5cd7fb5ec
81b114a11452945ea46ae9cb99f373ffb717c87f2740761a48991c757e386bba
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
882150b8819ce1baf43c527e3235433da1aa512de61fc15aa668db30ca911cb2
88ec183d1c0170fe46c48faaa08825244ae1d6bf45eae36f4068a897be2b2bfb
89106860a7c784462a40436cb042c010725594610f0e20b8ada0ef68f2f03860
89ddf822b7439eeeaeb36c7cddbe57e3fe90c25785088ffd4ed0ddabaaa9b4f0
8b0fd833274156a5954c4f6f409f14c829219d9d0d88e0f6f7ea89ed6fa6d0b0
8f0722a81c1b03ebc18826f4f29bca688a1aee89619de0be687dde8c8fab0800
8ff944fa851b1d2ab4751eea22a2a387baf75517d3f28be9477dae409e2705e2
9057da746eeace2b46bb45f6a64e45dee47932fd8d9c15307f9e1fac4ab4c570
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9ad0d8bf9e4659eb773ec937a69b25c1e8869b17c43acd258f01e268f0194088
9e7970f53b127d33d46f94989031b48f081cb4badc9124cdcaea7310ce37904b
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
a19a28ec2e31c591d2c0d1f9a0575f03744a0d5f43ff251671ffebc787240b1e
a1b45e5284559e7f2601c96de3a8b3b1245a4a34dd1b6eb3c95b6a4563e28dd1
a373d21f884ed26b4ff8528f7e4e3bbbcb2698744b9a71e7d51ce75723e13a4f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a591811de9e9685105858b83a36a2817c3d63f7b3bf328345955271bd0022a61
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aac895735d966d6e18c8ee06714a3a7c079ee18a393189f114199f7ff4300608
addb2c93a5432b562ab1b3288c26bfadf75ac68d726aa7e8f4dd32f0ad858bf7
ae15b9d65515e28d9f55283161c8a803948373bccf3b51353f743f3dcf148fea
ae3bcbf199daa998bcc1f6ce0cc67e10683f1390267efac5670bffd564c44634
b03ef4b198588654c13a7eacbf4b45a6a42b5d250019c8a6c16dc475e4e97fba
b41bf7d01edc13039f98eb6e04853444a336731d3d6cfc4525823e6df5394ba8
b42684aec36ece3b90cf107fe7a504702c7a657127d426d6ef1b97e3a7b90d11
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b53ab797b969fe986c2d98e0de813c9163596c66e63fced24b4f6bdcf5fb90f9
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b99c406631898c913a9b9710eb6039c960bddf7d35063c9c72aa0d7b33aadde6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2eee7604f3f0b5dc55018626557adccda61c7a98732f1649df6b095838fc36
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bedcb6a21e5c61b02a3ceffac7393648d6ecbb4715301454be5afc2feea8b46a
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c6bbdfaccf63f482bd7302d1754867f52034ea29a6004ac6a17767c65b92a709
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c77f633dc81c42bd71b7fad4db4461942af2b51bd78cc041452a8bd2c0bd9e94
ca47181ed92ffcc150bede46f12f67ddac9717e832b73ffad4effe4ab512e9c5
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc4cc8dd02a24b2060c1491520284dd91cc83a132fde9d70d440437257527183
cdd3f533cbb03aa426012b4b7b2a2a0b3e6d474733891f74e225bbd58538c145
ce2a70970d9ac570c26ba739edffb3b907d36b34623cecbea92e980deedd5f87
d5bea11af0e8b7182a239ba6a702097b524b1f12bce2723e810dae487ac99cbf
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7246ea8f0ede1f2eadd6aa077545b7e0423f39e19d33c7c9a99d400afbe1bbb
d8804a66490d927d2453d07427a70c6012c305c05cfde5c5c45b417dfa5e8b6f
d9ecff865234ffc669a22fd3ba7d7f1ce3649cd633bc337a4a0e96cf298df179
d9fe574cb48957e1eb4e919cb39b7c1fdfb1e76df31bd4c38dabe7ad739c030b
dbd9ada986679ea93e1c5ce15be14a98d6803966604ae5005bd65c3bc67a842e
ddf1f42a7bec68c72f80f6fecf6c7c3d934fff93d7aa035cff8468614c438d48
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de48b21d8548a4cc2482f4643248751e8895aacf732b7837ddc8de70fcdcf6c5
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
defc39740ac1859d8e2785ed473208409627e87addd5f78f2deaacb93a12d51d
e16ddca48d0094937df693c45b9f7a303a28a33ba9756f86859a67ac14e84e2b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8bb53095035f224d0317c48a574922a0b20dfb525e6ed701d19401013057410
e9c9244f08810a7573b16fd89288d4587f617de4c005b3e4d74ee034b6dbf280
ea3d3b201e0a5456f4ff2809e335a017c94e0f153c4b1267e78884b05f03e913
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f096c63a545538cfdebda14fe95764a84d9c77873fc45afc92861e34c15e906c
f0e5e8d233becdb2d0d9ad0b12ad25bdd2ec71b44bbe32ef4796b9c3dcbca340
f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f457e7ba4f05f037860eee848c712f6eef63127e70eb230b23bc9eee5c36fe35
f5eecf7064a67fd50f39fb6a284da28b7303b79656d7f75f6ddeb9e105ba3340
f6375c1018a359c267512dcb3b3bf9ae8e2221a9017afb71aeee382cfc3ea795
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe5ef1ee8e268831347be7ce525ac65dc3141813a9c68f1c60a0419cf2748fc5

ezcash.vn Open in urlscan Pro 2606:4700:3031::ac43:c737 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

209 Requests

100 %HTTPS

91 %IPv6

16 Domains

25 Subdomains

34 IPs

4 Countries

6405 kBTransfer

11137 kBSize

8 Cookies

15 Outgoing links

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ezcash.vn Open in urlscan Pro
2606:4700:3031::ac43:c737 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

100 %
HTTPS

91 %
IPv6

16
Domains

25
Subdomains

34
IPs

4
Countries

6405 kB
Transfer

11137 kB
Size

8
Cookies

209 HTTP transactions
9 data transactions